Skip to content

Security

Account security, authentication, and data protection

Security

Samvise takes your security seriously. Learn about authentication options, security features, and best practices to keep your account safe.

Account Authentication

Sign In Methods

Google Sign-In

  • Secure OAuth authentication with your Google account
  • No separate password to remember
  • Protected by your Google account's own security (including any two-step verification you have enabled there)

Email and Password

  • Traditional authentication
  • Password must be at least 8 characters
  • Password reset available from the login page

Email One-Time Code

  • Choose "Email me a code" on the login page
  • We email a 6-digit code to your account's address; enter it to sign in
  • Codes expire after an hour, and you can request a new one about once a minute
  • Only works for existing accounts - creating an account still requires an invite during the private beta

Password Tips

  • Use a unique password for Samvise
  • Don't reuse passwords from other sites
  • Use a password manager
  • Change it if you suspect compromise

Sessions

Signing Out

  • Click your profile icon > Sign Out
  • Ends your session on that device

Shared Computers

  • Always sign out when you're done
  • Don't save your password in a shared browser

Data Encryption

In Transit

All data is encrypted between your browser and Samvise over HTTPS/TLS.

At Rest

Data is encrypted in the database, with industry-standard practices for backups and key management.

OAuth Tokens

Google Calendar OAuth tokens:

  • Stored securely server-side, never exposed to the browser
  • Never shared with third parties
  • Revocable anytime

Connected Apps

Google Calendar

  • View connection status in Settings
  • Disconnect anytime from Settings
  • Or revoke from the Google side: Google Account > Security > Third-party apps > Samvise > Remove access

Account Deletion

Deleting Your Account

Permanently delete your account and data:

Process

  1. Go to Settings and request account deletion
  2. Review what will be deleted
  3. Confirm the deletion request

Confirmation Window

  • An unconfirmed deletion request expires after 24 hours
  • You can cancel the request any time before confirming
  • Once confirmed, deletion is permanent

What Gets Deleted

  • All tasks and schedules
  • All settings and preferences
  • Calendar integration
  • Account data

What Doesn't Get Deleted

  • Your own Google Calendar events (they remain in Google)
  • Data you exported and downloaded

Phishing Awareness

Legitimate Samvise Communications

  • Email from @samvise.io addresses only
  • We never ask for your password via email
  • Links go to samvise.io — check the URL carefully

If You Receive a Suspicious Email

Reporting Security Issues

If you discover a security issue:

  • Email: contact@samvise.io
  • Include a detailed description and steps to reproduce
  • We'll acknowledge and work with you to verify and fix the issue

Your Data Rights

  • Right to access your data
  • Right to data portability — export everything anytime
  • Right to deletion
  • Data minimization — we only store what the product needs

Next Steps