SealedNote
Open Source▲ Build Proof
Back to Home

SealedNote Inc. Privacy Policy

Last Updated: September 25, 2025

This Privacy Policy explains how SealedNote Inc. ("SealedNote", "we", "our") handles information in connection with our anonymous feedback platform and related websites, apps, and services (collectively, the Service).

Plain-English promise: We designed SealedNote to avoid collecting unnecessary data. Senders can submit feedback without creating an account and without tracking. Where encryption is enabled, message contents are end‑to‑end encrypted and we cannot decrypt them.

1) Who is the controller and what does this policy cover?

SealedNote Inc., is the controller of information processed through the Service (unless a separate agreement says otherwise). This policy does not cover third‑party websites or services that are not under our control.

2) What we do not collect or store

  • IP addresses in our application databases.
  • Device fingerprints or browser tracking identifiers.
  • Account profile data for message senders (names, phone numbers, addresses).
  • Behavioral tracking, analytics beacons, or cross‑site tracking.
  • Third‑party analytics tools.
  • Any technical capability to identify the message sender (unless the sender includes such info in the message itself).

Hosting telemetry. Our hosting/CDN providers may temporarily process IP addresses and similar connection data to route traffic and mitigate abuse. We do not re‑identify or store that telemetry.

3) What we do process (minimum necessary)

  • Timestamps for database records.
  • Ephemeral rate‑limit counters (cleared approximately every 60 seconds) to prevent abuse.
  • Recipients’ public keys for encryption.
  • Workspace configuration such as filtering preferences and notification email addresses.
  • Customer account/billing data (admins only, for paid tiers), like email and payment details managed by our payment processor.

We do not use this information for advertising or profiling.

4) Encryption & AI processing (when enabled)

  • End‑to‑end encryption (E2EE). When enabled, messages are encrypted client‑side using a hybrid RSA‑OAEP + AES‑GCM scheme. Private keys remain with the Customer and do not leave the browser.
  • Transport security. TLS 1.3 protects data in transit.
  • AI filtering/coaching (optional). If enabled by the Customer, message content is sent to OpenRouter to access model providers for classification/coaching. We instruct that content be processed in‑memory only, and we do not permit the use of message content for training. However, model providers have their own terms; see Section 8 (Subprocessors). Customers can disable AI features to avoid this processing.
  • Anonymity limits. Anonymity may be affected by user behavior (e.g., sharing personal details), network conditions, or legal processes outside our control.

5) Legal bases for processing (EEA/UK/Swiss users)

  • Performance of a contract (Art. 6(1)(b)) to provide the Service you request.
  • Legitimate interests (Art. 6(1)(f)) for fraud/abuse prevention, security, and product integrity—balanced against your rights.
  • Consent (Art. 6(1)(a)) for optional AI filtering/coaching.
  • Legal obligations (Art. 6(1)(c)) when we must comply with law.

6) Retention & deletion

  • Messages: retained until the Customer deletes them or closes the account.
  • Abuse/security logs: retained for up to 30 days.
  • Deletion window: we complete deletions within 7 days of a verified deletion request, subject to routine backup latency.

For anonymous submissions, we may not be able to identify the sender to action an individual request; senders should contact the receiving workspace directly.

7) Your privacy choices & rights

Depending on your location, you may have rights to access, correct, delete, export (port), restrict, or object to processing. You also may have a right to appeal a refusal. To exercise these rights, email privacy@sealednote.com. If you are an end‑user sender, we may direct you to the Customer (workspace owner) because they control access to message content and keys.

“Do Not Sell or Share.” We do not sell personal information and we do not share personal information for cross‑context behavioral advertising. We use only strictly necessary cookies (if any) to operate the Service.

8) Subprocessors & international transfers

We rely on the following third parties to operate the Service:

  • Vercel (hosting/CDN; global) – connection handling and static asset delivery.
  • Supabase (managed Postgres and auth; US/EU regions) – database and storage.
  • Postmark (email delivery; US/EU) – transactional notifications; we do not send message bodies via email.
  • OpenRouter (AI processing gateway; provider‑specific regions) – optional AI filtering/coaching when enabled.

We may update this list by posting an updated version at least 30 days before the change (except for urgent replacements for security or continuity). Some processing may occur outside your country; where required, we use appropriate safeguards (e.g., SCCs).

9) Security

We maintain administrative, technical, and physical safeguards aligned with industry practices, including least‑privilege access, encrypted storage/backups, and periodic access reviews. No system is 100% secure.

No emergency use. The Service is not a crisis hotline or emergency service. Do not use it to report events presenting an immediate threat to safety—contact local emergency services instead.

10) Sensitive data

Please do not submit regulated or highly sensitive personal information (e.g., health, financial, government IDs) unless we have a written agreement permitting it.

11) Government & legal requests

We respond to valid legal requests that we are legally required to honor. If E2EE is enabled, we can only provide stored ciphertext and limited metadata; we do not possess decryption keys.

12) Changes to this Policy

We may update this Policy from time to time. We will post the new date at the top and, for material changes, provide at least 30 days’ notice (e.g., email or in‑product notice) before they take effect.

13) Contact us

  • Email: privacy@sealednote.com
  • Mail: SealedNote Inc.

If you are in the EEA/UK and have unresolved concerns, you may lodge a complaint with your local supervisory authority.

This Privacy Policy is intended to be simple and transparent. It mirrors the commitments in our Terms/Appendices and will be updated if our practices change.

Questions about our privacy practices? Contact us at privacy@sealednote.com