📋 Legal

Privacy Policy

Last updated: March 10, 2026

1. Introduction

Daily Noted ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we handle information when you use our self-destructing encrypted notes service at dailynoted.net (the "Service").

2. Our Zero-Knowledge Architecture

Daily Noted is designed with a zero-knowledge architecture. This means:

  • We cannot read your notes. All encryption and decryption happens in your browser using the Web Crypto API (AES-256-GCM). The encryption key is embedded in the URL hash fragment, which is never transmitted to our servers per the HTTP specification (RFC 3986).
  • We only store encrypted blobs. Our server receives and stores encrypted ciphertext and an initialization vector (IV). Without the encryption key — which we never receive — this data is computationally meaningless.
  • Notes are automatically destroyed. The moment an encrypted note is retrieved, it is permanently and irrecoverably deleted from our servers.

3. Information We Collect

3.1 Information You Provide

When you create a note, we receive and temporarily store:

  • The encrypted ciphertext of your message (unreadable without the key)
  • The initialization vector (IV) used for encryption
  • A timestamp of when the note was created

We do not require registration, email addresses, names, or any personal identifiers to use the Service.

3.2 Automatically Collected Information

Like most web services, our servers may automatically log:

  • IP addresses
  • Browser type and version
  • Pages visited and timestamps
  • Referring URLs

These logs are used solely for security monitoring and debugging and are retained for no more than 30 days.

4. How We Use Information

We use the limited information we collect to:

  • Provide and maintain the Service
  • Monitor for abuse and security threats
  • Improve performance and reliability

We do not sell, rent, or share any information with third parties for advertising purposes.

5. Data Retention

  • Encrypted notes are permanently deleted upon first retrieval. Unread notes may be purged after 30 days of inactivity.
  • Server logs are retained for a maximum of 30 days.

6. Cookies

Daily Noted does not use tracking cookies, analytics cookies, or advertising cookies. We may use essential technical cookies strictly necessary for the Service to function.

7. Third-Party Services

We do not integrate third-party analytics, advertising networks, or social media trackers. The Service operates independently.

8. Security

We employ industry-standard security measures including HTTPS/TLS encryption for all communications, AES-256-GCM client-side encryption, strict Content Security Policies, and regular security reviews. However, no method of electronic transmission or storage is 100% secure.

9. Children's Privacy

The Service is not intended for children under 13. We do not knowingly collect information from children under 13.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date.

11. Contact Us

If you have questions about this Privacy Policy, please reach out to us at privacy@dailynoted.net.

← Back to Home