Privacy Policy

1. Information we process

We may process identity and contact information that you submit when you create an account or send us a message through the contact form, typically your name, email address, and message content.

When you use the app, we may process account-related information, vault data, notes, note metadata, sync history, and technical data required to operate the service.

If you enable AI features or OneDrive integration, we also process the data required to communicate with those services, such as tokens, configuration metadata, and the content you choose to send for processing.

2. How we use your information

We use data to operate the application, manage user accounts, sync data across devices, provide AI features, secure the service, and respond to support or business inquiries.

The contact form is used solely to receive and respond to your message. We do not use it to automatically subscribe you to newsletters or unrelated marketing communications.

3. Legal basis for processing

We process data primarily to perform our contract with users, based on our legitimate interests in operating and securing the product, and in some cases based on your consent, for example when you enable optional integrations.

4. Sharing data and subprocessors

We do not sell your personal data or share it with third parties for their own marketing. However, we may use subprocessors for hosting, email delivery, anti-spam verification, AI providers, or cloud-sync services.

These may include providers such as Microsoft OneDrive, OpenAI, Anthropic, Google Gemini, Perplexity, Ollama, Resend, or Cloudflare Turnstile, strictly to the extent necessary to provide the feature you choose to use.

5. Data retention

We retain personal data only for as long as necessary to provide the service, comply with legal obligations, protect our legitimate interests, or resolve support matters. The contents of your notes and vaults are retained for the lifetime of your account or until you delete them.

6. Security

We use reasonable technical and organizational safeguards, including access controls, authentication, locked vaults, encryption of sensitive information, and anti-abuse protections on the contact form.

No system is completely secure, so we recommend using strong passwords and carefully considering which content you send to external AI or cloud integrations.

7. Your rights

Depending on applicable law, you may have rights to access, correct, delete, restrict, object to, or port your personal data. If you believe data is being processed incorrectly, you can contact us and request remediation.

8. International transfers

Some services we use may process data outside your country. In those cases, we seek to rely on appropriate contractual and technical safeguards in line with applicable legal requirements.

9. Contact

If you have questions about privacy or would like to exercise your rights, please contact us using the contact form or the official contact address listed in the app or on the website.