How We Protect Your Data

3 min read

At Archevi, protecting your family's data is our top priority. Here's how we keep your information safe at every level.

Boundary Anonymization

Before any of your data reaches a cloud AI model, Archevi's boundary anonymization system automatically detects and replaces personal information with realistic surrogates. Powered by Microsoft Presidio, this means:

  • Names are replaced with fake names (e.g., John Smith becomes Alex Johnson)
  • Email addresses, phone numbers, and locations are swapped with surrogates
  • Highly sensitive data like Social Insurance Numbers and credit card numbers are blocked entirely -- the query is rejected before reaching any external service

The AI models only ever see surrogates, never your real personal information. After the AI responds, Archevi maps the surrogates back to your real data before showing you the answer.

AI Providers

We use two external AI providers, both with contractual no-training commitments:

  • Groq -- processes anonymized queries using Llama language models for generating answers
  • Cohere -- powers semantic search and document retrieval with search and document matching

Both providers only receive anonymized surrogates. They never see your real names, emails, or sensitive data, and they never use any data to train their models.

Encryption

At rest: All documents and data are encrypted using AES-256 encryption on our servers. Encryption keys are stored separately from data.

In transit: All connections use TLS 1.3, ensuring your data is encrypted as it travels between your device and our servers.

Note: Archevi uses server-side encryption, not end-to-end encryption. This means our servers decrypt data to process AI queries (after anonymization). Your documents are never stored or transmitted in plaintext.

Canadian Data Residency

All your documents are stored on DigitalOcean servers in Toronto, Canada (TOR1 region). Your files never leave Canadian soil. Only anonymized query text (with surrogates, not real data) is sent to AI providers for processing.

This means your data is protected under Canadian privacy law (PIPEDA) and is not subject to foreign data access laws.

Tenant Isolation

Every family on Archevi operates in a completely separate data partition. Row-level security is enforced at the database layer, meaning no cross-tenant query paths exist. Your documents, conversations, and search history are invisible to other families.

Your Data, Your Control

  • We never sell or share your data with advertisers
  • We never use your documents to train AI models
  • You can export or delete your data at any time
  • Your subscription is our only revenue -- your privacy is the product, not the price

Regular Security Practices

  • Dependency scanning and security updates
  • Access controls and audit logging
  • Secure authentication with passkey/WebAuthn, 2FA, and token rotation support

For details on securing your account, see Account Security. For our full privacy commitments, read our Privacy Policy.

How We Protect Your Data | Archevi