Your Calendar Should Not Need Our App
InfoPeak now speaks CalDAV, CardDAV and WebDAV. Here is why we implemented the standards that most encrypted providers quietly refuse to.
A calendar that only opens inside one company app is not really a calendar. It is a subscription to that company. InfoPeak now speaks CalDAV, CardDAV and WebDAV, which means your events, contacts and files sync straight into the software you already use. No plugin. No bridge. No permission needed from us.
Your iPhone has had a CalDAV option buried in its settings for over a decade. So has your Mac. So has Thunderbird, and every Android phone with a sync client installed. The standards are already there, waiting, in almost every device you own. What went missing was providers willing to answer them.
The protocols are older than the platforms
CalDAV, CardDAV and WebDAV are not new, clever or proprietary. They are open standards, published as RFCs, decades old, and understood by software that has never heard of InfoPeak. They do three unglamorous things:
- CalDAV lets any calendar app read and write your events.
- CardDAV does the same for your contacts.
- WebDAV mounts your files as a normal drive in Finder, Explorer or the iOS Files app.
The reason these options are built into your operating system is that the standards predate the platforms that later found it convenient to stop using them. An open protocol makes you portable. Portability is exactly what a platform is designed to prevent. So the standards did not die. They were simply left unanswered, and a generation of users learned to call that normal.
The objection, stated fairly
There is a serious argument against implementing these protocols in an encrypted product, and it deserves to be stated properly rather than waved away. It goes like this.
CalDAV and CardDAV were written for plaintext. iCalendar and vCard are text formats. When a calendar app asks a server for next Tuesday, it expects an answer it can read. A server that genuinely cannot read your events cannot produce that answer. So a provider that encrypts everything end to end faces a real conflict: speaking the standard appears to require weakening the exact property that makes the product worth choosing. Several encrypted providers have looked at that conflict and concluded, for years now, that the protocols simply cannot be reconciled with their encryption model.
The technical half of that argument is correct. We are not going to pretend otherwise. The conclusion drawn from it is where we part company.
What we built instead
InfoPeak encrypts your calendar, contacts and files with keys that are derived from your password. We hold the keys, but we hold them locked, and the lock opens with something we deliberately never keep: the password itself. Without it, the data sitting on our servers is noise.
When a CalDAV client connects, it sends that password over TLS, exactly as the standard specifies. The server derives your key for the length of a single request, decrypts the event in memory, answers the question the standard asked, and forgets. Nothing is written back in the clear. At rest, we still cannot read your calendar.
This is not a free lunch, and we are not going to market it as one. For the duration of a sync request, the server holds a key it can actually use. The web app remains zero knowledge. The DAV path, by design, is not. That is the honest price of speaking a protocol written before end to end encryption existed. We think the person who should decide whether that price is worth paying is you, not us.
A lock only we can open is still a lock
Refusing to implement the standard is defensible engineering. It is also very convenient. It means your data can only be useful inside the provider app, on the provider terms, at the provider pace. Protection and confinement wear the same coat, and only one of them is being advertised.
Sovereignty is not only the promise that nobody else can read your data. It is the ability to pick it up, carry it out, and use it in whatever software you prefer, including software we did not write and do not control. A vault that only we can open is still a vault, and you are still the one standing outside it. We would rather hand you the standard, tell you exactly what it costs, and let you choose, than make the choice for you and call it care.
What connects, and to what
Device sync uses the server address infopeak.io, your InfoPeak email as username, and your InfoPeak password. There is nothing else to install.
- Calendar connects over CalDAV to iOS, macOS, Thunderbird and Android clients such as DAVx5.
- Contacts connect over CardDAV to the same apps, landing directly in your native address book.
- Drive mounts over WebDAV as a normal network drive in Windows Explorer, macOS Finder and the iOS Files app.
Device sync over open standards is included on the paid plans: Personal, Family and Professional. See pricing for the full comparison.
Where this matters most
- Personal: your calendar and contacts live in the apps your phone already ships with, not in yet another icon. See Personal.
- Family: everyone keeps the phone and the apps they like, and the data still lands in one EU-owned account. See Family.
- Professional: the calendar your business runs on stays reachable from the tools your business already runs on. See Professional.
Questions people ask
Which InfoPeak plans include CalDAV and CardDAV?
Device sync over CalDAV, CardDAV and WebDAV is part of the paid plans: Personal, Family and Professional. The Free plan includes the encrypted calendar, contacts and Drive in the InfoPeak apps, without device sync.
Does CalDAV sync work on iPhone and Android?
Yes. iOS and macOS have CalDAV and CardDAV built in, under Settings and Add Account. On Android, a sync client such as DAVx5 connects InfoPeak to the calendar and contacts apps you already use. Thunderbird connects directly.
Is my calendar still encrypted if I use CalDAV?
Your data stays encrypted at rest, and the key is derived from your password, which we do not store. During a sync request the server derives that key in memory to answer the client, then discards it. The InfoPeak web app remains zero knowledge. The DAV path deliberately trades a slice of that for interoperability, and it is your choice whether to use it.
What server address do I use to set it up?
Use infopeak.io as the server, your InfoPeak email as the username, and your InfoPeak password. iOS can also discover the correct endpoints automatically from the domain alone.
Does InfoPeak support WebDAV for files?
Yes. InfoPeak Drive mounts over WebDAV as a normal drive in Windows Explorer, macOS Finder and the iOS Files app, with your files decrypted on the fly for the length of each request.
Built to be left
The strongest thing a provider can say is not that leaving is forbidden. It is that leaving is easy, and you stayed anyway. Open standards are how that sentence stops being marketing and starts being architecture. Your data. Your rules. Your apps, including the ones we had nothing to do with.
More from Vision
The Inner Circle
Sign up for occasional insights on digital sovereignty and InfoPeak updates. No noise, no spam. Just pure value.
Claim your sovereignty.
You've explored the why. Start free - encrypted mail, files, calendar and docs on EU infrastructure. No credit card. No trial. Free forever.
Start free