security and privacy

local-first by design

jottie keeps your notes on your device. ai runs locally. nothing is uploaded unless you explicitly enable sync. privacy isn't a feature - it's the architecture.

download for ios privacy policy

stored locally

notes never leave your device

on-device ai

no cloud ai processing

encrypted on device

aes-256-gcm with keychain

local-first architecture

your data stays with you

sqlite on your device

all notes, tags, entities, and embeddings are stored in a sqlite database on your iphone. no server connection needed to read or write notes.

keychain encryption keys

encryption keys are stored in the apple keychain, protected by the secure enclave. even if someone accesses your files, they can't read your notes.

works offline

take notes on a plane, in the subway, anywhere without signal. jottie doesn't need an internet connection to function.

on-device ai

ai that never phones home

jottie uses apple foundation models for all ai features. semantic search, automatic tagging, entity extraction, and chat all run locally on your device. your note content is never sent to external servers for ai processing.

embeddings generated on device

vector search runs locally with sqlite-vec

chat powered by apple foundation models

no openai, no google ai, no cloud llms

where ai runs

on your iphone

semantic search, tagging, entities, chat

never sent to cloud

no external ai services process your notes

encryption flow

1. your note

"meeting with sarah tomorrow at 3pm"

2. encrypted with keychain key

enc:v1:a7Bx9k2mP...

3. stored in local sqlite

encrypted at rest on your device

encryption

aes-256-gcm encryption at rest

notes are encrypted using aes-256-gcm before being written to the local database. encryption keys are stored in the apple keychain, protected by face id or touch id. even with physical access to your device, your notes remain unreadable without authentication.

optional sync

sync is your choice

jottie works completely offline by default. if you want to access notes on web or back them up, you can enable sync - but it's entirely optional. when sync is enabled, notes are encrypted before leaving your device.

sync disabled by default

encryption at rest when synced

you control what syncs

sync modes

local only (default)

notes never leave your device

sync enabled

encrypted backup + web access

when you enable sync

cloud security for synced notes

encrypted at rest

encrypted before upload

google cloud

soc 2 certified infrastructure

cloud kms

server-side key management

data isolation

per-user encryption keys

data rights

access all your data anytime
export to markdown or json
delete permanently anytime
gdpr and ccpa compliant

your control

you own your data

your notes are yours. export them anytime, delete them permanently, or close your account. with local-first architecture, you always have a complete copy on your device.

questions about security?

we're happy to answer questions about how jottie protects your privacy.

contact us privacy policy

ready to try jottie?

download for ios