Privacy and security are important in all apps, so all data stored in Convex is encrypted at rest straight out of the gate. However, your user-defined Convex functions have access to the decrypted data by default, to facilitate the fastest possible developer experience. In many cases, that's fine, but when dealing with sensitive data you need to make sure it's encrypted end-to-end, i.e. that the unencrypted data cannot be accessed by anything or anyone, aside from the authorized client(s). With a little help from client-side encryption tools, Convex apps can easily implement end-to-end data encryption, so you and your users can sleep soundly knowing your data can never fall into the wrong hands.