Effective Date: March 1, 2026
Last Updated: March 12, 2026
See also: Terms of Service
Digitalbits 64 LLC ("Digitalbits 64", "Pure Note", "we", "our", or "us") operates Pure Note and is the controller for the personal data described in this policy.
Quick summary
| Data Type | Examples | Where It Is Stored / Processed |
|---|---|---|
| Note content and metadata | Note text, titles, colors, timestamps, pin / lock state | On your device and, if sync is enabled, encrypted before upload to Google Drive |
| Attachments | Images and audio recordings attached to notes | On your device and, if sync is enabled, encrypted before upload to Google Drive |
| Groups and organization data | Groups, ordering, note relationships | On your device and, if sync is enabled, encrypted before upload to Google Drive |
| AI chat history and custom instructions | Notepilot messages, local AI context, custom instructions | On your device; selected portions are sent to Google Gemini only when you invoke AI features |
If you opt in to analytics / diagnostics, we may process app version, device type, operating system version, screen views, feature-usage events, crash logs, stack traces, performance metrics, and a service user identifier when needed to connect diagnostic events to your account.
On native mobile builds, app-triggered analytics helpers respect your current setting immediately, but Firebase provider-level diagnostics changes may require an app restart to fully apply.
Sensitive content notice: Your notes may contain sensitive information that you choose to write. If you send that content through an AI feature, it is transmitted to Google Gemini for processing. Avoid using AI features for highly sensitive data unless you are comfortable using that external processor.
| Purpose | Legal Basis |
|---|---|
| Provide the core app, sync, sign-in, and entitlement restoration | Performance of a contract |
| Process AI features you ask us to run | Performance of a contract |
| Protect the service against abuse, fraud, replay attacks, and excessive automated use | Legitimate interests |
| Process purchases, maintain billing records, and respond to refund / accounting requests | Performance of a contract and legal obligation |
| Run analytics and crash reporting | Consent |
| Respond to support requests and legal requests | Legitimate interests and legal obligation where applicable |
If we rely on consent, you may withdraw it at any time going forward in the app settings or by contacting us. On native mobile builds, Firebase provider-level diagnostics changes may require an app restart to fully apply after you change the setting.
Pure Note's Notepilot features currently use Google Gemini 2.5 Flash and Google Gemini 2.5 Flash-Lite.
We do not sell your personal information. We share data only with service providers and platforms needed to run the service or comply with law.
| Service / Provider | What They Handle | Data Shared |
|---|---|---|
| Google Sign-In (Google LLC) | Authentication | Email, display name, Google user ID, authentication tokens |
| Google Drive (Google LLC) | Optional encrypted sync / backup | Encrypted notes, encrypted attachments, sync metadata |
| Google Gemini API (Google LLC) | AI features | Prompts, note excerpts, images, audio, messages, and instructions you send through AI features |
| Supabase (Supabase Inc.) | Proxy infrastructure for AI requests | In-transit AI request data and limited request-security metadata |
| Firebase Analytics / Crashlytics (Google LLC) | Optional analytics and diagnostics | Device info, usage events, crash logs, user identifier when enabled |
| Apple App Store / StoreKit (Apple Inc.) | Apple purchases | Receipts, transaction data, and subscription state for Apple purchases |
| Google Play Billing (Google LLC) | Google Play purchases, if offered | Purchase tokens, transaction data, and subscription state for Google Play purchases |
| Web merchant of record / checkout provider shown at checkout | Web purchases, if offered | Customer, subscription, tax, and transaction records for the web purchase flow |
We may also disclose data to courts, regulators, law enforcement, or other authorities when legally required, or as part of a merger, financing, acquisition, or asset sale subject to appropriate confidentiality and notice where required.
If web sales are offered, the checkout flow will identify the merchant of record or checkout provider and present that provider's terms, billing information, and privacy information before payment is completed.
Digitalbits 64 LLC is based in Georgia. Our service providers may process data in the United States or other countries outside your home jurisdiction.
Where required by applicable law, we rely on available transfer safeguards such as provider contractual commitments, published data-transfer mechanisms, and your request to use provider-backed features like Google Sign-In, Google Drive sync, or Google Gemini.
| Category | Typical Retention |
|---|---|
| Local note data on your device | Until you delete it, reset app data, or uninstall the app |
| Encrypted Google Drive backup / sync data | Until you delete it from the app or from Google Drive |
| Authentication tokens and session data | Until sign-out, token expiry, or account deletion |
| Locally stored AI chat history | Up to 2 days unless you clear it earlier |
| Short-lived AI security / rate-limit counters | Temporary in-memory retention only, generally no longer than operationally necessary |
| Analytics / crash data | According to Firebase retention settings or until deleted / aged out under provider controls |
| Purchase and accounting records | For the period required by tax, accounting, consumer-protection, or anti-fraud law |
No service can guarantee absolute security. If you believe your account or data has been compromised, contact [email protected].
Depending on where you live, you may have rights to access, correct, delete, restrict, object to, or obtain a portable copy of personal data we process about you, to withdraw consent for analytics / diagnostics, and to lodge a complaint with your local data protection authority.
To exercise a rights request, email [email protected]. For most note content that exists only on your device or in your Google Drive account, you can often access, export, correct, or delete that data directly in the app.
For California residents: we do not sell personal information, we do not share personal information for cross-context behavioral advertising, and we use sensitive personal information only to provide the service you request, secure the service, and comply with law.
Pure Note is not directed to children under 13, and we do not knowingly collect personal information from children under 13. If local law sets a higher age threshold for digital consent, that higher threshold applies in that jurisdiction.
We may update this Privacy Policy from time to time for legal, technical, product, or operational reasons. When we make a material change, we will update the "Last Updated" date and, where appropriate, give advance notice in the app or by another reasonable method before the change takes effect.