Aegis requires authenticated access. Supported sign-in methods include email/password and Google OAuth. Once authenticated, access to clinical tools is gated by an active subscription. Row-level security (RLS) is enabled on the database to help ensure users can only access their own data.

We recommend using strong, unique passwords and enabling multi-factor authentication where available through your identity provider.

Aegis is built on the Lovable Cloud platform and uses Supabase for data storage and authentication. This shared-responsibility model means the platform provides infrastructure controls, while the app owner configures application-level access rules, data policies, and user workflows.

Aegis collects account information (email address, subscription status) and clinical workflow data entered by authorized users for the purpose of psychiatric emergency management. Data is used to operate the service and is not sold to third parties.

The service relies on the following subprocessors and integrations:

• Supabase — database hosting and authentication infrastructure
• Stripe — billing and payment processing
• Google — OAuth identity provider for sign-in

The application uses essential cookies and local storage for authentication sessions. No third-party advertising or analytics cookies are currently used.

Data is retained as long as necessary to provide the service and meet any legal obligations. For questions about data retention periods or deletion requests, contact the app owner using the information below.

To submit a privacy request, request data deletion, or ask questions about how your data is handled, please contact the app owner at the email address provided below.

If you discover a security vulnerability or experience an incident, please report it to the app owner promptly. Provide enough detail to help us understand and reproduce the issue. Do not attempt to access data that does not belong to you.