DRAFT — pending legal review. Items marked [TO CONFIRM] must be settled before publication; remove this banner when done.
Astro Notes (astronotes.eu) · Last updated: [TO CONFIRM date]
The data controller for Astro Notes is Marco Ferra [TO CONFIRM: trading name and postal address]. Contact for privacy matters: [TO CONFIRM: e.g. privacy@astronotes.eu].
Astro Notes is end-to-end encrypted. Your notes — including their titles and tags — are encrypted on your device with keys derived from your password. The server stores only ciphertext; we cannot read, recover, or hand over your note content, and a lost password can only be recovered with your recovery key.
We do store, in readable form, the minimum needed to run the service:
We do not profile you, sell data, or show advertising.
| Provider | Purpose | Location / transfers |
|---|---|---|
| Hetzner Online GmbH | Server hosting | Germany / EU |
| Stripe | Payments, subscriptions, invoices (we never see card numbers) | US — EU-US Data Privacy Framework [TO CONFIRM DPA] |
| Amazon Web Services (SES) | Transactional email (verification messages) | US (us-east-1) — EU-US Data Privacy Framework [TO CONFIRM DPA] |
| Grafana Cloud | Aggregate service metrics — counts and latencies only, no personal data | [TO CONFIRM stack region] |
| Data | Retention |
|---|---|
| Account and encrypted notes | Until you delete them or your account |
| Sessions | 30 minutes idle, 30 days at most |
| Security logs (IP addresses) | 30 days |
| Deleted-note stubs (id only, for device sync) | Up to 90 days |
| Feedback messages (quota bookkeeping) | 400 days, or until account deletion |
| Database backups | 14 days, rotating; erased accounts are never restored from backup |
| Invoices (at Stripe) | As required by tax law |
Under the GDPR you can:
Astro Notes sets no advertising or analytics cookies and loads nothing from third parties. Your browser's local storage holds only what the app needs to function: your session, theme choice, and dismissed notices.
Beyond end-to-end encryption: credentials are hashed with Argon2id, connections use TLS, session tokens are stored only as hashes, and the infrastructure is hardened and kept automatically patched. Should a breach nevertheless affect your data, we will notify the supervisory authority and, where required, you, per GDPR Arts. 33–34.
Astro Notes is not directed at children under [TO CONFIRM: 16].
We will announce material changes to this policy in the app before they take effect.