Synced data and privacy
If you've turned on Cloud Sync in the desktop app, your workspaces and dictionary are backed up to the InkSpoke Platform — end-to-end encrypted, so the servers only ever hold ciphertext. Two web-account pages let you look at that data and control it: Sync & devices shows and decrypts what's stored, and Privacy tells you exactly what the servers can (and can't) read and lets you delete every cloud copy. This page walks through both.
These pages read what your desktop app uploaded. If you've never turned on Cloud Sync, your counts will be zero — there's nothing in the cloud yet. See Account, sync, and updates to enable it.
The privacy model in one breath
Your workspaces, workspace entries, and dictionary terms are encrypted on your device before they ever reach the server. The key that unlocks them — your User Sync Key — is derived from your account secrets and never stored on the server in readable form. That's what "end-to-end encrypted" means here: InkSpoke's servers store your synced content as ciphertext they cannot read, and neither can anyone who gets a copy of the database.
The trade-off is simple and deliberate: because the server can't read your data, the web page can't either — until you unlock it locally in your browser.
Sync & devices
The Sync & devices page lists everything you've synced and lets you decrypt it right in the
browser. Out of the box it shows counts and metadata (how many workspaces, when each last
synced) but the actual content stays masked as [encrypted] until you unlock.
┌────────────────────────────────────────────────────────┐
│ Sync & devices │
│ Encrypted · unlock to read your synced content │
│ ┌────────────────────────────────────────────────┐ │
│ │ Unlock Paste an API key (sk-is-…) [ Unlock ]│ │
│ └────────────────────────────────────────────────┘ │
├──────────────────────────── ────────────────────────────┤
│ Workspaces Entries Dictionary terms │
│ 4 37 128 │
├────────────────────────────────────────────────────────┤
│ ▸ [encrypted] 18 entries · synced 2m ago │
│ ▸ [encrypted] 9 entries · synced 1h ago │
├────────────────────────────────────────────────────────┤
│ Settings sync · Version 7 │
└────────────────────────────────────────────────────────┘
- Summary counts — Workspaces, Entries, and Dictionary terms, so you can see at a glance how much is in the cloud.
- Workspace cards — one expandable card per workspace, showing its tags, entry count, and
last-synced date. Their names and details read
[encrypted]until you unlock. - Dictionary table — your synced terms, with columns Trigger, Replacement, Type,
and Op. Trigger and Replacement show
[encrypted]placeholders until decrypted. - Settings sync card — a small "Settings sync · Version N" card noting the version of your synced settings.
Unlocking with your API key
To read your content, click Unlock and paste an InkSpoke API key (it starts with
sk-is-…). Your browser uses that key to derive your User Sync Key locally and decrypt the
data on the spot. The key is never sent to the server — it stays in your browser for the session.
- On the Sync & devices page, click Unlock in the banner at the top.
- Paste an API key that begins with
sk-is-…and press Enter (or click Unlock). - The
[encrypted]placeholders resolve into your real workspace names, entries, and dictionary terms. Expand any workspace card to inspect its contents.
Don't have a key handy? Create one on the API keys page — the same keys your desktop app uses also derive your sync key here.
Decryption happens entirely client-side. Nothing you paste is uploaded, and the unlocked state lasts only for the current browser session — reload the page and you'll unlock again. That's why InkSpoke can offer a "read my encrypted data" view without ever being able to read it for you.
An API key can derive your sync key and decrypt your synced content, so paste it only into the official InkSpoke site and revoke any key you no longer trust from the API keys page.
Encrypted fields are tagged with an E1$ prefix and protected with AES-256-GCM; the content
key is derived with HKDF-SHA256. This mirrors the desktop app's encryption exactly, so a value
encrypted on your machine decrypts identically in the browser. The whole scheme is designed so the
plaintext only ever exists on your own devices.
Privacy
The Privacy page is the plain-language summary of everything above — plus the switch to wipe your cloud data.
End-to-end encryption status
At the top, a status pill tells you whether your data is currently unlocked in this browser session. If it isn't, an Unlock encryption → link takes you to the Sync & devices page to paste your key.
What we store server-side
A table spells out, category by category, how each kind of data is stored:
| Data | How it's stored on the server |
|---|---|
| Workspaces | End-to-end encrypted (ciphertext only) |
| Workspace entries | End-to-end encrypted (ciphertext only) |
| Dictionary terms | End-to-end encrypted (ciphertext only) |
| Settings | End-to-end encrypted (ciphertext only) |
| Account info (email, name, tier) | Plain — readable by InkSpoke, so we can run your account |
| Usage counters | Plain — readable by InkSpoke, for metering and limits |
In short: the substance of what you dictate and teach InkSpoke is encrypted end-to-end, while the minimum needed to operate your account and enforce plan limits is stored in the clear.
The Privacy page also previews a set of analytics and history switches. These are a preview and don't save yet — flipping them has no effect. Manage your actual privacy posture in the desktop app instead; see On-device vs. cloud, and privacy.
Danger zone — delete all sync data
If you want a clean slate in the cloud, the Delete all sync data action removes every synced
copy from the Platform. To prevent accidents, you must type the word DELETE to confirm.
- Scroll to the Delete all sync data danger zone.
- Type
DELETE(in capitals) into the confirmation field to arm the button. - Confirm. InkSpoke deletes your cloud sync data and shows you the counts removed — workspaces, workspace entries, dictionary entries, and settings.
┌───────────────────────────────────────────────────────┐
│ ⚠ Danger zone │
│ Delete all sync data │
│ Removes every cloud copy. Your local app data on │
│ your devices is untouched. │
│ │
│ Type DELETE to confirm: [ DELETE ] │
│ [ Delete all data ]│
└───────────────────────────────────────────────────────┘
Deleting sync data is irreversible on the server side. It clears the encrypted copies stored in the cloud — not the data on your machines. Your desktop app keeps everything locally; if Cloud Sync is still on there, your device may simply re-upload on its next sync. To stop syncing entirely, turn Cloud Sync off in the desktop app as well.
Next steps
- API keys — create the
sk-is-…key you'll paste to unlock. - Account, sync, and updates — turn Cloud Sync on or off on the desktop.
- On-device vs. cloud, and privacy — the full picture of what stays on your device.
- Web account overview — everything you can do from your account online.