Trust center

Trust, security & privacy at NextLatitude

This page is maintained by the NextLatitude team to answer common security and privacy questions about the product. It describes practices and platform capabilities currently in place — it is not an independent certification or audit.

Accounts & authentication

NextLatitude accounts use email and password authentication, with optional Google sign-in. Passwords are never stored in plaintext; authentication is handled by our managed backend provider, which stores credentials as salted hashes.

Password reset links are single-use and time-limited. You can change your password or sign out of your account at any time from Settings.

Hosting & platform

NextLatitude is built on Lovable Cloud and runs on a managed serverless edge runtime. Application data is stored in a managed Postgres database with row-level security policies that scope each record to the user who owns it.

Transport between your browser and our servers uses HTTPS/TLS. Platform-level capabilities (network, storage, backups) are provided by the underlying infrastructure — we do not operate our own data centers.

What data we collect

We store the information you provide to use the product: your account email, the answers you submit to our match and readiness quizzes, cities you save for comparison, checklist and timeline entries you create, and billing identifiers returned by our payment processor.

We collect basic product analytics (page views, feature usage) to understand how NextLatitude is used. We do not sell personal data.

Subprocessors & integrations

We rely on a small set of vendors to operate the product:

  • Lovable Cloud — application hosting, database, authentication, storage.
  • Stripe — subscription billing and payment processing.
  • Resend — transactional email delivery (results, receipts, password resets).
  • PostHog — product analytics.
  • OpenAI / Lovable AI Gateway — AI features such as the assistant.

Each vendor receives only the data needed to perform its function (for example, your email address for delivery, or your billing identifier for subscription management).

Cookies & analytics

We use first-party cookies and local storage to keep you signed in and remember preferences such as your saved cities. Analytics cookies help us understand aggregate product usage.

Retention & deletion

Your account data is retained while your account is active. If you want your account and associated data deleted, email us at the address below and we will action the request.

Privacy requests

To access, correct, export, or delete personal data we hold about you, email hello@nextlatitude.app. We will respond as quickly as we can.

Reporting a security issue

If you believe you have found a security vulnerability in NextLatitude, please email hello@nextlatitude.app with details so we can investigate. Please do not publicly disclose the issue before we have had a chance to respond.

Scope & disclaimers

NextLatitude is for organization and guidance only. We do not provide legal, tax, or immigration advice. Nothing on this page constitutes a warranty or a contractual commitment. For our terms and the practical limits of the service, see our pricing page and contact us with any questions.