<p><i>Please note that I am not a lawyer. If you find any issues in this privacy policy, please create an issue <ahref="https://concord.hectabit.org/HectaBit/Burgernotes/issues/new">on our git repository</a>.</i></p>
<p>In this document, the terms "we" and "us" refer to the Hectabit Project, an open source initiative and the creator of Burgernotes. The terms "you" and "the user" refer to the reader of this privacy policy and all users of Burgernotes. "This website" and "this service" refer to Burgernotes, an online website you are currently using.</p>
<p>Your notes are <ahref="https://en.wikipedia.org/wiki/End-to-end_encryption">encrypted end-to-end</a> using <ahref="https://en.wikipedia.org/wiki/Advanced_Encryption_Standard">AES</a>-<ahref="https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation">CBC</a>
(Advanced Encryption Standard - Cipher Block Chaining) 256-bit encryption.</p>
<p>Burgernotes does not use cookies in the conventional sense. Burgernotes places information into localStorage, a type of blob storage similar to cookies, but not accessible to third-party websites or the server.</p>
<p>This ensures that a malicious server or third-party websites cannot tell your information.</p>
<li>This is used by the client to send to the server in order to identify you as... you.</li>
<li>This contains no useful information and is simply a string of random bytes. If this is shared, you may simply remove the offending secretKey from your session list, by clicking "X" on the device you have logged in on to create this key.</li>
<liclass="w900">PRIVATE-cryptoKey</li>
<li>This is used by the aforementioned AES to encrypt and decrypt your notes. It never leaves your device.</li>
<li>This is derived from your password and is therefore sensitive and should NEVER, EVER be shared. If you have done so, change your password as soon as possible.</li>
<liclass="w900">SETTING-fontsize</li>
<li>This is used to determine the size of your font. It is not sensitive information and can be freely shared, though it never leaves your device.</li>
<liclass="w900">SETTING-newVersion<li>
<li>This determines if you have seen the "What's New?" dialog displayed in each new version. It is not sensitive information and can be freely shared, though it never leaves your device.</li>
<liclass="w900">SETTING-homeServer</li>
<li>This determines which server Burgernotes should connect to. It is not sensitive information and can be freely shared, though it never leaves your device.</li>
<p>We don't sell or share your data to advertisers or third-parties, and no such thing exists on this website - it is entirely self-contained. Not even an external font service is used.</p>
<p>Burgernotes is compatible with the UK GDPR and the Californian Data Protection Regulation. We do not knowingly serve citizens in the European Union, and those who do so at their own risk. The only violating law of the EU GDPR is that it is no longer hosted in an EU country after the events of Brexit.</p>
