πŸ”’ What We Can See (and Can't See)

Complete transparency about encryption, data access, and privacy

βœ…

Your Memories Are Encrypted End-to-End

Your content is encrypted before it leaves your device. Haiven, our cloud storage partners (Supabase, Railway), and even government agencies cannot read your memories without your encryption key.

🚫 What Haiven CANNOT See

  • Your memory content (encrypted)
  • Your conversations (encrypted)
  • Your prompts (encrypted)
  • Your code snippets (encrypted)
  • Your decisions (encrypted)
  • Your themes (encrypted)
  • Your work sessions (encrypted)
  • Your expertise profiles (encrypted)
  • Your project names (encrypted)
  • Your file contents (encrypted)

πŸ‘οΈ What Haiven CAN See

  • Your account email (for login)
  • Account creation date
  • Last login timestamp
  • Number of memories (count only)
  • Storage usage (size in MB)
  • API request logs (anonymous)
  • Error logs (no content)
  • Feature usage analytics

πŸ” Technical Encryption Details

Encryption Algorithm
AES-256-GCM (Advanced Encryption Standard with Galois/Counter Mode). This is the same encryption used by banks, governments, and the military.
Where Encryption Happens
On your device before data is sent to our servers. Your encryption key never leaves your device. Even if our servers are compromised, your data remains encrypted.
Key Storage
Your encryption key is derived from your password using PBKDF2 with 100,000 iterations. We never store your encryption key - only you have it.
Data at Rest
All data stored in our database (Supabase PostgreSQL) is encrypted at rest using their enterprise-grade encryption. But remember: your content is already encrypted by YOU before it even gets there.
Data in Transit
All communication uses TLS 1.3 (Transport Layer Security) with 256-bit encryption. This prevents anyone from intercepting your data while it's being transmitted.
Zero-Knowledge Architecture
We designed Haiven with "zero-knowledge" principles: we cannot access your data even if we wanted to. Your privacy is built into the architecture, not just a policy.

🏒 What Our Storage Partners See

Supabase (Database)
βœ… Sees: Encrypted blobs only
Railway (Hosting)
βœ… Sees: Anonymous traffic logs
OpenAI (AI Processing)
βœ… Sees: De-identified queries only
Cloudflare (CDN)
βœ… Sees: Encrypted HTTPS traffic

Important: None of our partners can decrypt your memories. They only see encrypted data. When we use OpenAI for AI features (theme extraction, session detection), we send de-identified, anonymized data that cannot be traced back to you.

☁️ What YOUR Cloud Storage Sees

When you back up or sync your Haiven data to your personal cloud storage (Dropbox, Google Drive, iCloud, etc.):

Dropbox
βœ… Sees: Encrypted files only
Google Drive
βœ… Sees: Encrypted files only
iCloud
βœ… Sees: Encrypted files only
OneDrive
βœ… Sees: Encrypted files only

Critical: Your data is encrypted before it's backed up to any cloud service. Even if Dropbox, Google, Apple, or Microsoft wanted to read your memories, they can'tβ€”they only see encrypted files. Your encryption key never leaves your device, so only YOU can decrypt your backups.

Local Storage: If you store your Haiven data locally (on your computer or external drive), it remains encrypted. Even if someone gains physical access to your device, your memories are protected by AES-256 encryption.

Questions About Privacy?

Review our complete privacy policy or contact our security team

Read Privacy Policy
← Back to Home