Persona Kit

Security is not a feature.
It's the foundation.

Persona Kit is built from the ground up with a zero-knowledge, encryption-first architecture. Your personas are yours alone.

SOC 2 Type IICertified
GDPRCompliant
CCPACompliant
ISO 27001In Progress

How we protect your data

Multiple layers of security at every level of the stack

End-to-End Encryption

All persona configurations, session data, and email content are encrypted using AES-256-GCM. Encryption keys are derived from your account password and never stored on our servers.

Zero-Knowledge Architecture

We cannot read your persona data. Your configurations are encrypted client-side before transmission. Even in the event of a data breach, your personas remain protected.

Infrastructure Security

Our infrastructure runs on hardened servers with full-disk encryption, network segmentation, and real-time intrusion detection. We undergo annual third-party penetration testing.

Two-Factor Authentication

Protect your account with TOTP-based 2FA. We support all major authenticator apps including Google Authenticator, Authy, and hardware keys via WebAuthn.

Leak Protection

WebRTC, DNS, and IPv6 leak protection is enabled by default on every persona. Our proxy stack prevents any request from bypassing the configured exit node.

Audit Logging

Every action on your account is logged with timestamps and IP addresses. Review your activity history at any time from the dashboard settings.

What we don't do

Transparency about our practices is just as important as our security measures

We never sell or share your data with third parties
We never log your browsing activity on our servers
We never store your encryption keys
We never inject ads or trackers into your sessions
We never share IP assignment data between accounts
We never retain data after account deletion

Your data, your rights

Full GDPR and CCPA compliance with self-service data management

Right to Export

Export all your persona data, session history, emails, and account information in standard JSON format at any time from your settings page.

Right to Erasure

Request complete deletion of your account and all associated data. We process erasure requests within 72 hours and confirm once complete.

Right to Access

View exactly what data we store about you. Our dashboard provides full transparency into your stored personas, sessions, and account metadata.

Right to Portability

Export your persona configurations and import them into another Persona Kit account or compatible service. Your data is never locked in.

Privacy without compromise

Start with 2 free personas. Upgrade when you need more.