Back to Sanctuary

Trust

Safety & Trust

Last reviewed: June 2026

DRAFT. This document describes how Sanctuary actually operates today. It has not yet been reviewed by qualified legal counsel and is not a substitute for legal advice. Review with counsel before relying on it at public scale.

Sanctuary is small and quiet on purpose. This page explains how we keep it that way.

How moderation works

Sanctuary does not run automated content takedowns based on engagement signals. There is no algorithm scoring you. Instead:

  • A short list of obviously unsafe terms triggers a block at the time of posting (threats, slurs, sexualized references to minors).
  • Every piece of content has a quiet report control. Reports go to the moderation team only.
  • A small group of administrators reviews reports daily and acts on them under the Community Guidelines.
  • Every moderation action — content hidden, account muted, content removed — is recorded in an internal log with the actor, the target, and the time.

How to report

On any post, prayer, voice note, or vent, open the menu and choose Report. Add a short note if you can; "this felt threatening" is enough. For anything urgent — threats, doxxing, content involving minors — email safety@auraversesanctuary.life. We respond as fast as a human can.

Voice content review

Voice carries identity. When a voice recording is reported, an administrator can play it back through the same server-mediated path regular members use; we do not download audio files to personal machines. If a recording is removed, the underlying audio file is deleted from storage in the same operation, not just hidden.

Privacy protections

  • Public views of prayers, vents, voice notes, and shared voice letters do not expose author ids to other members.
  • Audio storage buckets are private. Playback is always brokered by a server function that mints a short-lived signed URL.
  • Prayer candle totals and reaction counts are not returned to clients. We do not show a leaderboard, a streak, or a follower count.
  • Journal entries, private voice letters, and personal Ask reflections are owner-only at the database level — RLS-enforced, not just hidden in the UI.

Anonymous participation model

Many surfaces are designed so a single contribution cannot be tied back to you through normal application use. Authorship is preserved only so you can edit or delete what you've shared. The only path back to an author is a deliberate administrator action with an audit trail.

Security practices

  • Encryption in transit for every request.
  • Row-level access policies on every user-data table.
  • Service-role credentials are server-only and never reach the browser.
  • Payment data is handled by Stripe; we do not store card numbers.
  • Automated daily database backups, plus a manual cold-export of knowledge content (stories, prayers, library, journeys) on demand.
  • A documented incident-response runbook for outages and data recovery.

Community stewardship

Sanctuary is a small team. We do not optimize for growth at the cost of regulation. If a feature would deepen presence, depth, or peace, we consider it. If it would only deepen engagement, we don't build it.

Found a security issue? Please disclose privately to security@auraversesanctuary.life.