Zero-Knowledge.
By Design.
Your data is encrypted on your device before it reaches our servers. Even we can't read it. This isn't a policy - it's architecture.
What is Zero-Knowledge?
Zero-knowledge means we store your data without knowing what it contains. Encryption happens on your device using keys derived from your password. We never see your password or your encryption keys. We only store encrypted data that's mathematically impossible for us to decrypt.
Security Architecture
AES-256-GCM Encryption
Military-grade encryption standard used by governments and financial institutions. 256-bit keys provide 2^256 possible combinations - more than atoms in the observable universe.
Argon2id Key Derivation
Your encryption keys are derived from your password using Argon2id, the winner of the Password Hashing Competition. Resistant to GPU attacks and side-channel analysis.
Client-Side Encryption
All encryption and decryption happens in your browser or app. Your unencrypted data and encryption keys never leave your device. We only transport and store encrypted blobs.
Token-Protected Delivery
Delivery links expire, enforce access limits, and only expose encrypted vault data that recipients decrypt in their browser.
How Your Data is Protected
From upload to delivery, your data remains encrypted and inaccessible to anyone without the proper keys.
Local Encryption
You enter your data in our app. Before anything leaves your device, it's encrypted using AES-256-GCM with keys derived from your password.
Secure Transport
Encrypted data is transmitted over TLS 1.3 to our servers. Even if intercepted, the data is already encrypted with keys we don't have.
Distributed Storage
Encrypted blobs are stored in object storage and served only through authenticated owner requests or expiring delivery-token requests.
Recipient Delivery
When triggered, recipients receive secure tokens to access encrypted data. They decrypt it in the browser with the passphrase you shared separately.
Security Practices
Encrypted Storage
Vault content is encrypted before upload and stored as encrypted data that the server cannot decrypt without the passphrase.
Authenticated Access
Account routes require authentication, while recipient delivery uses expiring tokens with configurable access limits.
Deletion Controls
Vault and item deletion remove the database records and associated encrypted file objects from storage.
Audit Trail
Important account actions are recorded in the activity log for dashboard review.
Security FAQs
No. We use zero-knowledge architecture, meaning your data is encrypted on your device before it reaches our servers. We store only encrypted blobs that are meaningless without your keys. Even with a court order, we couldn't decrypt your data - we don't have the keys.
We use AES-256-GCM encryption, the same standard used by governments and financial institutions worldwide. Key derivation uses Argon2id, resistant to both GPU and side-channel attacks. All encryption happens client-side.
Multiple layers: client-side encryption ensures we can't access your vault contents, authentication protects your account, and delivery links are token-protected with expiry and access limits.
Even in the unlikely event of a breach, attackers would only access encrypted data that's useless without your keys. Your keys never touch our servers. This is the fundamental benefit of zero-knowledge architecture.
Your recipients need the passphrase you share separately, so critical recovery material should stay in an offline location you control. Vault contents remain encrypted at rest.
Enterprise Security.
For Everyone.
Every plan includes zero-knowledge encryption and our full security architecture.