Transparency

Infrastructure & Providers

A truthful, current map of where DRIVUNO runs. Every provider listed here sees encrypted blobs or operational metadata only — never your plaintext content or keys.

How to read this page

Because content is encrypted before it leaves your device, providers in the data path cannot read it. We still list them, because supply-chain transparency matters even when the cryptography neutralizes them.

Today's stack

Edge runtime — Cloudflare Workers
Globally distributed, runs server-side rendering and serverless APIs. Sees signed requests and ciphertext. Region: Anycast (closest PoP).
Database — Lovable Cloud (managed Postgres)
Stores account records, sealed key envelopes, ciphertext references, and audit logs. Row-Level Security on every sensitive table. Region: EU (primary).
Object storage — Lovable Cloud Storage
Holds encrypted file blobs. Provider-side encryption-at-rest is enabled as defense in depth, but the blobs are already client-side encrypted before upload.
Email — Resend
Transactional email delivery (verifications, share notifications, recovery). Sees email addresses and template content; never sees user files.
SMS — Twilio
Optional second-channel recovery and 2FA codes. Sees phone numbers and the SMS body.
Payments — Stripe (+ regional fallbacks)
Card / SEPA / Apple Pay. Mollie, Adyen, Komoju, GMO available for regional sovereignty. Sees billing data only.

What each provider can see

  • Compute / edge: request URLs, request bodies (which are ciphertext for file operations), authentication headers.
  • Database: account records, sealed envelopes, ciphertext references, audit logs. No keys, no plaintext.
  • Object storage: encrypted blobs and their sizes. Nothing else.
  • Email / SMS: the addresses or phone numbers we send to, plus the message body we generate (never user files).
  • Payments: name, billing address, card metadata. Never linked to file activity.

Region strategy

EU primary
Database and object storage primary region in the EU. Default for all new accounts.
Failover ready
Sovereignty playbooks switch reads to a backup provider within minutes. See the sovereignty page.
Japan + APAC (planned)
Regional residency for APAC accounts is on the roadmap. Tracked publicly on the security roadmap.

Becoming provider-agnostic

Our storage layer uses a thin adapter pattern (Lovable Cloud today, S3-compatible adapters available for R2, B2, and self-hosted MinIO). Migrating between providers does not change the cryptography or expose user content, because providers only ever held ciphertext.

See also: subprocessors list, metadata policy, sovereignty & resilience.

Encrypted on your device · upload in 1 click
Upload