App Disclosure

No Ads No In-App Purchases Minimal Data Last updated: February 26, 2026

1. Data Collection Disclosure 2. Third-Party Services 3. App Permissions 4. In-App Purchases 5. Advertising 6. Analytics & Crash Reporting 7. Your Data Rights

Plain summary: Noteshik collects only what is needed to sync your notes. We use one external service (Groq) for voice transcription. We have no ads, no in-app purchases, no analytics SDKs, and no data brokers. You can delete all your data at any time.

1. Data Collection Disclosure

The following is a complete, itemized list of every piece of data Noteshik collects, why it is collected, and how long it is retained.

Data Item	Why Collected	Retention	Shared With?
Email address	Account login, verification, security notifications	Until account deletion	No one
Password (bcrypt hash)	Authentication — plaintext never stored	Until account deletion	No one
Note content (text)	Core service: store and sync your notes	Until deleted by user or account deletion	No one
Note metadata (timestamps, pin/archive status)	Sync state, organization	Until note/account deletion	No one
Image attachments	Images embedded in notes by user	Until note/account deletion	No one
Folder/tag names	Note organization	Until deleted or account deletion	No one
Audio recordings (voice transcription)	Sent to Groq API for transcription only; never stored	Not stored — discarded immediately after transcription	Groq (transcription only)
Device ID (randomly generated)	Multi-device sync conflict resolution	Until account deletion	No one
Auth/security logs (IP, timestamp, event type)	Detect unauthorized access, abuse prevention	30 days rolling	No one
Contact form submissions	Customer support	12 months	No one

What We Do NOT Collect

GPS / location data
Device hardware identifiers (IMEI, advertising ID, IDFA)
Contacts or calendar data
Browsing history or cross-app behavior
Biometric data
Financial data (payments handled by Google Play / Apple)
Photos outside of what you explicitly attach to a note
Microphone audio beyond the duration of a transcription request

2. Third-Party Services Used

Noteshik uses a minimal number of third-party services. We do not integrate any advertising networks, social media SDKs, or behavioral analytics platforms.

Groq — Voice Transcription

What it does: When you tap the microphone button in a note, your device records audio and sends it over HTTPS to api.groq.com. Groq's Whisper AI model converts the speech to text, returns the transcript to our server, and the text is saved to your note.

Data sent: Audio file only. No account information, note content, or identifiers are sent to Groq.

Data stored by Groq: Per Groq's API terms, audio data is not retained after processing.

This is optional: You can use Noteshik without ever using voice transcription. All other features work without any data leaving our servers.

Privacy policy: groq.com/privacy-policy

Contabo GmbH — Server Infrastructure

What it does: Our API server and PostgreSQL database run on VPS infrastructure hosted by Contabo in Frankfurt, Germany. Your notes and account data are stored on these servers.

Data location: All data remains within Germany (EU) unless you use voice transcription (see Groq above).

Privacy policy: contabo.com/en/legal/privacy

Expo / EAS (expo.dev) — App Distribution & Updates

What it does: Noteshik is built with React Native / Expo. The Expo Application Services (EAS) platform is used to build and distribute the app binaries to the Apple App Store and Google Play Store.

Data sent: Expo does not receive your note content or account data. App builds and OTA update bundles may be distributed via Expo's CDN.

Privacy policy: expo.dev/privacy

Let's Encrypt — SSL/TLS Certificates

What it does: Provides free SSL certificates that encrypt communications between your device and our server.

Data sent: Domain name only — no personal data involved in certificate issuance.

Privacy policy: letsencrypt.org/privacy

Google Play / Apple App Store — Distribution

Noteshik is distributed through Google Play and the Apple App Store. These platforms handle app download, installation, and (for paid subscriptions) billing. Their data handling is governed by their own privacy policies. We receive only your subscription status from these platforms — we never receive payment details.

We do NOT integrate: Google Analytics, Firebase, Facebook SDK, Mixpanel, Amplitude, Segment, Sentry, Crashlytics, Appsflyer, Adjust, or any other advertising or behavioral analytics SDK.

3. App Permissions

Noteshik requests the following permissions on Android and iOS. All permissions are requested only when relevant features are used, and all are optional — the core note-taking features work without any of them.

Android Permissions

Permission	Why It's Needed	Required?
`RECORD_AUDIO`	Records audio when you tap the microphone button for voice-to-text transcription	No — only if you use voice transcription
`READ_MEDIA_IMAGES` / `READ_EXTERNAL_STORAGE`	Lets you pick photos from your gallery to attach to notes	No — only if you attach images to notes
`CAMERA`	Allows you to take a photo with your camera to attach directly to a note	No — only if you use in-note camera
`INTERNET`	Required to sync notes with the server, send voice transcription requests, and receive push notifications	Yes — required for sync features (app works offline without it)
`RECEIVE_BOOT_COMPLETED`	Allows the app to reschedule note reminders after the device restarts	No — only relevant if you set note reminders
`POST_NOTIFICATIONS` (Android 13+)	Sends push notifications for note reminders and sync alerts	No — only if you enable notifications
`VIBRATE`	Vibration feedback for notifications	No — only with notifications enabled

iOS Permissions

Permission	Why It's Needed	Required?
Microphone (`NSMicrophoneUsageDescription`)	Records audio for voice-to-text transcription	No — only if you use voice transcription
Photo Library (`NSPhotoLibraryUsageDescription`)	Lets you pick photos from your photo library to attach to notes	No — only if you attach images to notes
Camera (`NSCameraUsageDescription`)	Allows capturing photos directly in a note	No — only if you use in-note camera
Notifications (`UNUserNotificationCenter`)	Delivers note reminders and sync status alerts	No — only if you enable notifications

Noteshik does not request access to: Contacts, Calendar, Location, Health, Face ID/Touch ID for authentication (standard device lock is used), or any other sensor data beyond what is listed above.

4. In-App Purchases

✓ No in-app purchases are currently available in Noteshik.

Noteshik is currently offered as a free application. There are no in-app purchases, microtransactions, virtual currencies, loot boxes, or consumable items.

If paid subscription plans are introduced in the future, they will be offered through Google Play Billing (Android) or Apple In-App Purchase (iOS), and this disclosure will be updated accordingly. Any future paid features will be clearly labeled, and you will be informed before any charges occur.

See our Terms of Service — Subscription Plans section for the pricing structure if/when subscriptions are enabled.

5. Advertising

✓ Noteshik contains no advertisements of any kind.

Noteshik does not display ads. We do not integrate any advertising SDK (including Google AdMob, Meta Audience Network, Unity Ads, or any other ad network). We do not sell advertising space, and we do not build advertising profiles based on your data.

Noteshik is sustained by subscriptions, not advertising. Your data is never used for advertising purposes — not for ads within the app, not for ads on other platforms, and not for sale to advertisers.

6. Analytics & Crash Reporting

✓ No third-party analytics or crash reporting SDKs are integrated.

Noteshik does not use any third-party analytics service (such as Google Analytics, Firebase Analytics, Mixpanel, or Amplitude) or crash reporting service (such as Sentry, Crashlytics, or Bugsnag).

We do collect minimal server-side logs for security purposes (authentication events, API errors), as described in our Privacy Policy — Data We Collect. These logs:

Are stored only on our own servers (not sent to third parties).
Do not include note content.
Are retained for a maximum of 30 days.
Are used exclusively for security monitoring and abuse prevention.

If you encounter a bug, please report it via our contact form — we rely on user reports since we don't have automated crash tracking.

7. Your Data Rights

You have full control over your data. At any time you can:

Access your data: Request a copy of all data we hold about you by emailing support@9gg.app (use the contact form).
Export your notes: Contact support to receive an export in JSON or plain text format within 14 days.
Delete your account: Use the self-service page at noteshik.app/delete-account (immediate), or email support@9gg.app (use the contact form) with "Account Deletion Request" — your account is deleted immediately and any residual data purged within 30 days.
Correct your data: Update your email address through the app settings or by contacting support.
Object to processing: Object to any non-essential data processing by contacting us.

For full details on your privacy rights (GDPR, CCPA, and general rights), see our Privacy Policy.

Contact for all data requests: support@9gg.app (use the contact form)

Contents