Privacy
Short version: your notes are encrypted on your device, we don't run trackers, and you can make your notes unreadable even to us.
Your notes
Notes are encrypted with AES-256-GCM in your browser before they are stored. If you never sign in, they never leave your device. If you sign in to sync, only ciphertext (plus timestamps needed to sync) is stored on our servers — never the text of your notes.
Default vs. zero-knowledge
By default we hold a key that lets a new device recover your notes after you sign in with your email link. If you set a passphrase, your key is derived from it and never leaves your device — we then hold only ciphertext we cannot decrypt. This is your choice.
What we collect
- Your email address, only if you choose to sync (used to send sign-in links).
- No third-party analytics or tracking scripts. A strict content-security-policy blocks foreign JavaScript.
Ads
Note Newt is free and supported by privacy-respecting, contextual ads that are fetched by our server and rendered as first-party content — no ad-tech JavaScript runs in your browser, and ads never appear inside your notes.