Professional-grade security
How pencild protects your client data with encryption and access control.
Encryption
How pencild protects your sensitive information.
-
Yes! pencild uses strong encryption to protect your sensitive information.
Encrypted fields include:
- Email content (subject, body, snippets)
- Phone numbers
- Physical addresses
- Personal notes
- Financial information (costs, deposits)
- Instagram message content
- OAuth tokens (email, Instagram connections)
How encryption works:
- Each user has their own unique encryption key
- Your encryption key is itself encrypted with a master key
- Data is encrypted before being stored in the database
- Only your account can decrypt your data
What this means for you:
- Even if our database were compromised, your data remains unreadable
- Our staff cannot read your personal client information
- Your data is protected at rest and in transit
-
Yes! Even though your emails and data are encrypted, you can still search through them.
How encrypted search works:
pencild uses a technique called HMAC-SHA256 tokenisation. This creates searchable "tokens" from your content without exposing the actual data.
You can search by:
- Email subject lines
- Sender names and addresses
- Content within email bodies
- Client names and contact info
Your data stays secure while remaining searchable – you get the best of both worlds.
Data Access
Who can see your data and how access is controlled.
-
Your personal data: Only you can see and access your personal account data.
If you're in a studio:
- Studio owners can see studio-level data and data assigned to the studio
- Artists can see data specifically assigned to them
- Your personal data (personal email, personal clients not assigned to studio) remains private
Data isolation:
- Every database query is scoped to your user account
- Cross-user data access is technically impossible
- Studio data is isolated from other studios
-
Yes! OAuth tokens for your connected services (email, Instagram) are heavily protected.
How tokens are stored:
- Tokens are encrypted with your personal encryption key
- Encrypted tokens are stored in the database
- Never stored in plain text or logs
Token refresh:
- Instagram tokens expire after 60 days
- pencild automatically refreshes tokens 10 days before expiration
- You don't need to reconnect manually
If you disconnect an account:
- Tokens are immediately invalidated
- Encrypted token data is removed
- The external service no longer has a valid connection
Deletion & Export
How to delete your data and export everything you own.
-
Soft delete (recoverable):
When you delete records (clients, projects, etc.):
- The data is marked as "deleted" but not removed
- It's hidden from all normal views
- Data is retained for 30 days
- During this period, you can contact support to recover it
- After 30 days, permanent deletion occurs automatically
Permanent deletion:
- Happens automatically 30 days after soft delete
- Also occurs 30 days after account cancellation
- Once permanently deleted, data cannot be recovered
Why soft delete:
- Protects against accidental deletion
- Allows recovery if you change your mind
- Maintains data integrity for related records
-
Yes. You can export your data at any time.
This is fundamental to pencild's philosophy:
Your clients, your records, your files. They're yours. You should always be able to take them with you.
This is part of what makes pencild different from studio-controlled software – your data is portable, and you're never locked in.