Security + Privacy

How CrossClips Handles Encryption, Recovery, and Privacy

CrossClips is built around encrypted clipboard sync and local unlock. This page summarizes the product-level security and privacy model for the current implementation and pre-launch beta waitlist.

Encryption model (high level)

Clip payload text is encrypted on-device before sync. Decryption happens locally after the user unlocks their data, which means CrossClips does not rely on server-side plaintext access to make clipboard history usable.

  • On-device encryption before sync
  • Local decrypt after unlock
  • Encrypted payload handling in sync workflows

Recovery-key workflow

Password resets are paired with a recovery-key workflow so users can recover access to encrypted data without requiring a plaintext recovery path. The app includes recovery key copy/export flows and re-wrap logic after reset.

  • Recovery key generation and export during setup/upgrade flows
  • Recovery-based re-wrap after password reset
  • Fallback wipe-and-start-fresh path if recovery is not available

Search and AI-style retrieval

CrossClips emphasizes local search ranking and heuristic signals. Optional on-device embeddings can be used when local model assets are available, but cloud AI services are not required for core search workflows.

  • Local lexical ranking and heuristic search signals
  • Optional on-device embeddings
  • No mandatory cloud AI inference dependency

Operational and support data

Like most apps, CrossClips may process account, billing, and support information to operate the service. Privacy and policy pages describe those workflows and consent-based analytics behavior.

For policy requests or security questions, contact hello@crossclips.app or use the public contact form.

Join the waitlistContact CrossClips

Privacy choices

We use essential cookies for site functionality and optionally use Firebase Analytics (and Mixpanel during migration) if you accept. Read more in our Privacy Policy.