Your Privacy & Data Security
How We Protect Your Information
Minago is built around one principle: your most sensitive information is readable only by you — not by us, not by our team, and not by anyone with access to our systems.
What information we store
We store the details you add about your belongings and properties so you can access them from any device after signing in. This includes names, photos, categories, and other details you choose to add.
Certain information — such as addresses, financial values, insurance policy numbers, and other sensitive details — is treated with the highest level of protection.
Zero-knowledge encryption
Your sensitive information is encrypted on your device before it is ever sent to our servers. This means:
- We cannot read your sensitive data. Our servers store only encrypted, unreadable data — not the values you entered.
- We do not hold your encryption key. Your key is derived from a passphrase only you know, using a memory-hard algorithm (Argon2id). The passphrase never leaves your device.
- Even if our database were exposed, the data would be unreadable without your personal passphrase.
Your passphrase
When you first enable data protection, you create a personal passphrase. This passphrase is used to unlock your data on each new device you sign in to.
- Your passphrase is never stored or transmitted — not to us, not to any server.
- On a device you have used before, your key is stored securely in the device's protected storage (iOS Keychain / Android Keystore) so you do not need to re-enter your passphrase each time.
- On a new device, you will be asked to enter your passphrase once.
Recovery key
During setup, you have the option to generate a recovery key. This key allows you to regain access to your data if you forget your passphrase.
Important: The recovery key is shown only once and is never stored by us. If you lose both your passphrase and your recovery key, your encrypted data cannot be recovered — by you or by us. This is intentional: it is the guarantee that only you can access your information.
Your account and your data
Your data is linked to your account, not to any specific device or set of login credentials:
- You can access your data from any device by signing in and entering your passphrase
- Changing your email, password, or display name has no effect on your encrypted data
- Signing in on a new phone works the same as on your current one
What we cannot see
Our team has no access to your sensitive information. This includes:
- Exact addresses and property locations
- Purchase prices and estimated values
- Insurance policy numbers and policyholder details
- Mortgage information
- Any other financial or personal details you have entered
Access logging
Every time sensitive information is accessed in the app, a record is created in your account. This log is private to you and is used to protect your data by tracking when and how it is accessed.
Your responsibility
Your data is protected as long as your passphrase and recovery key are kept safe. We recommend:
- Choosing a strong, unique passphrase
- Saving your recovery key in a secure location (password manager, printed and stored safely)
- Using a strong password for your email account
If you believe your account has been compromised, change your password immediately.
Contact
For questions about your data or to request deletion of your account and all associated information:
- minago@urbanarmy.se