DeividGSQ: E2EE data encryption
I read your comment that “our data is stored in Firebase which is fully encrypted” and I find it a good thing that your servers are secure, but I have this doubt:
Will all my data be fully end-to-end encrypted in a way that only I can access and read it, or might your employees also be able to access and read it? I am not saying that they will, but just asking if the possibility exists.
Arthur_ByDesign
Mar 27, 2026A: Hey!! Right now, when we say your data is encrypted in Firebase, we’re talking about encryption at rest and in transit. That means your data is protected on our servers and while it’s being sent, which is standard across most SaaS products.
However, that’s not the same as true end-to-end encryption.
With end-to-end encryption, only you would be able to read your data, not even us. ByDesign does not currently operate that way. So technically, there is a possibility that authorized systems and in very limited cases employees could access data if needed, for example for debugging or support.
That said, access is tightly restricted, and we take privacy and security very seriously.
Long term, we are definitely thinking about ways to move more toward user-controlled privacy, but there are tradeoffs with features like collaboration, syncing, and AI.
Happy to go deeper on this if helpful!
They would be eager to show they have End-to-End encryption.
If they don't write it, they don't have it.
They also write "we can access your data if you explicitly give us permission", that simply means they only need a message or email from you saying "sure, access my data" and they can read it by themselves.
In end-to-end encryption ONLY YOU have the key to access your data.
They are also NOT even GDPR complaint, something to keep in mind.