Datenschutz
Wenn Sie auf "Akzeptieren" klicken, stimmen Sie der Speicherung von Cookies auf Ihrem Gerät zu, um die Navigation auf der Website zu verbessern, die Nutzung der Website zu analysieren und unsere Marketingaktivitäten zu unterstützen. Weitere Informationen finden Sie in unserer Datenschutzrichtlinie.
AblehnenAnnehmen

Security

Encryption and Data Security at Svayy
At Iridium Works GmbH, we understand the importance of maintaining the security and privacy
of your data. Svayy uses advanced cryptographic methods to ensure that your data is protected
from unauthorized access, both from external parties and from Svayy itself.

Encryption Techniques
For more detailed informationon this topic please visit our article:
https://wiki.svayy.app/docs/Encryption

- Titles, descriptions, texts
Textual data such as routine titles are encrypted on the client side using AES-GCM, with the key being derived deterministically on the client side from the user's cleartext password.

- Passwords
Your passwords never leave the client, either in the web or the app. In order to log in, the client first hashes his password with sha256 in order to prevent the Svayy server, or anyone with access to it, to decrypt the stored data.In order to safeguard you from losing all your data in the event that you forget your password, we have implemented the recovery kit.

- The Recovery Kit: Your Safety Net
The Svayy server generates a RSA-OAEP (with SHA-512) key pair. The client receives the public key in order to generate a recovery kit text file. The client encrypts his cleartext password using the public key, and is reminded to store that file in a safe place.
Your recovery kit should never be communicated to Svayy, or anyone else for that matter, but without the private key stored on the Svayy server the recovery kit alone cannot be used to perform any malicious action.
At any point in time, a user can request a new recovery kit, which wipes the old public/private key from the Svayy servers and forces the client to download the newly generated kit, rendering the old kit useless, as nobody will ever be able to decrypt it from that point on.

Hashing for Security
Svayy uses SHA-256 to hash passwords on the client side before they are sent to the server.
This measure prevents the possibility of password decryption at the server level.



Beta Test Phase Disclaimer
Please note that Svayy is currently in a closed beta testing phase. During this phase:
- Data Loss: There is a potential risk of data loss. We are constantly working to improve the stability
and functionality of Svayy, but please be aware that data loss might occur.
- Limitation of Liability: Iridium Works GmbH shall not be liable for any loss of data, interruption of service,
or other damages that might arise from the use of Svayy during this beta phase.
-Availability: Iridium Works GmbH shall not be liable for any downtime, interruption of service or the complete termination of the service.
- Feedback and Improvements: We encourage you to report any issues or provide feedback to help us enhance the application.

No Warranty
Svayy is provided "as is" without any warranties of any kind, either express or implied. Your use of Svayy during this beta phase is at your own risk.
By using Svayy, you acknowledge the potential risks associated with a beta version and agree not to hold Iridium Works GmbH liable for any related issues that arise.

Made by Iridium Works GmbH
© Iridium Works 2024