Legal
Privacy Policy
Last updated: 15 July 2026
Kanto Notes is built on a simple premise: your notes are yours. This policy explains what we collect, why, who else processes it, and how you can export or delete it.
1. Data we collect
- Account data: your email address and hashed password (or OAuth provider identifier).
- Note content: the text of your notes, voice recordings you submit for transcription, and any AI-generated titles, tags, categories, entities, and embeddings we derive from them.
- Settings: your preferences, including any OpenAI API key you optionally add.
- Usage data: minimal server-side logs (timestamps, request paths, response codes, error messages) used to keep the service running.
- Billing data: if you subscribe, Paddle collects payment details on our behalf. We only receive a subscription identifier and non-sensitive metadata (plan, status, country).
2. What we do NOT do
- We do not sell your data.
- We do not train AI models on your notes.
- We do not share your notes with advertisers.
- We do not read your notes (only automated systems process them).
3. Sub-processors
We use these carefully-chosen third parties to run the service:
- Supabase (managed Postgres + Auth) — stores your account, notes, and embeddings. Data residency: EU/US, per your region.
- Cloudflare — runs our compute (TanStack Start on Workers) and CDN. No note content is stored on Cloudflare.
- OpenAI — chat completions, embeddings, and Whisper transcription. OpenAI's API terms state they do not train on data submitted through the API. Only the specific note text needed for the current operation is sent, and only at the moment of the operation.
- Paddle.com Inc. — merchant of record for all paid plans. Handles payment processing, tax collection, and receipts.
If you add your own OpenAI key in Settings, AI operations go through your OpenAI account instead of ours — the raw API calls are still made from our servers, but they are billed to your key.
4. Legal bases (GDPR)
If you are in the EU/UK, we process your data on the following bases: Contract (delivering the notes service you signed up for), Legitimate interest (running the product, preventing abuse), and Consent (optional product analytics, if enabled).
5. Your rights
You can, at any time:
- Access all your data (visible in the app; full JSON export in Settings).
- Correct or delete individual notes.
- Delete your account and all associated data — see Deletion below.
- Object to processing or withdraw consent for optional data uses.
- Lodge a complaint with your local data protection authority.
6. Retention
Active notes are kept as long as your account exists. Soft-deleted notes are kept for 30 days in a restorable trash and then permanently deleted. Server logs are kept for 30 days. Backups are rolled over within 30 days of deletion.
7. Deletion
You can delete your account from Settings, or by emailing privacy@kantonotes.com from your account address. We purge your account and all associated notes within 30 days. Anonymized aggregate metrics (counts, no content) may be retained.
8. Security
Every note is scoped to your account with row-level security enforced by Postgres — cross-user reads are impossible at the database level. All connections are HTTPS. Secrets never touch the client bundle. We take reasonable technical and organizational measures to protect your data, but no system is 100% secure — please pick a strong password. Report vulnerabilities to security@kantonotes.com.
9. Children
Kanto Notes is not for children under 16. We do not knowingly collect data from anyone under 16.
10. International transfers
Data may be processed in the US and EU depending on your region and the sub-processor. Where required, we rely on Standard Contractual Clauses.
11. Cookies
We use a small number of essential cookies for authentication. We do not use third-party advertising or tracking cookies.
12. Changes to this policy
If we make material changes, we'll notify you by email or in-app notice.
13. Contact
Privacy questions: privacy@kantonotes.com — or the contact page.