A founder network is only as good as the trust inside it.
Founderfy is a small, hand-curated room. This page explains the practical controls that protect your data and keep the network healthy.
Hand-built network
Founderfy starts in Portland and grows city by city. Real people review the pool — no open signups, no bots, no scraped lists.
Encrypted in transit
All traffic is served over HTTPS. Authentication is handled by Supabase Auth with industry-standard token rotation.
Encrypted at rest
Your profile, messages, and account data are stored in a managed Postgres database with encryption at rest.
Row-level access control
Every table enforces row-level security policies so founders can only read and write their own private data. Public profile fields are explicitly opted in.
Minimal data collection
We ask for what's needed to make introductions and nothing else. Phone numbers are optional. No third-party ad tracking on the site.
You own your profile
Edit, export, or delete your profile any time. Deletion requests remove your personal data from the active pool.
Community standards
A curated room only works when everyone behaves like a guest. These are non-negotiable:
- No cold-pitching, recruiting, or fundraising spam in the pool.
- No impersonation of other founders or companies.
- No scraping, exporting, or reselling the directory.
- No sharing private conversations or contact info outside Founderfy without consent.
- Treat dinner RSVPs as commitments.
We remove accounts that break these rules. If you see something off, email safety@founderfy.app.
Reporting a security issue
Found a vulnerability? Please email security@founderfy.app with steps to reproduce. We'll acknowledge within 48 hours and won't pursue good-faith research.
Read more
This page is maintained by Founderfy and reflects current product practices. It is not an independent certification or audit.