6 layers of data protection
Security is not just a feature, it's the foundation of our app
AES-256 encryption
We encrypt data with AES-256-GCM standard before storing in the database.
Separate encryption key
The key is stored separately and is not part of the application code.
Sensitive data encryption
Sensitive data is encrypted. Even in case of a database breach, it's unreadable.
TLS/SSL transfer
Communication is encrypted via TLS during data transfer.
Secure authentication
Passwords are hashed with bcrypt. We support 2FA (TOTP).
Isolated environment
User data is isolated using Row Level Security.
How your data encryption works
From input to secure storage - every step is protected
Enter data
Upload a receipt or fill in document information
Instant encryption
Sensitive data is encrypted with AES-256 before saving
Secure storage
Encrypted data is stored in a secure database
Decryption on display
Data is decrypted only when you access it
Zero-knowledge architecture
Your data is encrypted with a unique key derived from your login credentials. Neither DigiDoklad developers nor server administrators can read your documents.
Who is DigiDoklad security ideal for?
DigiDoklad protects personal and family documents:
DigiDoklad is NOT designed for:
Two-factor authentication (2FA)
Add another layer of security to your account using TOTP authentication. Even if someone gets your password, they can't log in without the second factor
Our security guarantees
Automatic logout
After 5 minutes of inactivity, the app automatically logs you out. Your data stays safe even if you forget to leave.
Data breach protection
Even if a database breach occurred, your data is encrypted and completely unreadable without the decryption key.
Access audit
Every access to your data is recorded in an audit log. You have an overview of when and from where the data was viewed.
Regular backups
Your data is automatically backed up. Even in case of system failure, they are safe.