Zeichnet oder erfasst Dijin mein Audio auf?

Nein. Dijin ist eine Gedächtnisschicht, kein Aufnahmegerät — es nimmt niemals Audio auf oder transkribiert es. Es empfängt nur das Gedächtnis, das Sie speichern möchten, und synchronisiert es über TLS 1.3 mit Ihrem Konto.

Sind meine Daten verschlüsselt?

Bei der Übertragung ja — TLS 1.3 für jede Synchronisierung. Bei der Speicherung noch nicht: Ihre Daten werden derzeit als Klartext gespeichert, und die Verschlüsselung bei der Speicherung ist in Vorbereitung. Wir behaupten 'im Ruhezustand verschlüsselt' erst, wenn es verfügbar ist.

Kann ich alle meine Daten löschen?

Ja. Die DSGVO-Datenlöschung per Klick entfernt alle Ihre Daten innerhalb von 30 Tagen von unseren Servern.

Welche Daten erhebt Dijin?

Das von Ihnen gespeicherte Gedächtnis (bei Anmeldung synchronisiert), Kontoinformationen und Nutzungsmetriken. Ihr Gedächtnis ist eigentümersigniert und portabel; die Verschlüsselung bei der Speicherung ist in Vorbereitung.

Trust center

Memory you can prove.

Dijin states its privacy plainly: what's protected today, and what's still in preparation. No weasel words. Your memory is owner-signed and portable, and every answer either comes with its evidence or doesn't come at all.

Cloud Intelligence: your consent boundary

One switch decides whether Dijin extracts memory from what you save. With it off, recall stays empty. With it on, extraction happens in flight and the plaintext is discarded once the job finishes.

Cloud Intelligence OFF

Nothing leaves the device. Cloud Intelligence is the consent boundary, turning it ON sends the segments you choose to the cloud worker for extraction.

Cloud Intelligence ON

Cloud-processed: chosen segments extracted in worker memory, then discarded. Derived claims sync to your account; owner-signed DMF is the portable source of truth (the encrypted at-rest vault is in preparation).

Two lanes, never mixed

How a memory reaches Dijin decides what we can see, and we never blur the two.

Owner-Attested

Memory you save directly is owner-signed (DMF, Ed25519). You attest to it, and Dijin stores and recalls it. The owner-signed vault that makes this end-to-end is still in preparation.

Connector-Attested

Memory from a connected app (Teams, GitHub, Linear…) arrives through that app's own pipeline. We disclose every sub-processor along that path, and we never pretend a vendor didn't see it.

Live today

Each maps to shipped, source-verified code.

security.statusLive

Encrypted in transit

Every sync runs over TLS 1.3. Nothing crosses the network in the clear.

security.statusLive

Owner-signed, verifiable offline

Your memory is a DMF archive signed with your key (Ed25519). Any reader, whether that's Dijin or a third party, can verify it without trusting our servers.

security.statusLive

Tamper-evident access log

Every claim and access is hash-chained and append-only. The chain is independently verifiable from any device.

security.statusLive

Evidence, or "I don't know"

Every answer carries its source, valid time, and trust tier. When Dijin can't ground a claim, it refuses instead of guessing.

In preparation

We won't claim these until they ship. Today, stored data is plaintext at rest.

security.statusInPrep

Encryption at rest

At-rest encryption of your synced memory is on the roadmap. Today we protect it in transit (TLS) only.

security.statusInPrep

Owner-signed vault

A vault that binds your memory under a key derived on your own devices is in preparation. It makes the full custody chain provable offline.

security.statusInPrep

Device-held keys

Keys that only ever live on your devices (so we genuinely can't read your content) arrive with the vault. We don't claim "your keys" until then.

How does it compare?

Six privacy properties measured against four widely-used products and Dijin. Every cell is verifiable; no marketing adjectives.

How does it compare?	WhatsAppEncrypted messaging	iCloud (default)Default cloud posture	iCloud (Advanced Data Protection)Opt-in user keys	SignalEncrypted messaging	DijinMemory Layer
End-to-end encrypted at rest by defaultStored content is unreadable by the provider, without any user opt-in step.	PartialBackups historically separate posture.	NoApple holds the keys for several data classes.	YesUser opt-in.	YesDefault posture for messages.	NoIn preparation, at-rest encryption and the owner-signed vault are on the roadmap (TLS in transit today).
You hold the keysThe decryption material derives from a phrase only your devices ever see.	Partial	No	Yes	Yes	PartialPartial, your recovery phrase derives an owner key held on your device today; binding it to your synced cloud memory (the owner-signed vault) is in preparation.
Open, portable export formatYou can take your data out and verify it offline with a publicly documented standard.	No	Partial	Partial	Partial	YesDMF, RFC-tracked, signed, conformance-vector tested.
Server-side ML on metadataDoes the provider run machine-learning models over your metadata for ranking or recommendations?	Yes	Yes	Yes	Yes	NoNo metadata is fed to any third-party ML model for training.
Independently verifiable chainA regulator, auditor, or you can re-derive the integrity of stored claims without trusting the runtime.	No	No	No	Partial	YesHash-chained audit log; `dijin verify` re-runs the chain offline.
AI integrations preserve your evidence-bound memory contractWhen you connect Dijin (or your data) to an external AI, the encryption guarantees survive the handshake.	Not applicable	Not applicable	Not applicable	Not applicable	PartialMCP scopes are read-only by default; every grant is auditable; Lock B signed footer never strips.

Verified properties as of 2026-05. Updated as vendor postures change.

Don't trust us. Verify.

Every claim is hash-chained. The chain is independently verifiable from any device.

Paste a signed DMF archive and check its Ed25519 signature in your browser. The Memory Kernel boundary (cite-or-refuse) is identical on Web, Tauri, iOS, and Android.

Verify a signature Read the DMF format

Eight scopes, least privilege by default

AI clients request only what they need. Two scopes carry extra gates.

memory.summary

Read high-level summaries only.

memory.decisions

Read confirmed decisions and their rationale.

memory.entities

Read people, projects, and things in your memory graph.

memory.evidence

Read the evidence pack behind an answer.

memory.conflicts

Read where claims disagree or were superseded.

memory.audit

Read the tamper-evident access log.

memory.transcript.read.raw 🔒

The raw source text. Highest trust, and device-confirmed before it's released.

memory.write 🔒

Propose memory back. Gated; never granted by default.

Subprocessors

External services we use to operate Dijin, and what they see. Add/remove changes are reflected here and announced via DPA notification when material.

Supabase (Stockholm)

Authenticated kg.* rows (claims, entities, evidence, audit_logs) under per-user RLS. Operates the Postgres + Edge Functions substrate.

Cloudflare R2

Owner-signed encrypted DMF archives (vault canonical) + audit snapshots. Object content is ciphertext; bucket metadata is operational.

Vercel

Web app hosting + serverless function execution. Request logs (URL, method, status, latency) for operability; no request body content is retained.

Google Gemini (embeddings)

Query text and derived claim text, sent to produce vector embeddings for recall ranking. Not raw transcript plaintext.

Anthropic Claude (extraction + Memory Kernel composer)

Two Cloud Intelligence ON paths: (1) extraction — raw segment plaintext ephemerally during one extraction job, to derive entities and claims (held only for the job, discarded after); (2) answer-time — an EvidencePack (already-derived claims + their citations) plus the user's query text, to compose grounded answers under the composer-only policy (Memory Kernel S3); the LLM never authors a fact, only cites the pack.

Paddle (web billing)

Web subscription transactions (Pro annual, Plus annual). Acts as Merchant of Record; sees billing identity + card details (Dijin does not). Plus on iOS/iPadOS/macOS is billed by Apple App Store, not Paddle.

Cloudflare Turnstile

Sign-up / sign-in challenge tokens. Bot-mitigation challenge result only; no Dijin content crosses.

What a legal request can reach

We tell you the truth about today, not the marketing of tomorrow.

Today (plaintext at rest)

Because at-rest encryption isn't shipped yet, a valid legal order could compel the memory you've synced, your account records, and access logs. We don't pretend otherwise.

With the vault (in preparation)

Once the owner-signed vault ships, your content becomes unreadable to us. A request could reach only ciphertext, timestamps, and account records. We'll update this page the day that's true, not before.

Security Contact

We take security seriously. If you have a concern about the security of our product, we welcome your input:

[email protected]