Back to Family Harbor
PrivacyTerms
Family HarborFamily Harbor

How Family Harbor Protects Your Data

Your clients trust you with their most sensitive information. We take that responsibility seriously.

Family Harbor is built from the ground up with security in mind. Estate planning documents and client data deserve bank-level protection, and that's exactly what we provide.

Data Protection

Encryption Everywhere

All data is encrypted in transit using TLS 1.3 (the same technology banks use) and encrypted at rest using AES-256 encryption.

Complete Firm Isolation

Your firm's data is completely separated from other firms at the database level using row-level security policies. There is no possibility of cross-firm data access.

Private Document Storage

Client documents are stored in private, access-controlled storage. There are no public URLs — every document request requires authentication and authorization verification.

Authentication & Access

Passwordless Authentication

We use secure magic link authentication, eliminating the risks associated with weak or reused passwords. Each login link is single-use and expires quickly.

Role-Based Access

Firm members and clients have appropriate access levels. Clients only see their own matters; firm members only see their firm's clients.

Infrastructure

We partner with industry-leading, security-certified providers:

ServiceProviderCertification
Database & AuthSupabaseSOC 2 Type II
Application HostingVercelSOC 2 Type II
Email DeliveryPostmarkSOC 2 Type II

All infrastructure is hosted in the United States with automatic backups and disaster recovery.

Security Standards

Family Harbor implements modern security headers including:

  • HSTS — Forces secure HTTPS connections
  • X-Frame-Options — Prevents clickjacking attacks
  • X-Content-Type-Options — Prevents MIME-type sniffing
  • Strict Referrer Policy — Protects sensitive URL data

Your Rights & Control

Data Portability

Export your firm's data at any time in standard formats.

Deletion Rights

Request complete deletion of your account and all associated data.

Data Ownership

You own your data. We never sell, share, or use client information for any purpose other than providing the Family Harbor service.

Questions?

We're happy to answer any security questions or provide additional documentation for your firm's compliance requirements.

Email: hello@familyharbor.com