High security and your account

hivi is built so everyday use—web forms, documents, files, and chat—runs on a defense-in-depth model: multiple layers work together, and you keep explicit control where it matters most.

The authoritative legal and data-handling text remains the Privacy Policy and Terms of Service on hivi.ca. This article summarizes how the product is designed, in plain language.

1. Sign-in and account protection

• Access to your data in the web app and in the hivi autofill Chrome extension uses the same account identity as hivi.ca: you authenticate with your credentials over HTTPS.
• When your account supports two-factor authentication (2FA), you complete that step for the website and for signing into the extension, so 2FA plus your password protect access to profile-driven suggestions.
• API access for personal data is authenticated; only signed-in, authorized requests can read your saved profile or autofill results.

Strong side: one security model for both the browser app and the extension, instead of a separate shadow account.

2. Data in transit

Traffic between your browser and hivi runs over TLS (HTTPS) in normal production use. That protects cookies, tokens, and request bodies from trivial network eavesdropping on the path between your device and hivi’s servers.

3. Encryption at rest (database)

Data persisted in hivi’s databases is protected using AES-256-GCM at rest: authenticated encryption so stored records are protected on disk. Cryptographic keys are held only in the secure server configuration for the environment, separate from documentation and client apps.

Strong side: at-rest protection is applied consistently across the database, rather than ad hoc encoding in scattered places. Layered protection still includes strong sign-in habits, 2FA when you enable it, and standard production hardening on servers and access control.

4. Chrome extension: least surprise, least scope

• Autofill is off by default for every website. It only runs on an origin after you enable it in the extension popup, which limits accidental exposure of field context to servers.
• The extension runs on regular web pages where you use hivi; internal browser pages such as chrome:// stay outside the autofill surface.
• The published manifest uses a small, explicit permission set (for example storage, active tab, scripting) appropriate to its job; install only from the official Chrome Web Store listing linked from hivi so you get the genuine package.

Field metadata used for suggestions is sent only to provide the feature you triggered (suggestions, bulk fill, optional AI assist, or an import you explicitly start).

5. PDF and file workflows

• Fill PDF analyzes an uploaded PDF in memory to detect form fields and map them to your profile; that step is designed so you keep the original PDF locally and import FDF/XFDF in your desktop reader without leaving a separate persisted server copy of your file from the analyze step.
• Files and grab data flows combine vision/LLM extraction with user confirmation before snapshots are saved on the file record where the product provides that pattern—so automation is paired with a human gate.

6. Payments and billing data

Payment card handling follows industry practice: sensitive card data is processed by Stripe according to their documentation; hivi’s own database holds only what day-to-day operation requires alongside Stripe. Details are spelled out in the Privacy Policy.

7. Your part of staying secure

Security works best as a partnership. We recommend:

• Use a unique, strong password and 2FA if offered.
• Install the extension only from the official store listing.
• On shared devices, sign out of the app and the extension when finished: Sign out and shared devices.
• Stay alert to phishing (fake login pages). Sign in only on hivi.ca or inside the official extension, and use the support contact on the Chrome Web Store listing for account help.

Related

• Your data and privacy
• How the extension talks to hivi
• Banking and high-stakes forms