UseNorth handles personal and professional information — names, roles, work email addresses, and the diagnostic responses that participants give in conditions they are meant to experience as honest and safe. The security model reflects that responsibility.
| Data | Where stored | Why collected |
|---|---|---|
| Name, role, email, organisation | north_leads, north_responses | Credential issuance and session tracking |
| Scenario responses | north_responses (jsonb) | Scoring and team map generation |
| Reflection text | north_responses | Qualitative diagnostic input for the Brief |
| Archetype and scores | north_leads | Credential and Strategist Brief input |
| Session codes | north_sessions | Team session coordination |
| Cloud platform and constraints | execution_* tables | NORTH Build credential and team output |
No response data is shared externally. No third-party analytics platform receives individual participant data.
The Supabase publishable key is designed for browser exposure. It is committed to .env.example as a placeholder format. The actual production key is set in Vercel environment variables and .env.local (gitignored).
ANTHROPIC_API_KEY is used exclusively in the server-side API route (/api/strategist-brief). It is not exposed to the client, not included in any client-side bundle, and not logged.
RESEND_API_KEY lives in Supabase Edge Function secrets — set via the Supabase dashboard, never in source code, never as a fallback value.
All Supabase tables have Row Level Security (RLS) enabled. The client-side code uses the publishable anon key only. This key has INSERT permission on the tables that receive participant data, but cannot read, update, or delete existing rows without an authenticated session.
The Strategist Dashboard uses the same anon key. It reads data that the dashboard user's session is authorised to access. Direct database access (Supabase secret key, database password) is restricted to infrastructure operations and never touches client-side code.
A participant's dimension scores are used to calculate their archetype and drive the adaptive Reckoning. They are stored in north_responses and used in aggregate for the Coalition Map. They are not displayed to other participants.
It shows pattern, not score. Individual responses cannot be reverse-engineered from the map.
The document is generated for the consulting partner and marked confidential. The input data (Coalition Map, Tension Map) is stored but the generated Brief text is ephemeral.
The qualitative reflection responses are stored to enable the Strategist Brief. They are not shared with other participants, not displayed in any team output, and not used in any product that names the individual who wrote them.
If you discover a security vulnerability in UseNorth, please report it privately before disclosing it publicly.
Include a description of the vulnerability, steps to reproduce, the potential impact, and any suggested remediation. We acknowledge receipt within 48 hours and respond with an assessment within 5 business days.
Please do not open a public GitHub issue for security vulnerabilities.
This document is reviewed and updated with each significant change to data handling, infrastructure, or third-party integrations. Last reviewed: 6 June 2026.