Privacy Policy

Effective Date: January 1, 2026

Skelenote is developed by Jordan Stella ("we," "us," or "our"). This Privacy Policy explains how we handle your information when you use the Skelenote application.

Our Core Principle

Your data belongs to you, and only you.

Skelenote is built on a zero-knowledge architecture. Your notes, tasks, and other content are encrypted on your device before they ever leave it. We cannot read your data—not because we choose not to, but because we literally cannot. We don't have your keys.

Information We Do NOT Collect

• Your notes, tasks, or documents. All content is encrypted with your Skeleton Key before leaving your device.

• Your Skeleton Key or encryption keys. These are generated locally and never transmitted.

• Account credentials. No account is required to use Skelenote.

• Your identity. We don't know who you are.

Information We DO Collect

Analytics (Optional)

If you opt in to analytics, we collect anonymous usage data through PostHog to improve the app. This includes:

• App events: App launches, view navigation, feature usage (search, export, templates)

• Object actions: Creation, archival, deletion counts (not content)

• Sync activity: Whether sync started or devices paired (not what was synced)

• Settings: Theme changes, feature toggles

• Errors: Technical error types for debugging (no personal data)

What we do NOT track:

• Session recordings or screen captures

• Page views or browsing behavior

• Autocapture of clicks or interactions

• Any note content, titles, or metadata

You can disable analytics at any time in Settings → Privacy.

Sync Relay (Optional)

If you use Cloud Sync, our relay server facilitates end-to-end encrypted connections between your devices. The server sees:

• Encrypted data blobs (we cannot decrypt them)

• A cryptographic User ID (derived from your key, not your identity)

• Connection timestamps

We do not log or retain sync traffic beyond what's needed for real-time relay.

Data Storage

Your data lives on your device:

macOS~/Library/Application Support/com.skelenote.app/
Windows%APPDATA%\skelenote\
Linux~/.local/share/skelenote/
iOS App sandbox (not accessible to other apps)
Android App-private storage

We do not have access to these files. You can back up, move, or delete them at any time.

Third-Party Services

Platform: PostHog Purpose: Analytics (opt-in) Data Shared: Anonymous events, no PII

We do not sell, rent, or share your data with advertisers or data brokers.

Children's Privacy

Skelenote is not directed at children under 13. We do not knowingly collect information from children. If you believe a child has provided us with personal information, please contact us.

Your Rights

• Access & Export: Your data is already on your device. Export to Markdown anytime.

• Deletion: Delete the app and your local vault to remove all data.

• Opt Out of Analytics: Disable in Settings → Privacy.

• Data Portability: Your Skeleton Key works on any device—your data moves with you.

Security

We use XChaCha20-Poly1305 authenticated encryption. Your Skeleton Key (a 24-word recovery phrase) is the only thing that can decrypt your data. We recommend:

• Backing up your Skeleton Key in a secure location

• Using device passwords/biometrics

• Keeping your device software updated

Changes to This Policy

We may update this Privacy Policy. We'll notify you through the app or website. Continued use after changes constitutes acceptance.

Contact Us

• Support Form: skelenote.com/support

• Discord: https://discord.gg/4apsgSRB7D

Skelenote
Jordan Stella
Florence, Arizona, USA