Skip to main content

Overview

This section covers common security questions around the application.

Data on your devices

Nodehex and all of our modules are designed to be a self-contained applications, as such, they:

  • Only store data on devices or locations selected by the user(s) or organisation.
  • Have no network functionality during operation other than authentication.
  • Operate entirely in the browser or desktop application.

This means that your data or the data you are working with remains yours. We do not have access to it at any step of the way, by design.

You can verify this while running any of our modules by entering devtools in your browser (F12) and checking the network tab while the modules are running

Local storage and how it works

While using our applications that function in the browser, all of your data is stored locally, on your machine via the User Data areas found in your browser.

An example of how this structure looks for chromium based browsers:

User Data
├─ Default
│   ├─ Local Storage
│   │   └─ leveldb
│   ├─ IndexedDB
│   ├─ Network
│   └─ Cookies
├─ Profile 1
└─ Profile 2

We use localStorage and IndexedDB to store all of the data in the modules currently. Below are links to access each of these locations to verify this for Chromium based browsers.

BrowserStorage typeLocal path
ChromeUser Data%LOCALAPPDATA%\Google\Chrome\User Data\
ChromeLocalStorage%LOCALAPPDATA%\Google\Chrome\User Data\Default\Local Storage\leveldb\
ChromeIndexedDB%LOCALAPPDATA%\Google\Chrome\User Data\Default\IndexedDB\
EdgeUser Data%LOCALAPPDATA%\Microsoft\Edge\User Data\
EdgeLocalStorage%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Local Storage\leveldb\
EdgeIndexedDB%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\IndexedDB\

You can use any of these paths to check your local user data for your browser, simply copy one of the paths below to check:

Chrome

User Data

%LOCALAPPDATA%\Google\Chrome\User Data\

LocalStorage

%LOCALAPPDATA%\Google\Chrome\User Data\Default\Local Storage\leveldb\

IndexedDB

%LOCALAPPDATA%\Google\Chrome\User Data\Default\IndexedDB\

Edge

User Data

%LOCALAPPDATA%\Microsoft\Edge\User Data\

LocalStorage

%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\Local Storage\leveldb\

IndexedDB

%LOCALAPPDATA%\Microsoft\Edge\User Data\Default\IndexedDB\

Saving data

DATA LOSS

Ensure you back your data up using our export options for our browser based tools frequently to ensure that none of your data is lost.

We cannot help with any recovery of data as we never have access to your local machine or data

Due to the nature of our applications, particularly our browser based applications, it is critical that you save data often, as clearing your browsers data or reformatting your device will delete all data locally.

Data transfer

Off-device data transfer

Currently, Nodehex transfers no data anywhere out of the application. All data produced, including confiuration files, app and exported data remains on the user(s) or organisations device or specified location.

In future the application will trasnfer telemetry data off device, but only once the application leaves beta testing.

Telemetry data definition

Telemetry is data that is created as a result of the automatic processes ran by the system and remotely collected.

This data covers the following elements created by our application

  • Logging
  • Metrics
  • Events
  • Traces

These types of data are necessary to provide on-going maintainance, support and analysis for our applications.

You can read more about telemetry here

Incoming data transfer

The application does not transfer any data to itself other than maintenance or self-update data. No advertising, auxillary applications or unsolicited data will ever be transfered.

Application maintainance

The application (depending on requirements/version) may self-update.

Web application

The web application is currently hosted on Azure servers in Sweden. During upgrades or maintainance the application will receive updates and data will be transfered to the application, but these updates will be communicated with clear dates and change logs.

Desktop application

The desktop application is delivered as a self-contained application and as such, will only make authentication calls, but will (currently) receive no updates.

Further information

For any further questions or queries, please reach out to our [security team](mailto: security@nodehex.com).