Privacy & Terms

Last updated: January 2026

TL;DR

  • Anonymous notes: Zero tracking. Zero logging. We store only encrypted ciphertext we cannot decrypt.
  • Team/account notes: Opt-in audit logging for compliance. Owner-deletable.
  • No ads. No third-party trackers. No data sales. Ever.
  • Open source. Verify everything yourself.

Two Privacy Models

Burner Note operates under two distinct privacy models depending on how you use the service. This is by design: anonymous users get maximum privacy, while teams get the audit capabilities they need for compliance.

Anonymous Notes (No Account)

What we store:

  • Encrypted ciphertext (which we cannot decrypt — see About for technical details)
  • A random token for URL generation
  • Expiry timestamp
  • View count (integer only)
  • Password hash (if you set one)

What we do NOT store:

  • Your IP address
  • User agent / browser fingerprint
  • Referrer headers
  • Any identifier linking notes to you
  • Access timestamps beyond "viewed" status
  • The decryption key (exists only in URL fragment)

Anonymous notes are cryptographically unlinkable to their creator. We have no mechanism to identify who created a note or correlate multiple notes to the same person.

Team & Account Notes (Authenticated)

When you create an account or join a team, you opt in to additional data collection for audit and compliance purposes. This is a deliberate trade-off: teams often have regulatory requirements (SOC 2, HIPAA, internal policy) that mandate activity logging.

Additional data collected for team notes:

  • User ID of note creator
  • Team association
  • Audit log entries (who created/viewed, when)
  • IP address and user agent (for audit log only)
  • Read receipt metadata (if enabled)

Important distinctions:

  • Note content remains end-to-end encrypted — audit logs track activity, not content
  • Audit data is scoped to your team; we don't aggregate across teams
  • Team owners can permanently delete all audit logs at any time
  • You can always create anonymous notes by logging out

Data We Collect

Analytics

We use Simple Analytics, a privacy-focused, cookie-free analytics service. Simple Analytics collects:

  • Page URL (without query strings or fragments)
  • Referrer (previous page)
  • Browser and OS (from User-Agent)
  • Device type (desktop/mobile)
  • Country (IP is never stored or logged)

Simple Analytics does not use cookies, does not track users across sites, and is GDPR/CCPA compliant by design. No personal data is collected or stored.

Account Data

If you create an account, we store:

  • Email address (for authentication and notifications)
  • Display name (optional)
  • Team memberships and roles
  • Magic link tokens (temporary, 15-minute expiry)

We use passwordless authentication exclusively. We never store passwords for user accounts.

Server Logs

Our web server generates standard access logs for operational purposes. These logs:

  • Contain IP addresses and request paths
  • Are retained for 14 days maximum
  • Are used only for debugging and abuse prevention
  • Are not correlated with note content or user accounts

What We Don't Do

  • Sell data: We have no advertising or data broker relationships. Your data is not a product.
  • Third-party trackers: No Google Analytics, Facebook Pixel, or any tracking scripts beyond Simple Analytics.
  • Read your notes: Cryptographically impossible. The decryption key never reaches our servers.
  • Retain deleted notes: When a note is deleted, the DELETE is synchronous and permanent. No soft deletes, no backups of content.
  • Share with law enforcement: We cannot produce what we don't have. Encrypted ciphertext without keys is useless.

Data Retention & Deletion

Data Type Retention
Anonymous note ciphertext Until viewed (max views) or expiry date, whichever comes first
Team note ciphertext Same as anonymous — content deletion is immediate
Team audit logs Until deleted by team owner (self-service)
User accounts Until you request deletion
Server access logs 14 days, auto-rotated
Magic link tokens 15 minutes (auto-expire)

To delete your account and all associated data, contact us at the contact page. Account deletion is permanent and includes removal from all teams.

Terms of Use

Acceptable Use

Burner Note is provided for legitimate private communication. You agree not to use the service for:

  • Distribution of malware or phishing links
  • Harassment, threats, or illegal content
  • Spam or automated abuse
  • Any activity that violates applicable law

We reserve the right to implement rate limiting and block abusive traffic patterns. Because we cannot read note contents, enforcement is limited to network-level patterns.

No Warranty

Burner Note is provided "as is" without warranty of any kind. While we implement strong security practices, no system is perfectly secure. We are not liable for:

  • Data loss due to technical failures
  • Security breaches beyond our reasonable control
  • Misuse of shared note links by recipients
  • Client-side vulnerabilities (compromised devices, malicious extensions)

Service Availability

We aim for high availability but do not guarantee uptime. Notes may be deleted if they expire while the service is unavailable. We may modify or discontinue the service at any time.

Legal Requests & Transparency

If we receive a valid legal request (subpoena, court order, etc.), our response is constrained by what data we actually possess:

For anonymous notes:

We can only provide encrypted ciphertext (useless without the key), the random URL token, and basic metadata (expiry date, view count). We cannot identify the creator or provide decrypted content.

For team notes:

We can provide audit logs (activity metadata) and account information for the relevant team. Note content remains encrypted and unreadable. We will notify affected users unless legally prohibited.

We will challenge overbroad requests and publish a transparency report if we receive significant law enforcement interest.

Verify It Yourself

This document describes our practices, but you don't have to take our word for it. Burner Note is fully open source.

Relevant files for privacy verification:

  • welcome.blade.php — client-side encryption implementation
  • note-encrypted.blade.php — client-side decryption
  • NoteController.php — server-side note handling
  • TeamAuditLog.php — audit logging model
  • layouts/app.blade.php — analytics script (Simple Analytics only)

If our code doesn't match this policy, the code is the source of truth. File an issue.

Contact

Questions about this policy? Contact us.

We'll update this page when practices change. Material changes will be announced.