Uprealm LLC ("Uprealm," "we," "us," or "our") is committed to protecting the privacy and security of your personal information. This Privacy Policy describes how we collect, use, store, and protect information through our services — including our website, member platform, and any connected integrations.
Account Information — Email address for authentication, multi-factor authentication enrollment data (TOTP), and basic profile information you provide.
Financial Information (via Plaid) — When you connect financial accounts through Plaid Link, Plaid accesses account balances, transaction history (amounts, dates, merchants, categories), and account metadata (names, types, institution) directly from your financial institution. This data is encrypted before it reaches our systems — Uprealm never sees or stores your raw financial data or bank login credentials.
Connected Services — If you choose to connect third-party services (calendar, email, communication platforms, health data sources), we access only the data categories you explicitly authorize during the connection process. Each integration requests the minimum permissions necessary to deliver its functionality.
Workspace & Task Data — Content you create within your workspace, task lists, notes, and organizational data you input into the platform.
Access Request Information — If you request access to Uprealm, we collect your name, email, company (if provided), and the information you submit in the request form.
Usage & Security Logs — Access timestamps, authentication events, and actions taken within the platform for security monitoring and audit purposes.
We do not use your data for advertising, behavioral profiling, or any purpose beyond delivering the services you requested.
We collect anonymized, aggregated usage data — such as feature adoption patterns, workflow metrics, and interaction trends — to improve our platform and develop new tools. This data is fully anonymized and cannot be traced back to any individual member.
Your personal content, financial data, workspace content, health information, and any confidential information you share with us is never used for analytics, training, or any purpose other than delivering your services. Only anonymized behavioral patterns inform our development.
Security is not a feature — it is the foundation of everything we build. We employ multiple layers of protection to ensure your data remains private, secure, and inaccessible to anyone other than you.
Encryption
Sensitive data is encrypted using AES-256-GCM — the same standard used by banks and government agencies. Data is encrypted both in transit (HTTPS/TLS) and at rest. Financial connection tokens and sensitive credentials are encrypted at the application level with keys that are never exposed in our database, meaning even direct database access cannot reveal your credentials or raw financial data.
Data Isolation
Every member's data exists in complete isolation. Row-level security policies enforce strict boundaries at the database level — your data can only be accessed through your authenticated session. No other member, no Uprealm team member, and no internal system can query, view, or access another member's information. This is not a policy — it is an architectural constraint enforced by the database itself.
Zero Internal Access
Uprealm operates on a principle of zero internal access to member data. Our team cannot see your personal information, financial data, workspace content, or any connected service data — even if we wanted to. We have deliberately designed our systems so that we do not have the ability to view your private data.
Authentication
All access requires multi-factor authentication — a magic link sent to your verified email address plus a time-based one-time password (TOTP) from your authenticator app. There are no passwords to steal or guess. Access is invitation-only; only pre-approved members can authenticate.
Infrastructure
Our infrastructure is hosted on enterprise-grade platforms with SOC 2 Type II compliance, automated backups, and continuous monitoring. We employ a zero-trust architecture where no entity — internal or external — is trusted by default. Every request is verified, every connection is authenticated, and every action is logged.
We do not sell, rent, trade, or share your personal information with third parties. We do not monetize your data in any way. We do not use your data for advertising, profiling, or any purpose other than providing you with the services you requested. Your data is yours — period.
The only exceptions are:
You have complete control over your data at all times.
While Active
Your data is retained in encrypted form for as long as your account is active and your services are connected. You can view, manage, disconnect, and export your data at any time through your dashboard.
Disconnection
You may disconnect any integration at any time. Upon disconnection, all data associated with that connection will be permanently deleted from our systems within 30 days. Access tokens are revoked immediately, meaning we lose the ability to access that service the moment you disconnect.
Account Closure
If you close your Uprealm account, all personal data will be permanently and irreversibly deleted within 30 days — including your profile, connected account data, workspace content, and any other personal information.
Audit Logs
Minimal, anonymized audit logs (login timestamps and action types — not personal or financial data) may be retained for up to 3 years for security and compliance purposes.
You have full control over your data. You have the right to:
To exercise any of these rights, contact us at hello@uprealm.io. We will respond within 14 days.
We may update this Privacy Policy from time to time. Material changes will be communicated through the platform or via email. Continued use of our services after changes constitutes acceptance.
For privacy-related inquiries: hello@uprealm.io
Uprealm LLC · Los Angeles, California