How we protect your data.

Last updated 23 May 2026.

MyAITwin stores knowledge you have explicitly chosen to put in. That content is the product. The controls below describe how we keep it isolated, how we authenticate access, and how to reach us if you find a problem.

1. Authentication

Sign-in: magic link only

We do not use passwords. To sign in, you enter your email and we send a single-use link that expires in 15 minutes. The link is bound to one email address and one redemption. We collapse "not found", "already used", and "expired" into one error to avoid leaking which sub-state failed.

Session: short-lived signed cookie

Once signed in, a signed JWT is stored in an HttpOnly, Secure, SameSite=Lax cookie. Sessions expire after 30 days. Sign-out clears the cookie immediately.

MCP token: per-user bearer, hashed at rest

Each account holds one active MCP token. The plaintext is returned to you exactly once on issue. After that we only store the SHA-256 hash. You can regenerate the token from your account page at any time, which immediately revokes the previous one.

OAuth 2.0 for Claude Desktop

For connector flows we implement the OAuth 2.0 authorization code flow. Client secrets are stored as SHA-256 hashes only. Authorization codes are single-use and expire in 5 minutes.

2. Multi-tenant isolation

Every user has their own tenant. Every knowledge item, schema type, source, and audit row carries a tenant_id. Every database query filters by both user_id and tenant_id. Pinecone vector data lives in per-tenant namespaces; queries to one tenant's namespace cannot reach another's.

We continuously run a cross-tenant test suite that attempts to read, write, update, and delete one tenant's data while authenticated as another. All attempts must fail before we ship.

3. Rate limiting and abuse prevention

Every MCP tool call and every authentication request is rate-limited per-user. Sustained abuse trips a cooldown. Sign-in attempts are bounded to prevent enumeration attacks.

All admin endpoints require a separate header secret with constant-time comparison.

4. Prompt injection defences

Content stored in MyAITwin is treated as data, not as instructions for the assistant. When retrieved, content is returned with explicit provenance and the assistant is instructed never to follow instructions it finds inside stored content.

5. Audit logging

We record every tool call, every authentication event, and every admin action with user, tenant, event type, success or failure, and a short error tag. We do not log the content of stored knowledge, transcripts, or raw tokens. The audit log is append-only and is retained for debugging and incident response.

6. Transport and storage

All traffic is over TLS. Our database (Supabase Postgres) and vector store (Pinecone) are managed by third-party providers with their own security posture; we use service-role keys server-side and never expose them to the browser.

7. Account deletion

You can delete your account at any time from your account page. Deletion removes your user record, all knowledge items, all schema types, all sources, all MCP tokens, and all vector embeddings for your tenant. It is immediate and irreversible.

8. Responsible disclosure

If you find a security issue, please contact us at team@lutolearn.com. We take security reports seriously and will respond within two working days.

Please do not publicly disclose the issue until we have had a chance to fix it.

9. Operator