Caveman LanguageCaveman Language

Security

Caveman Language — A Contextual Learning Framework Application

Last Updated: January 2026

Our Commitment

We take the security of your data seriously. This page describes our security practices and how to report vulnerabilities.

Data Protection

Encryption

  • In Transit: All data transmitted between the App and our servers uses TLS 1.3
  • At Rest: Stored data is encrypted using AES-256
  • Local Storage: On-device data uses iOS Keychain and encrypted storage

Access Control

  • Employee access to user data is restricted and logged
  • Production systems use multi-factor authentication
  • Access is granted on a need-to-know basis

Infrastructure

  • Hosted on SOC 2 compliant infrastructure
  • Regular security audits and penetration testing
  • Automated vulnerability scanning

What We Don't Do

  • We do not store passwords in plain text
  • We do not transmit data over unencrypted connections
  • We do not share data with third parties for advertising
  • We do not access more device permissions than necessary

App Permissions

The App requests only the permissions it needs:

PermissionWhy
Network AccessSync progress, load content
Local StorageSave your learning progress

Permissions we do NOT request:

  • Camera
  • Microphone (unless voice features are enabled, with consent)
  • Location
  • Contacts
  • Photos

Vulnerability Disclosure

If you discover a security vulnerability, we want to hear from you.

Report to: security@contextframework.io

Please include:

  • Description of the vulnerability
  • Steps to reproduce
  • Potential impact
  • Your contact information (optional, for follow-up)

Our commitment:

  • Acknowledge receipt within 48 hours
  • Provide an initial assessment within 7 days
  • Keep you informed of remediation progress
  • Credit you (if desired) when the issue is resolved

Please do NOT:

  • Access data that isn't yours
  • Disrupt service for other users
  • Publicly disclose before we've had reasonable time to respond

Incident Response

In the event of a data breach:

  • We will investigate immediately
  • Affected users will be notified within 72 hours
  • We will provide clear information about what happened and remediation steps
  • Relevant authorities will be notified as required by law

Contact

Security Team
security@contextframework.io

Legal Inquiries
legal@contextframework.io

General Support
service@contextframework.io