Kintwadi
Trust

Security

Kintwadi holds sensitive health and family data. Protecting it is a first-class design goal, not an afterthought.

Defense in depth

Caregiving is an inherently access-controlled domain, so we built security into the data model itself. Permissions are enforced at multiple layers — the edge, the application, and the database — so a single bug can't expose data a person shouldn't see.

Encryption everywhere

Data is encrypted in transit (TLS) and at rest.

Row-level security

Role-based access is enforced in the database, not just the UI.

Append-only audit log

Every sensitive read or change is recorded and immutable.

Least privilege

Each role sees only the slice of the record it needs.

Resilient data

Managed Postgres with automated, encrypted backups.

Secrets stay server-side

Credentials live in environment config — never in the client.

Enforced at the database

Row-level security means a hired aide physically cannot read a family's financial documents, and safety-critical actions like “give a medication” commit as a single atomic transaction — logging the event, decrementing supply, and writing the timeline entry together, or not at all.

Responsible disclosure

Found a vulnerability? We appreciate your help. Email security@kintwadi.app and we'll respond promptly.

This page is illustrative content for a hackathon demo — not legal advice.