Privacy Policy

Dim Notes is operated by Ender, an individual sole proprietor based in the Cayman Islands. When this policy says "we", "us", or "our", it means Ender, the operator of Dim Notes. "Ender" is a chosen public name used consistently for this project; the operator is a single individual, not a registered company.

For privacy-related enquiries, contact us at: [email protected]

We collect only what is necessary to operate the service.

Account data

• —Your email address and display name — provided when you create an account
• —Authentication method (password, Google, or Microsoft OAuth)
• —Your unlock method preference (TOTP, email OTP, or PIN-only)
• —Your PIN, stored as a one-way hash (scrypt) — we cannot recover or read it
• —Your TOTP secret, stored encrypted at rest — we cannot read your authenticator codes during normal operation
• —Recovery codes, stored as one-way hashes — we cannot read the codes themselves

Notes and content

• —Your notes, folders, tags, and attachments — stored on our servers as ciphertext
• —Note titles, note bodies, folder names, tag names, and file attachments are end-to-end encrypted on your device before upload, using a key derived from your PIN. We cannot decrypt this content. The full encryption design is documented in the security whitepaper at /security
• —Plaintext metadata we do store includes: note IDs, folder relationships, timestamps (created, updated, last viewed), pinned/archived/trashed flags

Usage and technical data

• —Anonymous usage analytics (which features are used, how often) — via PostHog, initialized only after you accept analytics consent. Note content is never sent to PostHog
• —Error reports and crash logs — via Sentry. These may include device/browser info but not note content. Sensitive payloads are scrubbed before transmission
• —IP address — used for rate limiting and abuse prevention. IP addresses appear in server logs and are retained for up to 30 days

Payment data

• —We do not collect or store your payment card details
• —Payments are processed by Paddle, who acts as the merchant of record. Paddle has its own privacy policy
• —We receive only confirmation of whether your subscription is active, cancelled, or in a failed-payment state

• —We do not read, scan, or analyse the content of your notes — we cryptographically cannot
• —We do not sell, rent, or share your personal data with third parties for marketing purposes
• —We do not show you advertisements
• —We do not use your data to train AI models, and we do not have AI features in the product
• —We do not send you marketing emails unless you explicitly opt in
• —We do not collect government-issued ID, date of birth, physical address, or any other identity documents — by design

This last point has an important consequence: because we deliberately collect minimal identity information, we are unable to verify the identity of someone claiming to be locked out of an account. As a result, we cannot manually unlock accounts, reset PINs, or restore access to encrypted notes. This protects all of our users — it means no one can social-engineer their way into your account by contacting support. When you set up your account, you are given recovery codes for exactly this reason. Store them somewhere safe.

To operate Dim Notes, we use the following third-party services. Each has its own privacy policy.

• —Hetzner — primary server hosting (hetzner.com)
• —Cloudflare — DNS, CDN, DDoS protection, and edge caching (cloudflare.com)
• —Cloudflare R2 — file and attachment storage (cloudflare.com)
• —Neon — managed PostgreSQL database (neon.tech)
• —Paddle — payment processing and subscription management (paddle.com)
• —Resend — transactional email delivery (resend.com)
• —PostHog — anonymous product analytics, consent-gated (posthog.com)
• —Sentry — error monitoring (sentry.io)

These services are given access only to the data they need to perform their function. None of them receive your decrypted note content — they only see ciphertext or metadata.

• —Your account and all associated data is kept for as long as your account is active
• —If you delete your account, all data — notes, folders, tags, attachments, settings, and recovery codes — is permanently deleted immediately
• —Anonymous analytics data (PostHog) may be retained for up to 12 months
• —Error logs (Sentry) are automatically deleted after 90 days
• —Server access logs are retained for up to 30 days for security and abuse prevention purposes

Depending on where you live, you may have rights under GDPR, CCPA, or similar laws. Regardless of where you are, we honour the following:

• —Right to access — you can request a copy of the data we hold about you
• —Right to deletion — you can delete your account and all data at any time (see below)
• —Right to correction — contact us to correct inaccurate account information
• —Right to portability — you can export your notes at any time from within the app

To exercise any of these rights, email us at [email protected]. We will respond within 30 days.

You have the right to permanently delete your account and all associated data at any time. Deletion is immediate — we do not retain your data after an account is deleted.

What gets deleted

• —All notes, note version history, and drafts
• —All folders and tags
• —All file attachments (permanently removed from cloud storage)
• —Your unlock settings, PIN hash, TOTP secret, and recovery code hashes
• —Your subscription (cancelled immediately at Paddle)
• —Your account credentials and all session data

Verification requirement

To protect against unauthorised deletion, we require email verification before processing any deletion request. When you initiate deletion, a one-time code is sent to your account email address. You must enter that code to confirm. The code expires after 10 minutes.

How to delete your account

• —From within the app: Settings → Account → Delete account
• —From the web: dimnotes.com/delete-account

Go to account deletion page →

After deletion, a confirmation email is sent to your address. Anonymous analytics data (PostHog) and error logs (Sentry) may be retained in aggregated form for up to 90 days — this data does not identify you individually and cannot be linked back to your account.

• —We use a session cookie to keep you signed in to your account
• —We use a separate secure cookie to store your unlock session (so you do not have to re-enter your PIN on every page load within a session)
• —We use localStorage to remember your theme preference (light/dark/auto) and a small amount of UI state
• —We do not use advertising cookies or third-party tracking cookies

Our primary infrastructure is hosted in the European Union (Hetzner, Germany) and served via Cloudflare's global network. If you access Dim Notes from outside the EU, your data is transferred to and stored on EU servers. We rely on standard contractual clauses and the legitimate-interest basis for these transfers.

Dim Notes is not directed at children under the age of 13 (or the equivalent minimum age in your jurisdiction). We do not knowingly collect personal data from children under 13. If you believe a child has created an account, contact us and we will delete it promptly.

If we make material changes to this policy, we will notify you by email at least 14 days before the changes take effect. The effective date at the top of this page will always reflect the current version.

Continued use of Dim Notes after a policy change constitutes acceptance of the updated policy.

For any questions about this policy or how we handle your data:

• —Email: [email protected]
• —Operator: Ender, sole proprietor, Cayman Islands