Skip to main content

Synced data and privacy

If you've turned on Cloud Sync in the desktop app, your workspaces and dictionary are backed up to the InkSpoke Platform — end-to-end encrypted, so the servers only ever hold ciphertext. Two web-account pages let you look at that data and control it: Sync & devices shows and decrypts what's stored, and Privacy tells you exactly what the servers can (and can't) read and lets you delete every cloud copy. This page walks through both.

You need Cloud Sync on first

These pages read what your desktop app uploaded. If you've never turned on Cloud Sync, your counts will be zero — there's nothing in the cloud yet. See Account, sync, and updates to enable it.

The privacy model in one breath

Your workspaces, workspace entries, and dictionary terms are encrypted on your device before they ever reach the server. The key that unlocks them — your User Sync Key — is derived from your account secrets and never stored on the server in readable form. That's what "end-to-end encrypted" means here: InkSpoke's servers store your synced content as ciphertext they cannot read, and neither can anyone who gets a copy of the database.

The trade-off is simple and deliberate: because the server can't read your data, the web page can't either — until you unlock it locally in your browser.

Sync & devices

The Sync & devices page lists everything you've synced and lets you decrypt it right in the browser. Out of the box it shows counts and metadata (how many workspaces, when each last synced) but the actual content stays masked as [encrypted] until you unlock.

┌────────────────────────────────────────────────────────┐
│ Sync & devices │
│ Encrypted · unlock to read your synced content │
│ ┌────────────────────────────────────────────────┐ │
│ │ Unlock Paste an API key (sk-is-…) [ Unlock ]│ │
│ └────────────────────────────────────────────────┘ │
├────────────────────────────────────────────────────────┤
│ Workspaces Entries Dictionary terms │
│ 4 37 128 │
├────────────────────────────────────────────────────────┤
│ ▸ [encrypted] 18 entries · synced 2m ago │
│ ▸ [encrypted] 9 entries · synced 1h ago │
├────────────────────────────────────────────────────────┤
│ Settings sync · Version 7 │
└────────────────────────────────────────────────────────┘
  • Summary counts — Workspaces, Entries, and Dictionary terms, so you can see at a glance how much is in the cloud.
  • Workspace cards — one expandable card per workspace, showing its tags, entry count, and last-synced date. Their names and details read [encrypted] until you unlock.
  • Dictionary table — your synced terms, with columns Trigger, Replacement, Type, and Op. Trigger and Replacement show [encrypted] placeholders until decrypted.
  • Settings sync card — a small "Settings sync · Version N" card noting the version of your synced settings.

Unlocking with your API key

To read your content, click Unlock and paste an InkSpoke API key (it starts with sk-is-…). Your browser uses that key to derive your User Sync Key locally and decrypt the data on the spot. The key is never sent to the server — it stays in your browser for the session.

  1. On the Sync & devices page, click Unlock in the banner at the top.
  2. Paste an API key that begins with sk-is-… and press Enter (or click Unlock).
  3. The [encrypted] placeholders resolve into your real workspace names, entries, and dictionary terms. Expand any workspace card to inspect its contents.

Don't have a key handy? Create one on the API keys page — the same keys your desktop app uses also derive your sync key here.

The key never leaves your browser

Decryption happens entirely client-side. Nothing you paste is uploaded, and the unlocked state lasts only for the current browser session — reload the page and you'll unlock again. That's why InkSpoke can offer a "read my encrypted data" view without ever being able to read it for you.

Treat your API key like a password

An API key can derive your sync key and decrypt your synced content, so paste it only into the official InkSpoke site and revoke any key you no longer trust from the API keys page.

Power users — how the encryption works

Encrypted fields are tagged with an E1$ prefix and protected with AES-256-GCM; the content key is derived with HKDF-SHA256. This mirrors the desktop app's encryption exactly, so a value encrypted on your machine decrypts identically in the browser. The whole scheme is designed so the plaintext only ever exists on your own devices.

Privacy

The Privacy page is the plain-language summary of everything above — plus the switch to wipe your cloud data.

End-to-end encryption status

At the top, a status pill tells you whether your data is currently unlocked in this browser session. If it isn't, an Unlock encryption → link takes you to the Sync & devices page to paste your key.

What we store server-side

A table spells out, category by category, how each kind of data is stored:

DataHow it's stored on the server
WorkspacesEnd-to-end encrypted (ciphertext only)
Workspace entriesEnd-to-end encrypted (ciphertext only)
Dictionary termsEnd-to-end encrypted (ciphertext only)
SettingsEnd-to-end encrypted (ciphertext only)
Account info (email, name, tier)Plain — readable by InkSpoke, so we can run your account
Usage countersPlain — readable by InkSpoke, for metering and limits

In short: the substance of what you dictate and teach InkSpoke is encrypted end-to-end, while the minimum needed to operate your account and enforce plan limits is stored in the clear.

About the analytics and history toggles

The Privacy page also previews a set of analytics and history switches. These are a preview and don't save yet — flipping them has no effect. Manage your actual privacy posture in the desktop app instead; see On-device vs. cloud, and privacy.

Danger zone — delete all sync data

If you want a clean slate in the cloud, the Delete all sync data action removes every synced copy from the Platform. To prevent accidents, you must type the word DELETE to confirm.

  1. Scroll to the Delete all sync data danger zone.
  2. Type DELETE (in capitals) into the confirmation field to arm the button.
  3. Confirm. InkSpoke deletes your cloud sync data and shows you the counts removed — workspaces, workspace entries, dictionary entries, and settings.
┌───────────────────────────────────────────────────────┐
│ ⚠ Danger zone │
│ Delete all sync data │
│ Removes every cloud copy. Your local app data on │
│ your devices is untouched. │
│ │
│ Type DELETE to confirm: [ DELETE ] │
│ [ Delete all data ]│
└───────────────────────────────────────────────────────┘
This removes your cloud copies

Deleting sync data is irreversible on the server side. It clears the encrypted copies stored in the cloud — not the data on your machines. Your desktop app keeps everything locally; if Cloud Sync is still on there, your device may simply re-upload on its next sync. To stop syncing entirely, turn Cloud Sync off in the desktop app as well.

Next steps