Trust

Security & Privacy

This page is maintained by Anthony D. Diallo to answer common security and privacy questions about BlackTrivia.app. It is not a third-party certification.

What we do

Encryption in transit
All traffic between your browser and the platform is served over HTTPS.
Authentication
Passwords are hashed by our managed auth provider; sessions are short-lived and revoked on sign-out.
Row-level access control
Every database table that holds user data enforces row-level security so users can only read their own records.
Admin audit log
Privileged admin actions (role changes, suspensions, content edits) are recorded with actor, action, and timestamp.

Shared responsibility

BlackTrivia.app runs on Lovable Cloud, which provides the managed hosting, database, and authentication services we rely on. Their platform handles infrastructure security; we (the app owner) are responsible for application-level controls and data handling. You're responsible for keeping your account credentials safe and reporting suspicious activity.

Data we keep

Account profile, content you've posted, game stats, store orders, and family-group activity. We do not sell personal data. See our privacy policy.

Reporting a vulnerability

Please report security issues privately via our contact page — use subject "security".

Note: BlackTrivia.app does not claim SOC 2, ISO 27001, HIPAA, PCI, or GDPR certification. Any references to platform capabilities describe what is enabled, not a third-party audit.