At OneArch, we take your data seriously. Here's how we handle it.
We use AWS Cognito for user authentication — a secure, industry-standard identity provider.
The only information retrieved from Cognito is your email address, which is used to track product usage in PostHog.
This helps us understand user activity patterns (e.g. returning users, feature usage), but we do not use email for marketing, profiling, or share it with third parties.
All your project data (requirements, ADRs, diagrams, etc.) is encrypted at rest using AWS-managed encryption.
All communication within the app is secured via TLS (HTTPS).
Your data belongs only to you.
No human — including the product creator — accesses or reviews your in-app data under any circumstance.
To enable smart assistance (e.g. requirement extraction, AI summaries), your input may be shared with OpenAI's API.
This data is sent securely and anonymized.
You are the sole owner of your data in OneArch.
The app uses your data only to provide functionality — never for training AI, selling data, or third-party profiling.
OneArch does not perform geo-blocking, and we do not restrict access based on where you are located.
Your country of origin, residence, or political environment is not relevant to your right to use the product.
We believe architectural work should be accessible regardless of borders or politics.
I’ve worked in software security for 17+ years.
OneArch was built from day one with privacy, encryption, and isolation in mind — because I’ve seen firsthand what happens when it’s not.
If you ever have concerns or questions, I’ll personally respond.
We don't sell your data. We don't peek into it. We use it only to power features you choose to use — and we protect it with the same infrastructure used by some of the most secure systems on the internet.
Have questions? Email me personally at nickolay.laptev@gmail.com — I’ll gladly answer.