Security & Privacy

How we built a retention analytics platform that literally cannot access your data.

Zero-Knowledge Architecture

"Zero-knowledge" isn't marketing speak — it's a technical architecture choice. It means we designed NectarWeb so that we have no technical capability to access your data, even if we wanted to.

Here's what that means in practice:

Your Platform
Patreon, etc.
Your Browser
Primary storage & processing
Your Google Drive
Optional encrypted backup

Notice what's missing? NectarWeb servers. Your data never touches our infrastructure.
All data lives in your browser. Google Drive sync is completely optional.

How Your Data Flows

1. Ingestion

Data is retrieved from your active platform session via the Chrome Extension's isolated content scripts. We only read data from pages you're actively viewing — no background scraping, no API tokens stored on our servers.

2. Processing

All analytics, churn predictions, and CRM sorting occur within the extension's background service worker. Zero transmission to NectarWeb infrastructure. The processing power is your browser, not our cloud.

3. Storage

Primary storage uses chrome.storage.local with browser's origin-specific security policy. This data never leaves your device unless you explicitly sync it.

4. Sync (Optional)

If you enable sync, data is encrypted locally using AES-256-GCM before being uploaded to your Google Drive. Only encrypted blobs leave your browser. Even Google cannot decrypt your data — they only store ciphertext that's meaningless without your keys, which never leave your device.

Encryption Implementation

Algorithm

AES-GCM (Advanced Encryption Standard in Galois/Counter Mode) with 256-bit keys. The same encryption standard used by governments and financial institutions.

Key Management

Keys are derived locally using the Web Crypto API. Your encryption keys never leave your machine — not to us, not to Google, not to anyone.

What This Means

Even if our company were compromised, subpoenaed, or hacked — there's nothing to take. We don't have your data. We don't have your keys. We have nothing.

Google Drive Integration

We use the most restrictive Google Drive API scope available: drive.file

This means NectarWeb can only access files and folders that NectarWeb itself creates. We are technically blind to everything else in your Drive — your photos, documents, other apps' data. All of it is invisible to us.

Google Can't Read Your Data Either

Your data is encrypted before it reaches Google's servers. Google only stores encrypted blobs — ciphertext that's computationally impossible to decrypt without your keys. Your keys exist only in your browser. Not on our servers. Not on Google's servers. Nowhere but your machine.

Verify It Yourself

You can audit NectarWeb's access to your Google account at any time:
myaccount.google.com/permissions

Regulatory Compliance

Because we never store or process your subscriber data, NectarWeb is natively compliant with major privacy regulations:

GDPR

We don't meet the definition of "Data Controller" for your fan data because we never have access to it. You maintain complete data sovereignty.

CCPA

There's no personal information for us to sell, share, or disclose because we don't collect it. California residents' data stays with those residents.

No "Phone Home" for Your Data

NectarWeb doesn't track:

  • Who your subscribers are
  • How much you earn
  • Which fans you message
  • Your top supporters
  • Your churn rate
  • Your content
  • Which features you use or how often

We don't send analytics about your analytics. No usage statistics, no feature tracking, no behavioral telemetry. The extension operates in isolation — when it needs to work, it does its job locally and goes back to sleep.

What We Do Send

License verification: The extension periodically contacts our server to verify your subscription is active. This request contains only your license key — no subscriber data, no usage information.

Anonymous error reports: When the extension encounters an error (like a platform changing their page structure), it sends an anonymous crash report containing only the error code, affected module, and extension version. These reports are cryptographically signed to prove legitimacy but contain no identifying information — we can't trace them back to you. This helps us quickly fix compatibility issues when platforms update.

Auditable by Design

Chrome extensions are distributed as ZIP files. All logic is packaged and inspectable. There's no remote code execution, no hidden endpoints, no server-side processing that you can't verify.

If you're technically inclined, you can unpack our extension and read every line of code. You'll find exactly what we describe here: local processing, local storage, encrypted sync.

We're not asking you to trust us. We're asking you to verify.

Questions?

We're happy to discuss our security architecture in detail. Reach out anytime.

Contact Us