Privacy & data

Data in your workspace

Melvore Registry stores the information you add while using the product: assets (including images and valuations), documents and timeline events, contacts and addresses, reminder preferences, share-links you create, audit-related activity, and billing metadata handled by Stripe. We do not use your asset or document content to train models or for cross-customer analytics.

Security & compliance

• EU hosting — Supabase (eu-central-1, Frankfurt), Vercel (Frankfurt region), and Cloudflare R2 in an EU bucket. Data does not leave the EU without an explicit action you take (for example sharing a link or sending email to a recipient outside the EU).
• Encryption in transit — TLS 1.3 on all connections.
• Encryption at rest — AES-256 on storage; file access uses signed, time-limited URLs.
• Authentication — Supabase Auth with bcrypt password hashing; TOTP two-factor authentication available from Account settings.
• Access control — Row-level security so members only see data they are allowed to access.
• Rate limiting — Login attempts are limited (for example, five failed tries per minute per IP) to reduce abuse.
• Audit logging — Security-relevant events are logged with timestamps and identifiers for support and compliance.
• GDPR — EU data residency, right to erasure, and processor arrangements with infrastructure providers (e.g. Supabase, Cloudflare) as described in their documentation and your agreements with us.

Confidentiality

The product is built so that nobody at Melvore Registry can see what you own unless you give explicit written permission. Support is handled without browsing your assets or documents; issues are diagnosed using logs and anonymised identifiers where possible. We do not aggregate or benchmark customer portfolios across accounts. Staff and subprocessors with potential access to systems are bound by confidentiality obligations.

Who can see what

When you share an asset via a share-link or send a PDF, data leaves our secure environment. You are warned in the product before those actions complete.

Retention, billing, and deletion

• Active subscription — Your registry data is kept for as long as your subscription is active and you keep your account.
• Failed payment — Access may be suspended after a failed charge; you are notified by email. Data is typically retained for about 30 days so you can fix billing or take a copy. After that, production data is deleted; backup copies may take up to 90 additional days to purge fully.
• Account deletion — You can delete your account anytime in Danger zone. Data is removed from the live application promptly; residual backups are purged within about 90 days and are not used to restore your account.

Your controls in the app

• Account & 2FA — Password and TOTP setup: Account.
• Reminders — Schedule email reminders per asset: Reminders (SMS and push are planned for a later mobile release per the product spec).
• Dead Man's Switch — Inactivity period and beneficiaries for a structured handover package: Dead Man's Switch.
• Copies of your registry — Export a branded Asset Passport PDF from each asset. The handover flow, when triggered, can deliver a ZIP that includes passport PDFs, documents, images, and tabular summaries as described in your DMS configuration.