Trust & Security

This page is maintained by the Eutopia Creator team to answer common security and privacy questions about the product. It is editable project content, not an independent certification.

Authentication & access
How accounts and sessions work

Sign-in is handled via Eutopia Passport single sign-on. Sessions are stored locally in your browser and protected by your Passport account.

Project workspaces use role-based access (owner, editor, member). Project-scoped data is gated by row-level security in our database so users can only read or modify data they have been granted access to.

Platform & hosting
Where the app runs

Eutopia Creator is built and hosted on the Lovable platform. Application traffic is served over HTTPS. This is a description of enabled platform capabilities, not a Lovable-issued certification.

Data we collect
What we store and why

Account profile (display name, avatar) synced from Eutopia Passport, project content you create (ideas, progress posts, comments, reactions), and uploaded media for progress posts.

Uploaded media is stored in a private storage bucket. Files are only readable by users who can view the owning project's progress module.

Subprocessors & integrations
Third parties involved

Lovable Cloud (managed Supabase) for database, auth, and storage. Eutopia Passport for single sign-on. Other integrations are opt-in per project.

Deletion & data requests
How to remove your data

You can delete content you created from inside the app. For account deletion or to request a copy of your data, contact us via the address below.

Security contact
Reporting a vulnerability

If you believe you've found a security issue, please contact the project owner through Eutopia Passport. Please do not publicly disclose the issue until we've had a chance to investigate.