PrivNotebySwitch-to.eu

Privacy Policy

PrivNote is built to be private by design. Here's how we handle your data.

Last updated: February 2026

Privacy at a Glance

  • All notes are end-to-end encrypted — we cannot read them
  • No accounts, no email, no personal data collected
  • Notes are automatically deleted after reading or expiry
  • No analytics, no tracking cookies, no third-party scripts
  • Open source — inspect the code yourself

Data Collection

PrivNote collects minimal data to function. We store encrypted note content, an optional password hash, expiry metadata, and burn-after-reading preferences. We do not collect email addresses, names, IP addresses, or any other personal information. No cookies are used for tracking.

Encryption

All notes are encrypted in your browser using AES-256-GCM before being sent to our server. The encryption key is embedded in the URL fragment (the part after #), which is never transmitted to our server by your browser. This means we physically cannot decrypt or read your notes.

Data Retention

Notes are deleted immediately after being read if burn-after-reading is enabled. Otherwise, notes are automatically deleted when their expiry timer runs out (between 5 minutes and 7 days). No backups or copies of deleted notes are retained.

Third-Party Services

PrivNote does not use any third-party analytics, advertising, or tracking services. The application is self-contained and does not share data with external parties.

Your Rights

Since we don't collect personal data, there is typically no personal data to access, modify, or delete. If you have questions about your data, you can contact us through the Switch-to.eu project.

Contact

PrivNote is part of the Switch-to.eu initiative, an open-source project helping users switch to privacy-respecting European digital services. For privacy-related questions, visit switch-to.eu.