security & privacy

your notes, protected

jottie is built with security at every layer. from encryption to access controls, your thoughts stay private and protected.

start writing privacy policy

end-to-end encryption

AES-256-GCM at rest

data isolation

row-level security

no data selling

your notes stay yours

security highlights

built for trust

per-user encryption keys

each user has a unique encryption key, protected by google cloud key management service (KMS). even we can't read your notes without the decryption process.

enterprise infrastructure

hosted on google cloud platform with SOC 2 certified infrastructure, automatic updates, and 24/7 monitoring for threats and anomalies.

secure authentication

sign in with google OAuth 2.0. we never see or store your password. your google account security protects your jottie access.

encryption

AES-256-GCM encryption at rest

your notes, chat messages, and associations are encrypted using AES-256-GCM, the same encryption standard used by banks and governments. each user has a unique encryption key managed by google cloud KMS.

256-bit encryption keys for maximum security

galois/counter mode for authenticated encryption

unique initialization vectors for each encryption

encryption flow

1. your note

"meeting with sarah tomorrow at 3pm"

2. encrypted with your key

enc:v1:a7Bx9k...encrypted...

3. stored securely

encrypted data at rest in database

access control layers

google OAuth authentication

JWT sessions authorization

row-level security data isolation

rate limiting abuse prevention

access control

only you can see your notes

multiple layers of security ensure your data stays private. from authentication to database-level isolation, we enforce strict access controls at every level.

AI privacy

AI that respects your privacy

our AI features are designed with privacy in mind. your notes are processed to provide features like semantic search and chat, but never used to train AI models.

notes processed on-demand, not stored for training

AI safety guardrails filter harmful content

embeddings used for search, not shared externally

how AI uses your data

semantic search embeddings

find notes by meaning, not just keywords

automatic tagging & organization

tags, entities, dates extracted for you

chat with context

ask questions, get answers from your notes

never used to train AI models

your data stays yours, period

infrastructure security

TLS 1.3

in-transit encryption

AES-256

at-rest encryption

SOC 2

GCP compliance

24/7

monitoring

infrastructure

enterprise-grade hosting

jottie runs on google cloud platform, trusted by millions of businesses worldwide. our infrastructure includes automatic security patches, DDoS protection, and continuous monitoring.

your control

you own your data

we believe your notes belong to you. export them anytime, delete them permanently, or close your account. your data, your choice.

delete individual notes or your entire account

request a copy of all your data

GDPR and CCPA rights supported

data rights

access your data anytime

export and download

correct inaccuracies

delete permanently

our commitment

privacy principles

encrypted by default

all sensitive data encrypted at rest

no data selling

we never sell your information

minimal collection

only what's needed to run the service

transparent practices

clear policies, no hidden surprises

questions about security?

we're happy to answer any questions about how we protect your data. reach out to our team for more details.

ready to try jottie?

start writing