Last modified: May 25th, 2018

At Privnote, privacy is taken very seriously, since the main purpose of the site is to preserve it. This policy outlines the measures taken by Privnote to protect the privacy of its users.

1. Service description

Privnote is a free web based service that allows users to create encrypted notes that they can share over the internet as unique one-time-use HTTPS URLs (hereafter referred to as links) which by default expire after its first access via any web browser.

As Privnote does not provide any means for transmitting the link, the act of sending the link is the full responsibility of Privnote users.

Depending on the communication channel of your choice (e.g., e-mail, fax, SMS, phone, instant messaging, social media), there may be a certain risk that third parties intercept your communication, get knowledge of the communicated link and thus may be able to read your note.

2. How the notes and its contents are processed

The link is generated in the users browser and at no time is sent as such to Privnote. The link is thus in the senders (and later possibly in the recipients) hands only. Therefore, there is no way to recover a note if a Privnote user losses the link.

Since only the link binds the decryption key to the notes content and since Privnote does not have the link, at no time is any note held in any readable format state at Privnote. This assures that nobody (including Privnotes administrators) can read a note.

When using Privnotes default funtionality, when a note is retrieved, its data is completely removed from Privnote; there is absolutely no way to recover it again.

When "Show options" is selected and the user opts for a time interval for the notes removal, then independently of how many times the note is retrieved, the note will be deleted only after that specified time is completed.

After a note is deleted from Privnote, there is absolutely no way to recover it again.

When a note is not retrieved after 30 days, Privnote removes it permanently, just as if it were read.The Privnote sysadmin team will do as much as possible to protect the site against unauthorized access, modification or destruction of the data. But, even if someone or something could manage to gain access to the database, they would be unable to read the notes since their contents are encrypted and cant be decrypted without the links which Privnote never has a hold of.

3. Processing of IP addresses

Privnote is not logging the IP addresses; they are processed to enable communication with Privnotes servers but they are not part of the log-files. IP addresses are deleted as soon as they are no longer needed for the purpose of communication.

4. Pseudonymous data

The creator of the note can introduce personal data into the note. Even though this data is encrypted, the data can be decrypted again and thus constitutes pseudonymous (personal) data. In any case, one cannot deduce the notes creator from Privnotes database, as Privnote does not store IP addresses.

The decryption of the notes data is in the users hands (sender and recipient). Privnote is not able to decrypt the note and access the data (personal or otherwise) introduced by the creator since Privnote is never in possession of the decryption key which is contained only in the link.

5. Disclaimer

When a person clicks the Privnotes link, Privnote declines any responsibility related to the notes content.

6. Disclosure of Data to Third Party

Privnote does not share nor sell any information to others, nor use it in any way not mentioned in this Privacy Policy.

7. Use of cookies

Privnote uses cookies (small text files that are stored on your computer by your browser when you visit a website) for our own interest in improving the use of our site and service. In some cases they will also be used for promotional purposes. The type of cookies Privnote uses are listed below:

Functional cookies

Privnote uses persistent cookies to keep a session in the users preferred language and to record your notification that Privnote uses cookies as explained in this section. Also some cookies are used as part of the link hiding mechanism when reading a note, these cookies in particular must be enabled for Privnote to function and are deleted immediately after the note is retrieved.

Non-functional cookies

Used for commercial and promotional purposes. Non-functional cookies are placed by third parties. In case of European citizens, these cookies do not store personal data (non-personalized ads).

If you would want to remove certain cookies, or block them from being stored in your browser, it is possible via your browser settings for cookies. However, if you do this, the site might not work as expected.

8. Children

Privnote does not target and is not intended to attract children under the age of 16. Minors must obtain express consent from their parents or legal guardians prior to accessing or using Privnote.

9. Validity of this Privacy Policy

Please note that this Privacy Policy may change from time to time. We expect most changes to be minor. Regardless, we will post any Policy changes on this page, and if the changes are significant, we will provide a more prominent notice such as a message on the home page. Each version of this Policy will be identified at the top of the page by its effective date.

10. Contact information

If you have any questions about this Privacy Policy or other concerns regarding privacy issues, please send us an e-mail at and we will answer you in less than 5 working days. If you are not satisfied with the outcome of our communication, you may refer your complaint to a local supervisor authority.

Privnote is a service provided by ikatu. The corporate details are as follows:

Legal Company Name:
Gletin S.A.
RUT: 214528610018

Siria 6101, 11400 Montevideo, Uruguay
Tel/Fax +598 2 600 8887