diff --git a/firestore.rules b/firestore.rules
index e8f8d79..6c56267 100644
--- a/firestore.rules
+++ b/firestore.rules
@@ -1,7 +1,12 @@
 service cloud.firestore {
   match /databases/{database}/documents {
     match /{document=**} {
-      allow read, write: if request.auth != null;
+      allow read: if request.auth != null
+      						&& request.auth.uid == resource.data.userId
+                  && request.auth.token.email_verified;
+      allow write: if request.auth != null
+      						&& request.auth.uid == resource.data.userId
+                  && request.auth.token.email_verified;
     }
   }
 }