Privacy Policy

We practice radical data minimization. PeivNote collects only the essential technical information required to deliver your messages securely. This includes encrypted message content (which we cannot decrypt), temporary delivery tokens, and basic connection metadata such as IP addresses for routing purposes. We do not collect personal information, email addresses, phone numbers, or any identifying data unless you voluntarily provide it when contacting our support team. Our zero-knowledge architecture ensures that message content is encrypted on your device before transmission, making it technically impossible for us to access your communications.

The limited data we collect is used exclusively for service delivery and security purposes. Encrypted messages are temporarily stored only until they are delivered and read, after which they are permanently deleted. Connection metadata is used for routing, preventing abuse, and maintaining service security. We never use your data for advertising, marketing, or any commercial purposes beyond providing the core messaging service. We do not analyze, scan, or process message content for any purpose, as our zero-knowledge system makes this technically impossible.

All message data is stored using military-grade AES-256 encryption on secure servers located in privacy-friendly jurisdictions. Messages are automatically and permanently deleted immediately after being read, with no backups or copies retained. Connection logs are kept for a maximum of 24 hours for security monitoring purposes, then automatically purged. We employ advanced security measures including encrypted storage, secure access controls, and regular security audits to protect any temporarily stored data. Our infrastructure is designed with privacy by design principles, ensuring minimal data retention and maximum security.

As a user of PeivNote, you have complete control over your communications. Since we practice data minimization and automatic deletion, most traditional data rights are built into our service by design. You have the right to know what data we collect (outlined in this policy), the right to have your messages deleted (which happens automatically), and the right to contact us with privacy concerns. For any support communications, you have the right to request deletion of those records. We respect your privacy rights under GDPR, CCPA, and other applicable privacy laws, even though our minimal data collection often exceeds these requirements.

PeivNote is built to minimize third-party dependencies to protect your privacy. We use select, privacy-focused service providers for essential infrastructure such as secure hosting and DDoS protection, all of whom are contractually bound to maintain strict data protection standards. We do not integrate with social media platforms, advertising networks, or analytics services that could compromise your privacy. Any third-party services we use are carefully vetted for their privacy practices and are required to meet our high standards for data protection. We never share user data with third parties for marketing or commercial purposes.

Security is fundamental to our service design. We implement multiple layers of protection including end-to-end encryption, secure transmission protocols (TLS 1.3), encrypted storage, and robust access controls. Our security team continuously monitors for threats and vulnerabilities, conducting regular security audits and penetration testing. We follow industry best practices for secure coding, infrastructure hardening, and incident response. In the unlikely event of a security incident, we have procedures in place for immediate response and user notification, though our zero-knowledge architecture means that even in a worst-case scenario, your message content would remain protected by encryption.

PeivNote is designed as a general-purpose secure messaging service and is not specifically directed at children under 13. We do not knowingly collect personal information from children under 13 years of age. If we become aware that we have inadvertently collected personal information from a child under 13, we will take immediate steps to delete such information. Parents and guardians who believe their child has provided personal information to PeivNote should contact us immediately. We encourage parents to monitor their children's internet usage and to help enforce our Privacy Policy by instructing their children never to provide personal information through our service without permission.

We may update this Privacy Policy periodically to reflect changes in our practices, technology, or legal requirements. Any significant changes will be communicated through our website and, where possible, through direct notification to users. We will always maintain our core commitment to privacy and data minimization, and any changes will be designed to enhance, not diminish, your privacy protections. The date of the last update is clearly displayed at the top of this policy. We encourage you to review this policy periodically to stay informed about how we protect your privacy. If you have any questions or concerns about changes to this policy, please contact us using the information provided below.