ThinkNote
Legal & Compliance

Privacy Policy

Effective Date: 2026-05-26

Summary: ThinkNote is an offline-first notes application. It lets users create an account with Firebase Authentication, stores note data locally on the device for fast access, and syncs note data, folders, and tags to the ThinkNote backend when sync is enabled for the signed-in account.

1. Introduction

ThinkNote ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy describes how we collect, use, process, and safeguard your data when you use the ThinkNote mobile application and services. By accessing or using ThinkNote, you acknowledge and agree to the compilation and use of data outlined in this document.

2. Information We Collect

To provide a fully synchronized and offline-first typing experience, we process specific categories of information based on whether cloud sync is active:

  • Account Credentials: We use Firebase Authentication for user accounts. This involves your account identifiers, such as user ID, email address, password hashes, and optional profile records (like display name or photo URL).
  • User Notes & Workspace Content: If cloud sync is enabled, we store your notes, title drafts, tags, folders, favorites, pinned states, and archive/trash categories on the secure backend database.
  • On-Device Databases: Notes, tag mappings, recent search histories, and layout preferences are stored on your local device for instant access.
  • Technical Diagnostics: Timestamps, authentication tokens, IP/rate-limiting parameters, and diagnostic crash events (via Sentry if configured with Sentry DSN) are collected to ensure service stability.

3. How We Use Information

We process the collected information solely to power, secure, and improve your note-taking workspace:

  • To verify your identity and manage accounts during Firebase registration.
  • To synchronize and back up your note collections across multiple active logins.
  • To provide offline availability with local caching fallback structures.
  • To enforce rate-limiting protections, eliminate security vulnerabilities, and resolve software crashes.
  • To respond directly to technical assistance and privacy requests.

4. Data Storage and Security

Device-level safety and secure transport are primary objectives:

On-Device Encryption: Local notes, folders, and tag labels are encrypted inside a device-protected SQLite database using an application secret. While this safeguards against simple file extraction, it is not "end-to-end encryption." Anyone with physical access to your unlocked device, or sophisticated root-level tools on a compromised device, could expose the active RAM or app-private storage.

Transport Security: All network transmissions between the ThinkNote app and our backend API are mandated over industry-standard TLS encryption (HTTPS).

Please note that no technical transmission or database storage mechanism can guarantee 100% absolute security against determined interceptors or client-side physical compromises.

5. Third-Party Services

ThinkNote integrates the following trusted third-party providers to secure authentication and provide cloud hosting:

  • Firebase Authentication (Google LLC): For securing your account profile, registration, and email sign-ins under Google's Privacy Policies.
  • Google Cloud Platform: For hosting the secure cloud database and backend API nodes.
  • Sentry (Functional Software, Inc.): If active in release builds, Sentry receives diagnostic crash event metrics stripped of default personally identifying information.

6. Data Sharing

We believe that your thoughts must remain your own. ThinkNote does not sell, rent, or lease your notes, profile details, or email addresses to advertisers, data brokers, or third parties. We only share processed credentials or note contents:

  • When executing database transitions commanded by your user profile (Firebase or API requests).
  • When strictly necessary to comply with the law, court orders, or governmental security directives.
  • When defending against technical exploits, malicious attacks, or system rate-limits.

7. User Rights

You retain absolute command over your notes and personal profiles:

  • Access and Export: You can check, edit, and access all your notes in real time. Backups can also be exported locally to your clipboard or local text directories.
  • Correction: You can change titles, update folders, or amend note bodies at any moment directly inside the editor.
  • Portability & Fallback: All note content remains editable offline even without database network coverage.

8. Account and Data Deletion

To purge all information linked to your profile, you can use the complete account deletion functionality located directly in the app:

  1. Navigate to your Profile Settings inside ThinkNote.
  2. Select "Delete Account and Data" and confirm the process.
  3. This sequence triggers Firebase to delete your authentication record and instantly purges your synced folders, tags, and notes on the API server.

If you lose access to the app, you may request manual deletion of your cloud-synced account and associated notes at any time by emailing us at support@unicef.edu.eu.org.

9. Children’s Privacy

ThinkNote is not intended to knowingly collect or process personal identifying information from children under the age of 13. If we discover that a child under 13 has registered for a Firebase sync account, we will take immediate steps to remove their credential records and note backups from the servers.

10. Changes to This Policy

We may occasionally update this Privacy Policy to reflect app enhancements or structural changes to Google or Firebase requirements. Any modifications will be declared with a fresh "Effective Date" posted clearly at the top of this page.

11. Contact Us

Please route privacy questions, data requests, or complaints directly to our support inbox: