Privacy Policy

1. Introduction

Void Note ("the App", "we", "our") is a privacy-focused note-taking application developed by GreenIcePhoenix ("Developer", "I"). This Privacy Policy explains what data the App accesses, what it does with that data, and what data it never touches.

This policy applies to the Void Note Android application (package com.greenicephoenix.voidnote) and this website. It does not apply to third-party services you may link to from the App or website.

By using the App, you agree to this Privacy Policy. If you disagree with any part of this policy, please uninstall the App. You can also delete all App data via Android Settings → Apps → Void Note → Clear Data.

2. Data We Do Not Collect

The following categories of data are never collected, transmitted, or processed outside your device:

• Note content — your note titles, text, checklists, tags, and formatting
• Media files — images and voice recordings attached to notes
• Personal identifiers — name, email address, phone number, device ID
• Location data — the App does not request or access location at any time
• Usage analytics — which features you use, how often, or for how long
• Crash data — crash reports, error logs, or diagnostics
• Advertising identifiers — AAID or any advertising-related identifier
• Contacts, calendar, or other device data — the App does not access these
• Biometric data — fingerprint and face recognition is handled entirely by Android's BiometricPrompt API. The App never receives or stores the biometric data itself.

We have no backend server. There is no Void Note API. There is no account system. Your data physically cannot leave your device through Void Note unless you explicitly use the export feature.

3. Data Stored Locally On Your Device

The App stores the following data locally on your device. This data is encrypted and never transmitted to any server:

• Note database — stored in a Room (SQLite) database. All note titles and content are encrypted with AES-256-GCM before being written to the database. The database file itself is stored in the App's private data directory, which Android prevents other apps from accessing.
• Encrypted media files — images and audio recordings attached to notes are encrypted as .enc files stored in the App's private file directory. They are never written to shared storage.
• App preferences — theme selection, sort order, biometric lock preference, and vault salt are stored in Android DataStore (encrypted). No personally identifiable information is stored.
• Encryption keys — the master encryption key is stored in Android Keystore (hardware-backed on supported devices). This key is protected by your vault password or biometric. It cannot be extracted from the device.

4. Android Permissions

The App requests the following permissions. Each is explained below:

• USE_BIOMETRIC / USE_FINGERPRINT — allows the App to show Android's biometric authentication prompt. The App receives only a success/failure result.
• CAMERA — allows capturing photos to attach to notes. Photos are immediately encrypted and stored privately.
• RECORD_AUDIO — allows recording voice memos to attach to notes. Recordings are immediately encrypted.
• INTERNET — used solely to check for App updates. No note data is ever sent over the internet.

5. Data Security

The App takes significant measures to protect your note data:

• AES-256-GCM authenticated encryption for all note content
• Hardware-backed Android Keystore for master key storage
• PBKDF2 key derivation — your vault password is never stored
• App-private file storage — other apps cannot access your notes
• Biometric/PIN authentication before decryption

6. Your Data Rights

Because all your data is stored locally on your device, you have complete control:

• Access: Your notes are in the App. Open it and read them.
• Export: Settings → Data Management → Export Backup. You receive a complete encrypted backup.
• Deletion: Settings → Data Management → Clear Data. This is permanent and irreversible.

7. Changes to This Policy

This Privacy Policy may be updated when new features are added. Changes will be:

• Posted on this page with an updated "Last Updated" date
• Announced in the App's changelog

Continued use of the App after a policy update constitutes acceptance of the new policy. If you disagree with any change, you may stop using the App and delete all App data.