New — analyze your dreams in 100+ languages. Just write in your own.

Security

Security & data protection

Dreams are deeply personal. Here's how we protect your account, your journal, and your payments.

Encryption in transit

All traffic is served over HTTPS/TLS. Data moving between your browser, our servers, and our providers is encrypted.

Modern authentication

Sign-in uses OAuth (Google) and passwordless email links via industry-standard libraries — we never store passwords.

Private by default

Your dream journal is scoped to your account. Other users cannot see your dreams, and we do not sell personal data.

Payments handled by Stripe

Card details are processed by Stripe, a PCI-DSS Level 1 provider. We never see or store your full payment information.

Data control & deletion

You can request export or permanent deletion of your data at any time by emailing our privacy team.

Least-privilege access

Access to production data is limited and logged. Secrets are kept in environment configuration, never in the client bundle.

Found a vulnerability? Please email security@dreamdetected.com and we'll respond promptly.