Limited time offer Try for Free
Security

Security

Protecting children's and families' information is central to MonGardy. This page summarizes the measures we apply; see the Privacy policy for how we handle personal information.

Encryption

Data is encrypted in transit using TLS and encrypted at rest. Encryption keys are managed by our infrastructure providers' Key Management Services (KMS); keys are rotated, access to them is logged, and they are never embedded in application code. Secrets and credentials are stored in managed, access-controlled configuration — never in client code.

Access controls

Access follows the principle of least privilege. Within the app, data is scoped by role and by child and classroom, so each person sees only what they are authorized to see. Parents see only the children linked to them. Access is invite-only and is provisioned and revoked by the daycare.

Audit logging

Sensitive actions are logged so they can be reviewed. We maintain a written incident-response plan and review our security measures regularly.

Hosting and providers

We aim to host application data in Canada and work with a small set of reputable service providers bound by written confidentiality and data-processing terms. See the Privacy policy for details.

Responsible disclosure

No system is perfectly secure. If you believe you have found a vulnerability, please contact privacy@mongardy.com so we can investigate.