Frequently Asked Questions

Arkive is a privacy-first software company focused on building structured, trust-aware platforms. Journal is our first public product — a secure journaling platform designed around clear data boundaries and deliberate architecture.

Only you.

Journal entries are encrypted client-side using a key derived from your recovery key before being stored on the server. The server holds ciphertext only. Arkive cannot read, analyse, or monitor your journal content.

Encryption keys are derived client-side and never transmitted to the server. If you lose your recovery key, your data cannot be decrypted — not by you, and not by Arkive. There is no password reset and no admin override.

No.

Arkive does not sell personal data.
Arkive does not use advertising models.
Arkive does not monetise user behaviour.

The platform operates on a straightforward subscription model.

Yes.

Users retain control over their data, including:

• Access to their own content
• The ability to export their data
• The ability to delete their account and associated data

When an account is deleted, associated data is removed from active systems immediately. There is no retention window.

An account is required to ensure your entries are securely stored and recoverable. Journal automatically encrypts and backs up your data to protect against device loss.

Authentication is handled through Google or Microsoft via OAuth 2.0. Arkive does not store passwords. Your encryption keys are derived from a recovery key that only you hold.

We collect only the data necessary to:

• Authenticate users
• Manage subscriptions
• Maintain platform integrity

We do not track behaviour across the web.
We do not build advertising profiles.
We do not run behavioural analytics against journal content.

Billing is handled through Stripe. Subscription state is persisted explicitly, and access entitlements are derived deterministically from subscription state. Invoice events do not directly control access.

This ensures subscription access is consistent and auditable.

Yes. Subscriptions can be cancelled through the Stripe customer portal. Access continues until the end of the current billing period.

Account deletion is immediate and permanent. When you delete your account:

• Your encrypted journal entries and all associated data are deleted from the server
• Your encryption key material is destroyed
• Your authentication credentials are removed
• Your subscription is terminated

There is no soft-disable, no retention window, and no way to reverse this action. Deletion removes data from active systems immediately.

No.

Journal content is encrypted using a key derived from your recovery key. Arkive does not have access to this key and cannot decrypt your entries.

If you lose your recovery key and cannot authenticate, your encrypted content cannot be recovered. There is no password reset, no admin override, and no backdoor. We strongly recommend storing your recovery key securely.

Arkive is built around data minimisation, explicit boundaries between domains, and clear user control over data.

The architecture is designed to support trust-conscious and regulated environments.

Arkive's engineering philosophy emphasises transparency and disciplined system design. The platform is currently proprietary, though parts of the architecture may be shared publicly in future.

You can reach Arkive via the contact page. Early feedback from thoughtful users is welcome.