MeinDatensatz
DE EN
Technical concept

We see no data. Literally.

All encryption operations happen in the browser. What our servers store is exclusively ciphertext — mathematically unreadable without the passphrase.

Why we cannot see it

Even if an attacker steals our entire database, they see only random-looking bytes. The key belongs solely to the end customer — derived from their passphrase, which never leaves their device.

Company

HTML tool, runs locally

local encryption
2 output files

ciphertext only

MeinDatensatz

Stores ciphertext

0 plaintext

browser decrypts

Individual

Decrypts locally

passphrase local

The passphrase never leaves the individual's device at any point.

For companies

Local HTML tool – data never leaves the device unencrypted

1

Open the HTML tool locally

The escrow tool is opened as a local HTML file in the browser — no server connection required. All cryptography runs exclusively on the company's own machine.

2

Read customer data locally

The tool reads customer data directly from a local source file (e.g. CSV). The raw data never leaves the device at any point.

3

Local encryption

A random 32-byte key is generated per record and the content encrypted using AES-256-GCM (libsodium). Each record key is in turn protected by a key derived from the company's password via Argon2id. The password is never stored.

4

Two output files are created

The tool produces two files: (1) a mailing file containing individual invitation links and access tokens for the customer email campaign, and (2) an upload file with all encrypted records ready to upload to MeinDatensatz.

5

Decoding when retrieving corrections

To retrieve customer corrections, the company reopens the HTML tool. Decryption is performed using the previously created file (key reference) together with the encrypted records downloaded from the server — entirely locally, with no server-side access to the content.

For affected individuals

Decryption happens locally in the browser

1

Invitation link by email

The individual receives a link with a single-use token. This token is not a decryption key — it merely grants access to the dataset endpoint.

2

Passphrase delivered separately

The passphrase is delivered to the individual via a separate channel (e.g. letter, SMS, or in person). It is never transmitted by email.

3

Key derivation in the browser

The browser derives the decryption key from the entered passphrase using Argon2id. This runs locally — the passphrase never leaves the device.

4

Local decryption

The encrypted record is fetched from the server and decrypted exclusively in the browser. No plaintext leaves the device — the server has no access to the decrypted content at any point.

5

Corrections are encrypted before sending

Any corrections entered are encrypted exclusively in the browser before being transmitted to the server. The server receives only the new ciphertext — never plaintext data.

Technical specification

Algorithms and parameters

Symmetric encryption XSalsa20-Poly1305 (libsodium secretbox)
Key length 256 bit (32 bytes) per record
Key derivation Argon2id · ops=2, mem=65536 KB
Token hashing HMAC-SHA256, 32-byte salt
Admin auth OTP via email, 6 digits, 10 min TTL
Transport TLS 1.2+, HSTS, Secure cookies
Server location Germany (EU)
Logging No PII in logs — only IDs and event types
Frequently asked questions

No. Without the end customer's passphrase, the dataset key cannot be decrypted. MeinDatensatz has no access to passphrases — they are never transmitted or stored.

The attacker sees only encrypted bytes. Decryption requires the passphrase, which only the affected individual holds.

The cryptographic concept is based on well-established, publicly verifiable algorithms (libsodium, Argon2id). Technical documentation is available on request.

The passphrase is set by the company and communicated to the individual via a separate channel. Since the company holds the passphrase, it can simply resend it to the individual if needed. MeinDatensatz does not know the passphrase and cannot reset or recover it.

Convinced?

Start now and try MeinDatensatz for free.

Register for free Questions? Get in touch