Last modified: May 15th, 2022
At Pirvnota, privacy is taken very seriously, since the main purpose of the site is to preserve it. This policy outlines the measures taken by Pirvnota to protect the privacy of its users.
1. Service description
Pirvnota is a free web based service that allows users to create encrypted notes that they can share over the internet as unique one-time-use HTTPS URLs (hereafter referred to as links) which by default expire after its first access via any web browser.
As Pirvnota does not provide any means for transmitting the link, the act of sending the link is the full responsibility of Pirvnota users.
Depending on the communication channel of your choice (e.g., e-mail, fax, SMS, phone, instant messaging, social media), there may be a certain risk that third parties intercept your communication, get knowledge of the communicated link and thus may be able to read your note.
2. How the notes and its contents are processed
The link is generated in the user's browser and at no time is sent as such to Pirvnota. The link is thus in the sender's (and later possibly in the recipient's) hands only. Therefore, there is no way to recover a note if a Pirvnota user losses the link.
Since only the link binds the decryption key to the note's content and since Pirvnota does not have the link, at no time is any note held in any readable format state at Pirvnota. This assures that nobody (including Pirvnote's administrators) can read a note.
When using Pirvnota's default funtionality, when a note is retrieved, its data is completely removed from Pirvnota; there is absolutely no way to recover it again.
When "Show options" is selected and the user opts for a time interval for the note's removal, then independently of how many times the note is retrieved, the note will be deleted only after that specified time is completed.
After a note is deleted from Pirvnota, there is absolutely no way to recover it again.
When a note is not retrieved after 30 days, Pirvnota removes it permanently, just as if it were read.The Pirvnota sysadmin team will do as much as possible to protect the site against unauthorized access, modification or destruction of the data. But, even if someone or something could manage to gain access to the database, they would be unable to read the notes since their contents are encrypted and can't be decrypted without the links which Pirvnota never has a hold of.
3. Processing of IP addresses
Pirvnota is not logging the IP addresses; they are processed to enable communication with Pirvnota's servers but they are not part of the log-files. IP addresses are deleted as soon as they are no longer needed for the purpose of communication.
4. Pseudonymous data
The creator of the note can introduce personal data into the note. Even though this data is encrypted, the data can be decrypted again and thus constitutes pseudonymous (personal) data. In any case, one cannot deduce the note's creator from Pirvnota's database, as Pirvnota does not store IP addresses.
The decryption of the note's data is in the users' hands (sender and recipient). Pirvnota is not able to decrypt the note and access the data (personal or otherwise) introduced by the creator since Pirvnota is never in possession of the decryption key which is contained only in the link.
When a person clicks the Pirvnota's link, Pirvnota declines any responsibility related to the note's content.
6. Disclosure of Data to Third Party