Security at Kind Finance

Security is integral to Kind Finance. This page summarizes our practices at a level appropriate for families and educators. It is not an audit report, certification, or exhaustive system description. For privacy details, see our Privacy Policy.

Account access

We use industry-standard authentication through our infrastructure provider. Passwords and sensitive credentials are handled using established patterns (for example, hashed storage—not plain-text passwords on our servers). Optional PIN features for kids on trusted devices are designed for convenience with parent oversight; they are not a substitute for device security.

Data in transit and at rest

Traffic between your browser and the Service is encrypted with TLS in normal configurations. Data at rest is stored with our cloud database and storage providers using their encryption and access controls. Exact algorithms and key management may evolve as providers update their platforms.

Least privilege and access

We structure application permissions so family data is scoped to the household. Administrative access for operations is limited to what is needed to run and support the Service.

Payments

Card and subscription payment data is processed by Stripe. Kind Finance does not store your full card number for routine processing.

Reliability and monitoring

We monitor for errors and abuse signals and may rate-limit or block activity that threatens platform integrity. No monitoring system is perfect; please report suspected incidents promptly.

Your responsibilities

• Use a unique, strong password and protect your devices.
• Review linked family members and invitations regularly.
• Keep software updated; beware phishing that impersonates Kind Finance.

Reporting a vulnerability

If you believe you have found a security vulnerability, please contact us at security@kind.finance with enough detail to reproduce the issue. Do not publicly disclose until we have had a reasonable time to respond.