Your files, notes, and creative work deserve bank-level protection. Eden encrypts everything you store — whether it's sitting on our servers or traveling between your device and the cloud.
The Short Version
At rest: All your files are encrypted with AES-256, the same standard used by banks, government agencies, and Fortune 500 companies.
In transit: When data moves between your device and Eden's servers, TLS/SSL encryption creates a secure tunnel that prevents interception.
Bottom line: Your content is protected at every stage.
Encryption at Rest
When your files are stored on Eden's servers, they're encrypted using AES-256 (Advanced Encryption Standard with 256-bit keys). This is the gold standard for data protection.
What this means in practice:
Even if someone gained physical access to our storage systems, they couldn't read your files
Your videos, PDFs, notes, and all other content are scrambled into unreadable data
Only Eden's systems can decrypt your content when you need to access it
Eden uses Railway S3 for file storage, which provides enterprise-grade encryption infrastructure.
Encryption in Transit
Whenever data travels between your device and Eden — uploading a video, loading a document, or syncing changes — it's protected by TLS/SSL encryption (Transport Layer Security).
This means:
No one can intercept your data as it travels over the internet
Your content is protected on any network, including public Wi-Fi
All connections to Eden are encrypted by default — you don't need to do anything
You can verify this yourself: look for the padlock icon in your browser's address bar when using Eden.
What Gets Encrypted
Content Type | Encrypted at Rest | Encrypted in Transit |
|---|---|---|
Uploaded files (videos, PDFs, images, audio) | ✅ Yes | ✅ Yes |
Notes and documents | ✅ Yes | ✅ Yes |
Transcripts | ✅ Yes | ✅ Yes |
AI chat conversations | ✅ Yes | ✅ Yes |
Account information | ✅ Yes | ✅ Yes |
Search indexes | ✅ Yes | ✅ Yes |
Third-Party AI Processing
When you use Eden's AI features (chat, transcription, smart search), your content may be processed by our AI providers: OpenAI, Anthropic, Google AI, xAI, and Deepseek.
Data sent to these providers is:
Encrypted in transit using TLS
Processed according to their security standards
Not used to train their AI models (see AI & Data Training Policies for details)
Infrastructure Security
Eden's infrastructure is hosted on Railway, which provides:
SOC 2 Type II compliant data centers
Physical security controls at all facilities
Regular security audits and monitoring
Automatic security updates
What You Can Do
While Eden handles encryption automatically, here are ways to add extra protection:
Use a strong email account: Since Eden uses email-based authentication, your Eden account is only as secure as your email account. Enable two-factor authentication on your email.
Be careful with sharing: When you share files or folders via public links, anyone with that link can access the content. Use sharing permissions thoughtfully.
Review team access: If you're on a team plan, periodically review who has access to your workspace.
Common Questions
Is my data encrypted even on the free plan?
Yes. All Eden users get the same encryption protection regardless of plan level.
Can Eden employees see my files?
By default, no. We include an option in Settings that allows support to access your account to help resolve issues — but only when you explicitly enable it. Without that setting turned on, even we can't access your content.
What happens if there's a security breach?
Eden has incident response procedures in place. In the unlikely event of a breach affecting your data, we would notify you promptly as required by law (within 72 hours for GDPR).
Is Eden SOC 2 certified?
SOC 2 Type II certification is currently in progress. We follow SOC 2 security practices and will update this page when certification is complete.
