Privacy policy for Secret Notes

Responsible person: Andreas Grauf  |  Contact: agrauf67@gmail.com
Privacy policy: Privacy Policy Secret Notes

1. Introduction

This privacy policy provides information about the nature, scope and purpose of the processing of personal data when using the app Secret Notes. It applies to both the Android and the iOS version of the app.

2. Which permissions are used

Depending on the platform and the features you use, the app may request the following permissions:

All permissions are optional; the corresponding features simply remain unavailable if a permission is not granted.

3. Purpose of using the microphone

The microphone is used exclusively to create notes through voice recordings that are actively initiated by the user. No audio is recorded without explicit action by the user.

4. Biometric unlock

The optional app lock can be opened with biometrics. Biometric verification is performed entirely by the operating system (Android Biometric, Apple Face ID / Touch ID). The app only receives the result of the verification; it never has access to biometric data, and biometric data never leaves the device.

5. Device-to-device sync (local network)

The optional device sync establishes a direct, encrypted connection between your own devices on the local network. Data is transferred exclusively between your devices; no internet server is involved and no data leaves your network.

6. Reminders and notifications

Note reminders are scheduled locally on the device. No reminder data is transmitted anywhere.

7. Processed data

Notes, checklists, spreadsheets, attachments and audio/video recordings created by the user. All content is stored locally on the device and encrypted at rest.

8. Storage and transmission

- Standard: All content is stored locally on the device only.

- Optional: You can configure cloud backup and multi-device sync against a server of your own choice (e.g. your own Nextcloud or any WebDAV server). Transfers use encrypted connections (HTTPS), backups are additionally encrypted with a password you choose, and your server credentials are stored in the device's secure keychain/keystore. The developer does not operate any server and has no access to your data at any time.

9. In-app purchases

The optional Pro upgrade is processed by Google Play (Android) or the Apple App Store (iOS). Payment is handled entirely by these platforms in accordance with their own privacy policies; the app itself does not receive or store any payment data.

10. Legal basis

Processing is carried out on the basis of consent (Art. 6(1)(a) GDPR) or to fulfil user services requested by the user.

11. Disclosure to third parties

No data is passed on to third parties. The app contains no analytics, no tracking and no advertising.

12. Storage period

Notes are stored for as long as the user leaves them in the app. Delete functions are available in the app.

13. Security

Appropriate technical and organisational measures are used to prevent unauthorised access: note content is encrypted at rest, the app can be locked with a PIN and/or biometrics, and cloud backups are password-encrypted.

14. Rights of data subjects

Users have the right to information, correction, deletion, restriction of processing, data portability and revocation of consent. Please direct any enquiries to agrauf67@gmail.com.

15. Revocation and uninstallation

Granted permissions can be revoked at any time in the device's app settings. Uninstalling the app will remove locally stored data from the device. Data on a cloud server configured by you remains under your control on that server.

16. Changes to the privacy policy

Changes will be published here: Privacy Policy Secret Notes.