← Obsyncian
Privacy Policy
Last updated: July 2, 2026
What we store
- Account data: your email address, device names you choose at login, and subscription status.
- Sync metadata: for each synced file, an opaque file ID, an (optionally encrypted) path, content hash, size, version counters, and timestamps.
- File contents: stored in Cloudflare R2. If you set an encryption passphrase, contents and paths are encrypted on your device with a key derived from your passphrase before upload — we hold only ciphertext and cannot decrypt it. Without a passphrase, contents are stored as-is; we do not read them except as required to operate the service.
- Operational logs: request metadata (IP address, timestamps, endpoints) retained up to 30 days for abuse prevention and debugging.
What we never collect
No plugin telemetry, no analytics SDKs, no reading of your vault beyond what sync requires, no selling or sharing of data with third parties.
Processors
- Cloudflare R2 — encrypted (or plaintext, if you opted out of E2EE) file blobs.
- Our hosting provider (Hetzner, EU) — the API server and metadata database.
- Email delivery provider — login-code emails to your address.
- Payment processors (when billing launches) handle payment details; we never see card numbers.
Deletion
Deleting a vault deletes its metadata immediately and queues its blobs for deletion. Deleting your account (email us) removes everything within 30 days. Version history of changed/deleted files is retained 30 days, then purged.
Contact
almas.abulkhairov@gmail.com