Security and your data.

The questions a careful board member, or whoever vets the tools your organization uses, would ask before trusting a directory with your members' phone numbers. Answered plainly, without the security-theater vocabulary.

Jump to: Enforced in the database · No bulk export · Passwordless sign-in · Encryption & hosting · What we don't do · Access & leaving · Report an issue

Privacy is enforced in the database, not the screen.

Every visibility choice a member makes (Visible, Private, Opt out, and the scope within Visible) is enforced by PostgreSQL row-level security, one layer below the application. When another member's request asks for someone who chose Private, the database returns nothing.

This matters more than it sounds. Most directories enforce privacy in the interface, so a single misconfiguration, a broken filter, or a feature written in a hurry can leak everyone. Roost enforces it where mistakes fail closed: a bug in a button cannot reveal a row the database itself refuses to hand over.

There is no “download the directory” button.

Not for admins, not for board members, not for us. The biggest risk to a community directory isn't a hacker; it's the spreadsheet exported once, emailed around, and living forever on a dozen personal laptops outside every privacy setting.

Roost makes that motion impossible. The things people actually used export for, like emailing one group or the whole roster, are built into the product, so contact information never has to leave the app to be useful.

No passwords to steal.

Signing in is a one-time link sent to your email, handled by our authentication provider. There is no password to reuse from some other site's breach, nothing to phish out of a member, and no password database to steal, because one doesn't exist.

Encrypted, and hosted on infrastructure you can look up.

Your data is encrypted in transit (TLS on every connection) and at rest. It lives on managed cloud infrastructure in the United States: Roost runs on Supabase (managed PostgreSQL and authentication) and Vercel, providers that maintain SOC 2 Type II and other industry-standard controls you can verify yourself.

Roost is a small company, and we won't pretend to hold a security certification we haven't earned. What we can show you is the architecture: established providers, encryption end to end, and privacy enforced in the database. That's a stronger answer than a badge.

What we don't do with your data.

Roost makes money one way: the annual subscription your organization pays. That is the entire business model, which is what lets the rest of this list be simple and permanent.

  • We don't sell your members' information.
  • We don't build advertising profiles or run ads.
  • We don't share it with third parties for marketing.
  • We don't use it to train AI models.

The data exists to run your directory. There is no second use we are quietly hoping you won't notice.

Who can see it, and what happens when you leave.

Inside your organization, contact information follows each member's own sharing choices. Admins see what they need to run their own organization's directory, and nothing from any other organization on Roost. On our side, access is limited to the small team running Roost, used only to provide support and keep the service healthy, and even then there is no bulk export.

When your organization leaves Roost, your directory goes offline and your data is deleted on request. We never sell it, and we never repurpose it. The thing a vendor decides to do with your data after you stop paying is exactly the thing Roost is built to never put in question.

Compliance, and reporting an issue.

Roost is built to the GDPR and CCPA privacy bar from the start. For schools specifically, how Roost fits FERPA, COPPA, and state student-privacy law has its own page: FERPA, COPPA, and state law. The Privacy Policy covers what we collect and why, in detail.

Found a security issue? We want to hear about it. Email security@roost.directory with the details, and please give us a reasonable window to fix it before disclosing publicly. We respond quickly and we don't go after people acting in good faith.

Roost Directory is a product of Holdfast Community LLC, an Oregon LLC. Business address: 5441 S. Macadam Ave., Suite 5022, Portland OR 97239.