Decisions contain your most sensitive thinking. Reflect OS is built around the premise that what's private stays private — without compromising what's needed for the product to work.
Decision rationale, context fields, and sensitive notes are encrypted at rest using AES-256. These fields are not readable by Reflect OS staff or systems without your key.
Structural metadata — decision titles, dates, categories, and status — is stored unencrypted to enable search and filtering. The content of your reasoning is always protected.
We do not use your decision data to train AI models, whether our own or third-party.
Sensitive fields encrypted before storage. Not accessible without your key.
All data in transit encrypted via TLS 1.3. HSTS enforced.
Workspace, team, and individual permissions. You decide who can see what.
Every view, edit, and export is logged with timestamp and user. Defensible for governance and compliance.
Export all your decisions at any time. Request full deletion and we'll action it within 30 days.
Reflect OS is operated by Euan Pallister trading as Reflect OS, registered in the United Kingdom. We are compliant with UK GDPR and the Data Protection Act 2018.
For the full details of how we handle your data, see our Privacy Policy, Terms & Conditions, and Cookie Notice.
Questions about security or data handling? Get in touch.