Data flow
What is captured, where it is processed, and the short list of what crosses the network.
The artefacts reviewers ask for, in one place. For enterprise pilots we walk your security team through each of them.
What is captured, where it is processed, and the short list of what crosses the network.
SQLCipher whole-database encryption, AES-256-CBC with HMAC-SHA512, keyed from the macOS keychain.
The complete list is below. None of them holds captured content because it stays on the device.
Magic link or SSO, one active device per user, and automatic sign-out on a new device.
Pause, ignore lists, exclusion categories, and built-in rules for sensitive surfaces.
Signed releases, a documented update channel, and deletion that ends on your own disk.
Account plumbing and marketing measurement, never captured content.
Three surfaces, three postures. The desktop app sends no analytics at all.
No analytics beacons leave the app. The account service receives only sign-in, billing, device registration, and aggregate licence state.
Vercel Web Analytics and Speed Insights use no cookies or cross-site identifiers. Conversion events never include form values.
It runs only with the consent required for the visitor's region, can be disabled at any time, and honours Global Privacy Control.
Enterprise evaluations run as a 3-month paid pilot for up to 25 users, with SSO, a dedicated account manager, and a security walkthrough at the start rather than the end.