Security

Transport security

Network traffic between the app/website and services is sent over HTTPS (TLS). We avoid caching sensitive AI responses in the Sana network client.

On-device storage

By default, Sam Central stores your tracking data locally using Apple Core Data (SQLite). Your device’s built-in security features (device passcode, Secure Enclave, OS-level data protection) help protect this data. Your OpenAI API key and Sana access tokens are stored in the iOS Keychain.

iCloud sync (optional)

If you enable iCloud sync, Sam Central uses Apple CloudKit to sync your database across devices signed into the same Apple ID. Apple manages the underlying security controls for iCloud/CloudKit.

Sana (AI assistant) security

• Authenticated requests: Sana requests are authenticated with your API key over HTTPS.
• Proxy isolation: Sana requests are processed through a serverless Cloudflare Worker before being sent to OpenAI.
• No content logging: the worker avoids logging raw question/context content and logs only limited metadata for reliability (such as request sizes and error codes).
• Safe error handling: internal errors are logged with sanitization while client responses remain generic.
• Model allowlist: server-side validation limits models to known patterns and warns on suspicious values.
• Third-party processing: when Sana is enabled, requests are processed via a Cloudflare Worker and the OpenAI API. See Privacy Policy for details on what data may be sent.

Responsible disclosure

If you believe you’ve found a security issue, please report it to hamzeh@alumni.harvard.edu with steps to reproduce. Please do not publicly disclose until we’ve had a chance to investigate.