Your data never leaves your computer

We don't have formal security protocols because the whole system runs locally and never sends anything to a server. We cannot view or store any of your personal data or artwork. That also means we don't have to worry about data breaches or anything like that.

Some of our core principles:

1. We do not collect any data

2. The system runs locally

3. We do not train AI on you designs (see #1)

4. We have never had any data breaches (because of #1)

5. User sign-on is not required (see #2)

6. Multi-factor authentication is not required (see #2)

7. Cloud services are not used (see #2)

More tech details

Overlord is a system that utilizes a desktop app, Adobe extension and Figma plugin. 

The desktop app is EV signed for Windows with SHA-256 and signed and notarized for macOS.

The in-app plugins run within the creative apps and are sandboxed by their own security. 

The plugins runs behind the scenes and sends a JSON representation of the selected layers to the other app though socket communication. Data transfer is local and no user or design info ever leaves the machine.

When the app is opened, it pings the authentication server, but after the initial unlock, it may be run offline. It is also possible to authenticate offline with a mobile device.