HAMMERDOMICILE

Security and privacy

Sensitive records deserve architecture built around restraint.

Hammer Domicile is being designed around least-privilege access, private file delivery, accountable activity, and clear control by the household.

This page describes the intended production architecture. It does not claim certifications or controls that have not been independently verified.

Security model

Trust is a product behavior, not a badge.

Access comes first

Every protected query, file request, export, and role change must be authorized against household and professional relationships.

Private file delivery

Sensitive files are designed for private object storage and short-lived access, not durable public links.

Role-scoped collaboration

Household owners, members, advisors, reviewers, and support roles receive distinct capabilities.

Accountable activity

Invitations, document changes, downloads, reviews, exports, and billing events are recorded.

Strong authentication

MFA is planned as required for advisors and administrators, with step-up verification for sensitive actions.

Data minimization

General analytics must not receive document content, financial details, or sensitive filenames.

Data lifecycle

Clear handling from upload through deletion.

01Upload

Validate type and size, calculate integrity metadata, and scan before availability.

02Store

Keep private bytes separate from application metadata and permissions.

03Access

Authorize first, then issue short-lived file access or stream through a protected endpoint.

04Review

Record relevant activity and preserve immutable file versions.

05Export or delete

Create accountable exports and support customer-controlled deletion and retention workflows.

Responsible claims

What we will not imply.

Hammer Domicile will not call itself SOC 2, ISO 27001, bank-grade, or compliant with a regulated framework until the applicable controls and independent work exist. Product language will distinguish design intent from verified status.

Preparedness starts here

Have a security or privacy question? Bring it directly to us.