Your child's letters and drawings are protected with strong encryption — because privacy isn't optional when kids are involved.
Encryption is a way of scrambling information so that only authorised parties can read it. Stamplo uses AES-256-GCM encryption to protect all letters and images at rest. Content is encrypted before storage and only decrypted server-side during authenticated parental review.
Decryption is permitted only within authenticated, server-side parent routes. No client-side decryption occurs, and no child-facing or public route can access plaintext content. Encryption keys are managed server-side — this is strong encryption at rest, not end-to-end encryption. The architectural boundary is enforced at the route level and auditable at any time.
Children deserve the same digital dignity as adults. Encrypting letters and images at rest means a database breach does not expose your child's words or drawings. Stamplo is built with privacy-by-design principles, including the ICO Children's Code, so trust isn't assumed — it's enforced by architecture.