Help Center / FAQ

Frequently asked questions

Do I need an account to use Covenant?

No. The whole core product works with no account, entirely in your browser. An account (the cloud tier) is only needed to sync across devices or publish evidence.

Where is my data stored?

In your browser's localStorage under covenant.v1, unless you opt into the cloud tier. See Security & privacy.

Does Covenant work offline?

Yes — the free tier makes zero network calls. Live email-auth scanning and cloud features need connectivity, but everything else works offline.

Is it safe to put PHI in here?

Covenant is built so PHI/free-text never leaves your browser: sync and evidence publish carry only structured risk facts, document bytes go browser→R2 via presigned URLs, and the AI assistant scrubs and blocks identifiers. That said, the BAA notes/clauses you record locally are stored in your browser like all other data — protect the device and browser profile accordingly.

What does "deferred" mean on some features?

The seam is fully wired but the hosted backend that does the heavy lifting isn't enabled yet. Deferred items today: the hosted scan runner (TLS/headers/ports/breach probes), live email/Slack delivery of invites and reminders, live R2 uploads, and server-side portal token validation. Each has a working local stand-in and is clearly labeled.

What's the difference between a live scan and a simulated scan?

A live scan does a real DNS lookup for SPF/DMARC and reports the rest as deferred. A simulated scan deterministically fabricates plausible findings from the domain so you can exercise the workflow without a backend; its findings are tagged simulated. See External posture scan.

Why was my real domain refused by the scan?

The SSRF guard refuses IP literals, private ranges, ports, credentials, and reserved/internal TLDs (including .example, which the sample vendors use). Use a genuine public domain.

How long is a vendor portal link valid?

14 days by default. Reminders go out at +3/+7/+12 days and stop at response or expiry. Re-send to mint a fresh link.

Can the vendor answer without an account?

Yes — that's the whole point of the portal. The signed link carries everything; they just answer and submit.

How is the score calculated, and why did it change?

It starts at 100 and subtracts itemized factors (inherent exposure, questionnaire, findings, BAA gap). The factor table on the score card is the full explanation and updates live. See Risk scoring.

Which frameworks does coverage map to?

NIST SR, CMMC L2 SR, HIPAA §164.308(b)/314, SOC 2 CC9.2, and ISO 27001 A.5.19–23. See Framework coverage.

Can multiple people use the same data?

Local data is per browser profile. To share across people/devices, sign in to the cloud tier (sync). The MSP multi-client console for managing many tenants is deferred to a later wave.

How do I back up or move my data?

Vendors tab → Export portfolio (JSON) for a full backup, plus CSV exports for vendors and the BAA inventory. For continuous cross-device, use cloud sync.

How do I delete everything?

Delete vendors individually (which removes their assessment/BAA/findings), or clear the covenant.v1 key / your browser data to wipe local state. Export first if you might want it back.

Do I have to pay for AI?

The AI assistant is bring-your-own-key — you pay your chosen provider directly. Covenant adds no AI fee and makes no AI call until you add a key and click an AI button. See Settings & AI.

What does Covenant cost?

Free for 10 vendors forever; Pro $799/mo (50 vendors); Team $1490/mo (unlimited); MSP $599 per managed client. No per-vendor surcharge. See Pricing & billing.

← Troubleshooting Message reference →