Silvora

Privacy Policy

Last updated: 15 June 2026

Beta software. Silvora is currently in a closed/limited beta. Features, infrastructure, and this policy may change as the product develops. If anything here changes in a way that affects your data, we'll update this page and, where practical, notify testers directly.

Silvora is a zero-knowledge, end-to-end encrypted (E2EE) file storage app. This page explains, as plainly as possible, what information Silvora collects, what is encrypted before it ever reaches our servers, and what — by design — we are technically unable to see.

The short version

We can't see your files, your filenames, or the encryption key that protects them. They are encrypted on your device before upload, and only your device — using your password or 24-word recovery phrase — can decrypt them.

We can see your account email, the size of each file (in bytes), and timestamps (when a file was uploaded, modified, or deleted). This is unavoidable metadata needed to operate storage, quotas, and the file list — but it never reveals what's inside a file or what it's called.

Information we collect

Account information

Email address — used as your account identifier (login) and, if you choose, for account-related communication (e.g. security notices).
Password — stored only as a one-way hash using Django's standard password hashing. We never store, log, or have access to your plaintext password.

Encryption keys and recovery

Encrypted master key envelope — your master encryption key itself never leaves your device in usable form. We only store an encrypted "envelope" (ciphertext + nonce) that can only be opened on your device using a key derived from your password (via Argon2id).
Recovery envelope — a second encrypted copy of the same master key, openable only with your 24-word recovery phrase. We store this envelope, but never the phrase itself.
Recovery phrase verification hash — to confirm you've entered the correct recovery phrase, we store a one-way hash derived from it (via HKDF, then a standard password hash). This lets the server verify "yes, that's the right phrase" without ever learning or storing the phrase.

Your files

File contents — encrypted on your device (XChaCha20-Poly1305) before upload. The server stores only ciphertext and cannot decrypt it.
Filenames — also encrypted on your device before upload (ciphertext, nonce, and integrity tag). The server cannot read your filenames.
File size, in bytes — visible to the server, since it's needed to allocate storage and enforce your quota. File size does not reveal file contents.
Timestamps — when a file was created, modified, or deleted, used for the file list, sync, and cleanup of deleted items.
Internal storage identifiers — opaque IDs and storage paths used internally to locate the encrypted blob in storage. These do not contain or reveal your filename or content.

Storage usage

We track how many bytes your account has used against your plan's quota (Free / Pro / Enterprise tiers). This is a running total, derived from the file sizes above.

Standard infrastructure logs

Like virtually all web services, our hosting and network providers (see "Infrastructure" below) generate routine connection logs (IP address, timestamp, request path) for security, abuse prevention, and debugging. These are operational logs, not something Silvora's application code reads or stores long-term.

What we cannot do

We cannot read the contents of your files.
We cannot read your filenames.
We cannot recover your account if you lose both your password and your 24-word recovery phrase — there is no "reset" path that bypasses encryption, because we never have access to the key.
We cannot view, sell, or share data we don't have. We have nothing to hand over for your files even if compelled to — only encrypted bytes.

Infrastructure & third parties

Silvora runs on a small set of infrastructure providers, each of which only ever sees encrypted data (where applicable):

Render — hosts the backend application server.
Neon (PostgreSQL) — hosts the database (account records, encrypted key envelopes, file metadata).
Cloudflare R2 — stores encrypted file blobs.

We do not sell your data, and we do not share it with advertisers. We do not run analytics or tracking SDKs inside the app.

Data retention & deletion

When you delete a file, it's marked for deletion and removed from your visible file list immediately, with the underlying encrypted blob purged from storage shortly after.
If you'd like your account and all associated data permanently deleted, contact us at the email below. As this is a beta, account deletion is currently handled manually on request.

Children's privacy

Silvora is not directed at children under 13, and we do not knowingly collect information from children under 13.

Changes to this policy

We may update this policy as Silvora moves from beta toward general availability. Material changes will be reflected on this page with an updated "Last updated" date.

Contact

Questions about this policy or your data: fortunecloudmentors@gmail.com