Data Privacy

HIVE Protocol implements comprehensive data privacy measures to protect user information.

Encryption

Encryption at Rest

Data Type	Encryption Method	Key Management
User data	AES-256-GCM	Supabase managed
Messages	AES-256-GCM	Per-project key
API keys	AES-256-GCM	User-specific key

Input Sanitization

function sanitizeInput(input: string): string {
  const map: Record<string, string> = {
    '&': '&amp;', '<': '&lt;', '>': '&gt;',
    '"': '&quot;', "'": '&#x27;', '/': '&#x2F;',
  };
  return input.replace(/[&<>"'/]/g, (char) => map[char]);
}

Data Retention

Data Type	Retention Period	Deletion Method
Messages	User controlled	Cascade on swarm delete
Activity logs	90 days	Automatic purge
Error logs	30 days	Automatic purge
Deleted accounts	30 days grace	Hard delete after

AI Data Handling

Data Type	Sent to AI	Purpose
Message content	Yes	Generate responses
User PII	No	Never sent
API keys	No	Server-side only

[Authentication](/docs/security/sec-authentication): Login and session management
[Authorization](/docs/security/authorization): RLS policies and access control
[Best Practices](/docs/security/best-practices): Security recommendations

Data Privacy

Data Privacy

Encryption

Encryption at Rest

Input Sanitization

Data Retention

AI Data Handling

Related Documentation

Cookie Preferences