Privacy Policy

Last updated: January 2, 2026

1. Introduction

At TheSecureNote, privacy is not just a feature—it's our foundation. This Privacy Policy explains how we handle data when you use our service.

2. Zero-Knowledge Architecture

TheSecureNote is built on a zero-knowledge architecture, which means:

  • Client-side encryption: All encryption happens in your browser before data is sent to our servers
  • No password storage: Your password never leaves your browser and is never transmitted to our servers
  • We cannot read your notes: We store only encrypted data and have no technical ability to decrypt it
  • You are in control: Only you can access your encrypted notes with your password

3. Data We Collect

Free Tier Users

  • Username: Your chosen username for accessing notes at thesecurenote.com/username
  • Encrypted notes: Your notes, encrypted with your password
  • No email or personal information required

Subdomain Tier Users

  • Subdomain name: Your chosen subdomain (e.g., yourname.thesecurenote.com)
  • Email address: For payment confirmation and service notifications
  • Payment information: Processed securely through our payment provider (we do not store credit card details)
  • Encrypted notes: Your notes, encrypted with your password

Custom Domain Tier Users

  • Domain name: Your custom domain
  • Email address: For domain setup instructions and service notifications
  • Payment information: Processed securely through our payment provider
  • DNS records: For domain verification purposes
  • Encrypted notes: Your notes, encrypted with your password

4. How We Use Your Data

  • Service delivery: To provide and maintain TheSecureNote service
  • Payment processing: To process payments for paid tiers
  • Communication: To send setup instructions and important service updates
  • Support: To respond to support requests
  • Security: To detect and prevent fraud or abuse

We do not: Sell your data, use it for advertising, or share it with third parties except as required to provide the service.

5. Data Storage and Security

  • Encryption: AES-256-GCM encryption for all notes with PBKDF2 key derivation
  • Secure storage: Data stored on Cloudflare's global network with industry-standard security
  • No plaintext storage: We never store notes in unencrypted form
  • HTTPS only: All data transmission is encrypted with TLS

6. Third-Party Services

We use the following third-party services:

  • Cloudflare: Hosting, CDN, and infrastructure (subject to Cloudflare's Privacy Policy)
  • Payment Processor: For handling payments securely (credit card data never touches our servers)

7. Cookies and Tracking

  • Essential cookies only: We use minimal cookies necessary for service functionality
  • No advertising cookies: We never use cookies for advertising purposes

Analytics

We use a privacy-focused analytics tool to understand how visitors use our website.

  • Does not use cookies
  • Does not collect personal data
  • Does not track you across websites
  • Stores data anonymously
  • Is GDPR and CCPA compliant

Data collected includes page views, referrer sources, and device type. IP addresses are not stored.

8. Data Retention

  • Notes: Stored indefinitely until you delete them or close your account
  • Account data: Retained as long as your account is active
  • Payment records: Retained as required by law for financial record-keeping

9. Your Rights

You have the right to:

  • Access your data: Request a copy of the data we store about you
  • Delete your data: Request deletion of your account and associated data
  • Data portability: Export your encrypted notes at any time
  • Object to processing: Opt out of non-essential communications

10. Data Deletion

To delete your account and all associated data, contact our support team. Please note that due to our zero-knowledge architecture, we cannot verify ownership without your password.

11. Children's Privacy

Your use of TheSecureNote is also governed by our Privacy Policy. We collect minimal data and use encryption to protect your notes. TheSecureNote is not intended for users under 13 years of age. We do not knowingly collect personal information from children under 13.

12. International Users

TheSecureNote is operated from the United States. By using our service, you consent to the transfer of your data to the United States and other countries where we operate.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify users of any material changes by updating the "Last updated" date and, for significant changes, by email to paid tier users.

14. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us through the support information provided on our website.