Based on your security page, data is stored on Google Cloud (Firebase/Firestore) with AES\u002D256 encryption at rest and TLS in transit. You also state you only access data with user permission or if legally required. However, I want clarification:\u000a\u000aSince data is processed via Google Cloud, does this mean third\u002Dparty providers have infrastructure\u002Dlevel access?\u000aDo you offer end\u002Dto\u002Dend encryption, or can your team technically access readable user data?\u000aAre internal access events logged and visible to users?\u000aAs you state you are not yet GDPR compliant, how should EU users interpret data protection guarantees?\u000a\u000aI’m trying to understand the difference between “private by policy” vs “private by architecture” before storing sensitive data.

Is user data truly private, or can the team access it | ByDesign

ZevsMaticPLUS

Apr 30, 2026

Q: Is user data truly private, or can the team access it internally or via third-party services?

Based on your security page, data is stored on Google Cloud (Firebase/Firestore) with AES-256 encryption at rest and TLS in transit. You also state you only access data with user permission or if legally required. However, I want clarification:

Since data is processed via Google Cloud, does this mean third-party providers have infrastructure-level access?
Do you offer end-to-end encryption, or can your team technically access readable user data?
Are internal access events logged and visible to users?
As you state you are not yet GDPR compliant, how should EU users interpret data protection guarantees?

I’m trying to understand the difference between “private by policy” vs “private by architecture” before storing sensitive data.

Helpful?

ByDesign

Share ByDesign

Choose a plan

Related questions