Standard Notes upholds the principle that privacy should be the norm on the internet. We are dedicated to ensuring your personal information remains private and under your control.
Standard Notes, operated by Standard Notes Ltd. ("the Company", "We", "Our"), is based in the United States. As such, our services are governed by the laws and regulations of the United States. We are committed to upholding the highest standards of privacy and data protection in accordance with U.S. laws.
Despite being a U.S.-based entity, we recognize the importance of global data protection standards. We align our practices with internationally recognized privacy principles and strive to offer a level of data protection that respects and adheres to global standards, including those set by the General Data Protection Regulation (GDPR) for our European users.
Our fundamental policy is to collect the least amount of user information possible, ensuring a private and secure experience. Our services are designed so that we don't have access to the contents of your encrypted notes or any other private data.
Data collection is limited to the following areas:
We are committed to ensuring your privacy across all interactions with Standard Notes, in line with our principles of minimal data collection and robust encryption.
To deliver our services efficiently, Standard Notes engages with various data subprocessors. These processors are utilized for specific functions and do not store data beyond what is necessary for their designated purposes. Notably, they do not process data related to the general day-to-day use of your account and services, which is exclusively managed by Standard Notes. Our subprocessors include:
These subprocessors are carefully chosen to ensure they align with our privacy and security standards, and we review and update our subprocessor list regularly to maintain the highest levels of data protection and privacy for our users.
At Standard Notes, we prioritize the privacy and security of our users. The limited user data we collect is disclosed only if we are legally compelled to do so by a valid and binding request from competent U.S. authorities. Our policy is to critically assess such requests to ensure they comply fully with U.S. law.
Due to our robust encryption practices, it is important to note that we cannot decrypt end-to-end encrypted content. Therefore, we are unable to provide decrypted copies of user data.
If your account has been suspended due to a breach of our terms and conditions and you wish to exercise your rights related to your personal data, you are welcome to contact our support team. We ensure that all such requests are handled in accordance with applicable U.S. data protection laws.