zKPnote← Back to home

Privacy Policy

Last updated: April 2026.

zKPnote is built so we cannot read your notes. This policy explains what we can see, what we cannot, and what we do with it.

What we cannot see

  • Note contents. Encrypted on your device with XChaCha20-Poly1305 using a key derived from your seed phrase or wallet signature (HKDF). We store only the ciphertext.
  • Titles, tags, folders, and body. Each note is a single encrypted blob. Metadata lives inside the ciphertext.
  • Your seed phrase. Never transmitted.
  • Your encryption key. Derived locally, never transmitted.

What we can see

  • Account fields you give us. If you link an online account, we store your username, optional email, wallet address, and the seed encrypted with your password (AES-GCM + PBKDF2-SHA256-100k). The password itself is never sent; only the ciphertext.
  • Public blockchain data. When you "prove" a note, the SHA-256 hash and your wallet signature are permanently public on Solana. Anyone can view these on a block explorer. We do not control the blockchain.
  • Sync metadata. Note revision numbers, created/updated timestamps, sync timestamps. These are used to resolve conflicts; they do not reveal content.
  • Marketplace listing previews. If you list a note, the preview fields you provide (title, masked/partial/full sample) are stored as you wrote them. Private keys to the encrypted note content are only released to the buyer post-payment.
  • Technical logs. IP-scoped rate-limit counters, error telemetry, and standard web logs. We do not associate these with note content.
  • Analytics (opt-in). If you opt in to analytics, anonymous product usage events (clicks, feature usage — never note content) are sent to PostHog. Opt out any time in Settings.

Why we collect it

  • Operate the service (sync, marketplace, proofs).
  • Prevent abuse (rate limiting, fraud detection on listings).
  • Improve the product (only with opt-in analytics).
  • Comply with law when legally compelled.

Who we share with

  • Supabase — hosted Postgres for encrypted sync. Sees ciphertext only.
  • Upstash Redis — rate-limit counters.
  • Sentry (opt-in) — crash telemetry without note content.
  • PostHog (opt-in) — product analytics without note content.
  • Solana network — public blockchain for proofs + marketplace settlement.
  • Legal authorities — if compelled by valid subpoena or court order. We cannot disclose note content because we don't have it.

We do not sell personal data.

Your rights

  • Export. You can export your vault as markdown or encrypted backup from Settings at any time.
  • Delete. Wipe your vault locally at any time from Settings. To delete server-side artifacts (encrypted mirrors, listings, proofs), email admin@zkpnote.com. Blockchain proofs cannot be rescinded.
  • Access. Request a copy of the account data we hold on you: admin@zkpnote.com.
  • Correct. Fix your username, email, or profile from Settings.
  • Withdraw consent. Turn off analytics, sync, or delete your account. Local-only use remains available with no server contact.

Children

zKPnote is not intended for users under 13 (or the minimum age of digital consent in your jurisdiction). We do not knowingly collect data from anyone under that age.

International

We process data in the United States. If you use zKPnote from the EU, UK, or another jurisdiction with data-protection laws, the legal basis for processing is (i) performance of the contract (delivering the service) and (ii) consent (opt-in analytics).

Changes

Material changes will be posted here with a new "Last updated" date and announced via our X/Twitter or in-app banner.

Contact

admin@zkpnote.com. Legal notices: same address with subject "Legal".