Overview
Datum is built for people in career transition. We minimize what we can see. Your master password never leaves your device. Vault file contents are encrypted client-side before sync.
What stays encrypted (zero-knowledge)
- Vault file payloads and competency baselines (ciphertext + IV only on our servers)
- Your master password and derived encryption keys (never transmitted)
What we store in Supabase (metadata & community)
- Account email and authentication session
- Vault salt (required for key derivation — not your password)
- Cohort pacing, pseudonym, check-ins, daily actions
- Learning goal, experience level, weekly rhythm, mission/problem completion, and confidence ratings. Practice drafts are not stored.
- Board posts, chat messages, reel titles/captions, likes, comments
- Runway calculator numbers and benefits checklist progress
- Partner access keys, handshake requests, access logs
- Product analytics events (funnel milestones you trigger in-app)
Reels (video storage)
Short-form videos are stored in Netlify Blobs (production) or local filesystem (development). Video bytes are not encrypted by Datum beyond transport TLS. Titles, captions, and metadata live in Supabase. Reels are visible to authenticated members in your cohort pacing track.
AI processing
When you opt in, Datum sends the text you provide to our AI provider (Anthropic Claude when configured, otherwise heuristic fallbacks on-device/server). We do not send your master password or vault encryption keys.
See our AI disclosure for module-by-module detail.
Contact
Open beta questions: contact the Datum team through your cohort invite channel or GitHub issues on the project repository.