Legal
Your recordings are the most important evidence you'll ever own. We treat them that way. This page is a plain-English breakdown of how HandsUp stores, encrypts, and protects everything you capture — and the limits of what we can see, share, or hand over.
Encryption
Recordings are encrypted on your device the moment capture starts, using AES-256 with a key tied to your account. The encrypted file is what leaves your phone — never the raw video or audio. The same encryption applies in transit (TLS 1.3) and at rest in our cloud storage.
Encryption keys are generated and stored on your device. HandsUp's servers never see your key. This means we can't watch your videos, read your transcripts, or hand over plaintext recordings — even if we wanted to, even if someone forced us to. The only person who can decrypt your footage is you, signed into your account.
Where your data lives
Recordings are stored in U.S.-based data centers operated by tier-1 cloud providers (AWS and Cloudflare R2, with geographic redundancy). Storage is regional to your account — your data does not transit international borders unless you cross one with your phone.
Account metadata (email, name, plan tier) is stored separately from recording content. Linking the two requires authenticated access from your device.
Authentication and account access
Passwords are never stored. We hash them with bcrypt at a high work factor, and the hash is what lives in our database. Even with full database access, an attacker cannot recover your password.
Two-factor authentication is available on all accounts and required for any account on a paid tier. Supported methods: authenticator app (TOTP), security key (FIDO2/WebAuthn), and SMS as a fallback. Biometric unlock (Face ID, Touch ID, fingerprint) is required for the app itself on every launch.
If you lose access to your account, recovery requires verifying both your email and your secondary 2FA method. Without both, the recordings stay encrypted. There is no backdoor.
What we store, what we don't
We store: account email, hashed password, encrypted recordings, recording metadata (timestamp, GPS, file size), dashcam telematics you've opted to share, in-app messages with attorneys in our network.
We don't store: your plaintext recordings, your unhashed password, your location when the app isn't recording, contacts, calendar, browsing history, microphone activity outside of explicit recording sessions, or any biometric data — Face ID and Touch ID happen on your device and never reach our servers.
We don't sell, license, or monetize any of it. No advertising trackers. No third-party analytics on recording content.
Sharing — only when you tell us to
Recordings are private to your account by default. Three optional sharing paths exist, all opt-in, all revocable:
Attorney network. When you send a recording to a verified attorney through the app, an encrypted copy is generated and shared with that specific attorney for the duration of your case. You can revoke access at any time.
Insurance partners. Dashcam telematics (speed, braking, mileage — never video) can be shared with Progressive, State Farm, GEICO, or other partners to qualify for discounts. Telematics sharing is opt-in per partner and revocable at any time.
Direct download. You can export your recordings from the app as standard video files (MP4) for use in court, insurance claims, or your personal records.
Legal requests
We comply with valid legal process — subpoenas, court orders, and search warrants properly served on HandsUp. Because recordings are encrypted with keys we don't hold, the most we can produce in response is encrypted blobs and account metadata (email, signup date, plan). Decryption requires your device and credentials.
We will notify you of any legal request affecting your account unless we are legally prohibited from doing so. We publish a transparency report annually with aggregate numbers on requests received and responses.
Incident response
If a breach affects your account, we will notify you within 72 hours of confirming it, by email and in-app notice. Notifications include what data was affected, what we know about how it happened, and what we recommend you do.
We run continuous monitoring on production systems, log all administrative access, and conduct quarterly penetration tests with a third-party firm. Findings are tracked in a public-facing changelog on this page.
Compliance
We operate in alignment with the California Consumer Privacy Act (CCPA) and similar state laws (Virginia, Colorado, Connecticut, Utah, and others as they come into effect). HandsUp is GDPR-compliant for users in the EU and UK.
SOC 2 Type II audit is on our roadmap and expected within the first 12 months of public launch. HIPAA does not apply — HandsUp is not a covered entity — but we built around healthcare-grade encryption standards anyway.
Reporting a vulnerability
If you've found a security issue, we want to know. Email security@handsuptheapp.com with details and proof-of-concept. We respond within 24 hours, work in good faith with researchers, and pay bounties for confirmed vulnerabilities. We will not pursue legal action against researchers acting in good faith.
Deleting your data
You can delete any recording at any time from inside the app. Deletion is immediate from your view and permanent within 30 days from our backups.
You can delete your entire account from Settings → Account → Delete. All recordings, metadata, and account information are wiped within 30 days. Export your data first if you want a copy.
Important: this is what we do, not legal advice
This page describes our current security architecture and practices. Specific protections may vary by region, plan, and feature. For questions about how a particular law applies to your data, talk to a lawyer. For technical questions about our security posture, contact security@handsuptheapp.com.
