AnonVault/Docs
Back to Docs

◐ Privacy & Data Handling

How your data is protected, encrypted, and managed

○ What We Collect

For Feedback Submitters

We collect only what's necessary: your feedback content and a device fingerprint for abuse prevention. No email, no name, no account required.

For Applicants

Email for authentication, profile information you provide, and private verification details visible only to administrators.

○ How Encryption Works

All feedback content is encrypted using AES-256-GCM encryption before being stored in our database. This means:

  • Your message is converted to ciphertext immediately upon submission
  • Only authorized systems can decrypt and display the content
  • Database breaches would only reveal encrypted, unreadable data

○ What Stored Data Looks Like

Here's an example of how your feedback appears in our database — completely unreadable without proper decryption:

{
  "_id": "507f1f77bcf86cd799439011",
  "encryptedContent": "aes-256-gcm:iv:a3f2b8c9d4e5f6a7:ct:8f9a2b3c4d5e6f7a8b9c0d1e2f3a4b5c6d7e8f9a0b1c2d3e4f5a6b7c8d9e0f1a2b3c...",
  "sentiment": "neutral",
  "deviceFingerprint": "sha256:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
  "createdAt": "2026-01-20T10:30:00.000Z"
}

Note: Device fingerprints are one-way hashed — they cannot be reversed to identify you.

○ IP Address Handling

We never store your actual IP address. Instead, we use HMAC hashing to create a non-reversible identifier used only for rate limiting and abuse prevention.

Your IP: 192.168.x.xStored as: hmac:7f83b1657ff1fc53b92dc18148...

○ Data Lifecycle

1

Submission

Content is encrypted client-to-server via TLS, then encrypted again before storage

2

Storage

Encrypted data stored in secure MongoDB Atlas with automatic backups

3

Access

Decrypted only when viewed by the applicant or admin through authenticated sessions

4

Deletion

Applicants can delete individual feedback; admins can remove entire applications

○ Data Retention

Feedback Content

Retained until deleted by applicant or admin

Rate Limit Data

Automatically expires after 24 hours

Audit Logs

Retained for security and compliance

Account Data

Retained until account deletion

○ Your Privacy Rights

  • Anonymous submission — no account required to give feedback
  • Data portability — applicants can view all their received feedback
  • Right to deletion — applicants can delete their feedback and account
  • Minimal data collection — we only collect what's absolutely necessary