Privacy Policy

Last modified: May 15th, 2022

At Privenote, privacy is a top priority, reflecting the core purpose of the site. This policy outlines the measures taken by Privenote to safeguard the privacy of its users.

1. Service description

Privenote is a free web-based service that allows users to create encrypted notes which can be shared via unique one-time-use HTTPS URLs (hereafter referred to as links). By default, these links expire after their first access via any web browser.

Since Privenote does not provide a means to transmit the link, the act of sending the link is solely the responsibility of Privenote users.

Depending on your chosen communication channel (e.g., email, fax, SMS, phone, instant messaging, social media), there may be a risk of third-party interception of your communication, potentially exposing the link and allowing access to your note.

2. Processing of notes and their contents

The link is generated in the user's browser and is never transmitted to Privenote. Therefore, the link remains solely in the hands of the sender (and potentially the recipient). If a Privenote user loses the link, there is no way to recover the note.

Since only the link ties the decryption key to the note's content, and Privenote does not possess the link, no note is ever held in a readable format on Privenote's servers. This ensures that no one, including Privenote's administrators, can read any note.

By default, when a note is accessed, it is immediately removed from Privenote, ensuring it cannot be retrieved again.

If the "Show options" feature is used and a time interval for note removal is selected, the note remains accessible until the specified time elapses, after which it is permanently deleted regardless of access frequency.

After 30 days of no access, unread notes are automatically deleted from Privenote's servers, ensuring the same level of privacy as read notes.

Privenote's sysadmin team strives to protect the site against unauthorized access, modification, or data destruction. However, even in the event of database access, encrypted note contents remain unreadable without the specific decryption key held only by the note's creator and recipient.

3. Handling of IP addresses

Privenote does not log IP addresses. They are processed solely for server communication purposes and are not stored in log files. IP addresses are promptly deleted once their communication purpose is fulfilled.

4. Pseudonymous data

Note creators may include personal data in their notes, which, while encrypted, can be decrypted and thus qualifies as pseudonymous (personal) data. Privenote does not store IP addresses, preventing identification of note creators from Privenote's database.

Decryption of note data relies solely on users (senders and recipients). Privenote does not possess the decryption key and therefore cannot access any personal data introduced by note creators.

5. Disclaimer

Privenote disclaims any responsibility for note content once a recipient accesses the Privenote link.

6. Data disclosure to third parties

Privenote does not share, sell, or use user information in any manner not outlined in this Privacy Policy.

7. Use of cookies

Privenote uses cookies (small text files stored by your browser when visiting a website) to improve site usability and for promotional purposes as outlined below:

We care about your privacy
We and our partners store and/or access information on a device (such as cookies), and process personal data(such as unique identifiers and other device data) for personalized ads and content, ad and content measurement,audience insights and product development. With your consent, we and our partners may use precise geolocation data and identification through device scanning. Privacy policy

You can change your choice at any time in our privacy center.