Security
Account security, authentication, and data protection
Security
Samvise takes your security seriously. Learn about authentication options, security features, and best practices to keep your account safe.
Account Authentication
Sign In Methods
Google Sign-In
- Secure OAuth authentication with your Google account
- No separate password to remember
- Protected by your Google account's own security (including any two-step verification you have enabled there)
Email and Password
- Traditional authentication
- Password must be at least 8 characters
- Password reset available from the login page
Email One-Time Code
- Choose "Email me a code" on the login page
- We email a 6-digit code to your account's address; enter it to sign in
- Codes expire after an hour, and you can request a new one about once a minute
- Only works for existing accounts - creating an account still requires an invite during the private beta
Password Tips
- Use a unique password for Samvise
- Don't reuse passwords from other sites
- Use a password manager
- Change it if you suspect compromise
Sessions
Signing Out
- Click your profile icon > Sign Out
- Ends your session on that device
Shared Computers
- Always sign out when you're done
- Don't save your password in a shared browser
Data Encryption
In Transit
All data is encrypted between your browser and Samvise over HTTPS/TLS.
At Rest
Data is encrypted in the database, with industry-standard practices for backups and key management.
OAuth Tokens
Google Calendar OAuth tokens:
- Stored securely server-side, never exposed to the browser
- Never shared with third parties
- Revocable anytime
Connected Apps
Google Calendar
- View connection status in Settings
- Disconnect anytime from Settings
- Or revoke from the Google side: Google Account > Security > Third-party apps > Samvise > Remove access
Account Deletion
Deleting Your Account
Permanently delete your account and data:
Process
- Go to Settings and request account deletion
- Review what will be deleted
- Confirm the deletion request
Confirmation Window
- An unconfirmed deletion request expires after 24 hours
- You can cancel the request any time before confirming
- Once confirmed, deletion is permanent
What Gets Deleted
- All tasks and schedules
- All settings and preferences
- Calendar integration
- Account data
What Doesn't Get Deleted
- Your own Google Calendar events (they remain in Google)
- Data you exported and downloaded
Phishing Awareness
Legitimate Samvise Communications
- Email from @samvise.io addresses only
- We never ask for your password via email
- Links go to samvise.io — check the URL carefully
If You Receive a Suspicious Email
- Don't click links or provide credentials
- Report it to contact@samvise.io
Reporting Security Issues
If you discover a security issue:
- Email: contact@samvise.io
- Include a detailed description and steps to reproduce
- We'll acknowledge and work with you to verify and fix the issue
Your Data Rights
- Right to access your data
- Right to data portability — export everything anytime
- Right to deletion
- Data minimization — we only store what the product needs
Next Steps
- Settings - Configure account
- Data Export - Download your data