Privacy Principles
At Yooz, privacy isn't a feature - it's the foundation.
Our Core Commitments
1. Privacy is Non-Negotiable
All AI processing happens locally on your devices.
We will never:
- Send your notes, messages, or personal data to cloud AI services
- Train models on your private information
- Sell or share your data with third parties
- Require internet connectivity for core features
2. Zero-Knowledge Architecture
We can't read your data even if we wanted to.
Your notes are encrypted with a master password that:
- Only you know
- We never receive
- Cannot be recovered by us
- Derives encryption keys locally on your device
3. Local-First Always
Your data lives on your devices, under your control.
- Primary storage: Local storage on your device
- Sync: Optional, client-side encrypted before upload
- Offline: Full functionality without internet
- Ownership: You own your data, not us
4. End-to-End Encryption
Data is encrypted before it leaves your device.
When you enable cloud sync (optional, coming MVP2):
- Notes encrypted on your device with your key
- Only encrypted blobs uploaded to cloud
- Cloud provider (Google, Dropbox) sees only encrypted data
- Decryption happens only on your authenticated devices
5. Transparency & Open Source
Security through transparency, not obscurity.
- Core privacy components are open source
- Encryption implementation is auditable
- No proprietary black boxes for security-critical code
- Community security reviews welcome
6. Minimal Data Collection
We collect only what's absolutely necessary.
| Data Type | Collected? | Purpose | Retention |
|---|---|---|---|
| Notes content | ❌ Never | N/A | N/A |
| Encryption keys | ❌ Never | N/A | N/A |
| Usage analytics | ⚠️ Minimal | Crash reports only | 30 days |
| Account email | ✅ If sync enabled | Account recovery | User-controlled |
| Sync metadata | ⚠️ Encrypted | Sync coordination | User-controlled |
7. No Third-Party Trackers
No ads, no analytics pixels, no surveillance capitalism.
Yooz apps contain:
- ✅ No Google Analytics
- ✅ No Facebook Pixel
- ✅ No advertising SDKs
- ✅ No behavioral tracking
- ✅ No fingerprinting
Technical Implementation
Encryption Standards
- Algorithm: AES-256-GCM (authenticated encryption)
- Key derivation: Cryptographically secure key derivation
- Authenticated: Prevents tampering and ensures integrity
- Random IVs: Unique initialization vector per encryption
Storage
- Local: Encrypted local storage on your device
- Encrypted at rest: Yes, with user's master password
- Encrypted in transit: HTTPS for optional sync
- Cloud: Zero-knowledge (providers see only encrypted blobs)
Authentication
- No central accounts (local-only mode)
- Optional: Account for cloud sync
- Multi-factor: Coming with sync feature
- Password recovery: Via encrypted recovery key (user-generated)
Privacy by Design
Compliance
Yooz is designed to comply with:
- GDPR (European Union)
- CCPA (California)
- HIPAA-capable architecture (for healthcare use cases)
Our privacy-first architecture makes compliance natural:
- No data collection = minimal GDPR risk
- User controls data = CCPA compliant
- E2E encryption = HIPAA-capable
Your Rights
With Yooz, you have the right to:
- Access: Your data is always accessible to you locally
- Export: Download all notes as markdown anytime
- Delete: Remove data permanently from all locations
- Portability: Standard markdown format works anywhere
- Opt-out: Use fully offline, no sync required
Questions?
- Privacy Policy - Full legal policy
- Security Architecture - Technical details
- GitHub Issues - Ask questions
Your privacy is our promise. Every architectural decision prioritizes your control over your data.