sablio
Join the waitlist
HomeProductManifestoPricingBlogLog in
Proofs · not promises

The things you can verify.

We avoid vague promises about security or privacy. Here is what we do concretely, with the technical details we can point to in the code.

01 · Local encryption

Your workshop journal, encrypted on your machine.

The carnet — the local memory that reminds you of forgotten grains — lives in a SQLite database encrypted with SQLCipher (AES-256 CBC). The 32-byte key is itself encrypted via the system keychain (macOS safeStorage). If your computer is stolen unlocked, the carnet stays opaque.

  • SQLCipher · AES-256 CBC
  • Key encrypted via safeStorage (macOS keychain)
  • Silent migration from the pre-V1 format on first boot
  • Files: electron/carnetStore.ts, carnet.db, carnet.key.enc
02 · Québec hosting

Infrastructure in Montréal.

Your data does not leave Canada. Our API services and database live on AWS ca-central-1 (Montréal). Québec's Loi 25 applies; the European GDPR too. No cross-border transfer is performed without your explicit consent.

  • AWS ca-central-1 · Montréal region
  • Loi 25 (Québec) · GDPR (Europe)
  • Multiple availability zones for resilience
  • TLS 1.3 in transit · AES-256 at rest in the cloud
03 · What we threw out

Migration 029 · forbidden columns dropped.

When we pivoted to the current version (April 2026), we ran a database migration that DROPs the columns we should never have had: focusScore, currentStreak, unlockedBadges, accountabilityOptIn. The `profiles_pre_v1` snapshot is kept for 30 days for emergency rollback, then destroyed. CI now fails if any of those terms reappear in the source.

  • DB migration 029 · applied April 2026
  • Columns dropped: focusScore, streaks, badges, accountability
  • pre_v1 snapshot kept 30 days then destroyed
  • CI guard · build red if the forbidden vocabulary returns
04 · What we store

The minimum that serves you, nothing more.

Email address, team name, the project and client names you create, and the time blocks you log. That's all on the cloud side. The workshop journal (the memory of active windows, open files, etc.) never leaves your machine.

05 · Export and deletion

Your data, no lock-in.

Full CSV or JSON export from settings, anytime, without asking why. Total account deletion in one click — actual erasure in 30 days (window to cancel if you change your mind).

What we do

  • Encrypt your carnet locally (AES-256)
  • Host data in Québec
  • Publish the privacy policy in readable English
  • Let you export and delete everything, whenever you want
  • Reply in under 2 business days
  • Warn you 30 days before any change of terms

What we don't do

  • Take screenshots of your session
  • Count your keystrokes
  • Track your geolocation
  • Sell your data to a third party
  • Use a non-Canadian provider for your storage
  • Run a free plan that becomes paid after 30 days

A question we haven't covered?

Write to us. We reply ourselves, in French or English, in under two business days.

Privacy policyWrite to us