Trust center
Trust, security & privacy at NextLatitude
This page is maintained by the NextLatitude team to answer common security and privacy questions about the product. It describes practices and platform capabilities currently in place — it is not an independent certification or audit.
Accounts & authentication
NextLatitude accounts use email and password authentication, with optional Google sign-in. Passwords are never stored in plaintext; authentication is handled by our managed backend provider, which stores credentials as salted hashes.
Password reset links are single-use and time-limited. You can change your password or sign out of your account at any time from Settings.
Hosting & platform
NextLatitude is built on Lovable Cloud and runs on a managed serverless edge runtime. Application data is stored in a managed Postgres database with row-level security policies that scope each record to the user who owns it.
Transport between your browser and our servers uses HTTPS/TLS. Platform-level capabilities (network, storage, backups) are provided by the underlying infrastructure — we do not operate our own data centers.
What data we collect
We store the information you provide to use the product: your account email, the answers you submit to our match and readiness quizzes, cities you save for comparison, checklist and timeline entries you create, and billing identifiers returned by our payment processor.
We collect basic product analytics (page views, feature usage) to understand how NextLatitude is used. We do not sell personal data.
Subprocessors & integrations
We rely on a small set of vendors to operate the product:
- Lovable Cloud — application hosting, database, authentication, storage.
- Stripe — subscription billing and payment processing.
- Resend — transactional email delivery (results, receipts, password resets).
- PostHog — product analytics.
- OpenAI / Lovable AI Gateway — AI features such as the assistant.
Each vendor receives only the data needed to perform its function (for example, your email address for delivery, or your billing identifier for subscription management).
Cookies & analytics
We use first-party cookies and local storage to keep you signed in and remember preferences such as your saved cities. Analytics cookies help us understand aggregate product usage.
Retention & deletion
Your account data is retained while your account is active. If you want your account and associated data deleted, email us at the address below and we will action the request.
Privacy requests
To access, correct, export, or delete personal data we hold about you, email hello@nextlatitude.app. We will respond as quickly as we can.
Reporting a security issue
If you believe you have found a security vulnerability in NextLatitude, please email hello@nextlatitude.app with details so we can investigate. Please do not publicly disclose the issue before we have had a chance to respond.
Scope & disclaimers
NextLatitude is for organization and guidance only. We do not provide legal, tax, or immigration advice. Nothing on this page constitutes a warranty or a contractual commitment. For our terms and the practical limits of the service, see our pricing page and contact us with any questions.
