Solo Note
Legal

Privacy Policy

Solo Note is an offline-only macOS application. It does not collect, transmit, sell, or share any personal information. This policy explains exactly what that means in plain language.

Effective date: 17 May 2026 · Last updated: 17 May 2026

1. Summary

Solo Note (“the App”) is published by Vicras (“we”, “us”). The App runs entirely on your Mac. It does not contact any server we operate, Apple operates, or any third party operates. It contains no analytics, no crash reporting, and no advertising.

  • Data collected by us: none.
  • Data transmitted by the App: none.
  • Data shared with third parties: none.
  • Data used for tracking: none.

The notes you create with Solo Note are stored only on your Mac, encrypted at rest, and never leave the device unless you explicitly export them.

2. What the App stores, and where

The App stores all user content (notes, blocks, folders, tags, properties, todo lists, version history, settings, and image attachments) inside a single SQLite database located under ~/Library/Application Support/solo-note/ on your Mac. This file is encrypted as described below.

  • At rest: the database is sealed with SQLCipher AES-256 page-level encryption with HMAC-SHA512 integrity. Selected block payloads are sealed a second time with AES-GCM under per-context derived subkeys.
  • Key storage: the encryption key is generated on first launch and held in your macOS Keychain under kSecAttrAccessibleWhenUnlockedThisDeviceOnly, bound to this device, and never synced to iCloud Keychain.
  • No account, no password to remember: Solo Note opens straight into your notes. You don't sign in; the encryption is bound to your macOS user account on this Mac.
  • Encrypted exports: when you choose to export a notebook as a .solonote file, you provide a password at that moment. The archive is sealed with PBKDF2-SHA512 (at least 600 000 iterations) plus AES-256-GCM, so the file is unreadable without that password.

The App also requests user permission, through standard macOS file dialogs, to read and write files you select when importing or exporting .solonote archives. Those files are written to the location you choose; the App never selects a destination on your behalf.

3. Network use

The App's sandbox entitlements deny both com.apple.security.network.client and com.apple.security.network.server. As a result, the App cannot make outbound network requests, listen for inbound network connections, or talk to any service — including ours, Apple's, or any third party's. We can independently confirm this from the entitlements file bundled with every signed build, and you can too.

4. Information we do not collect

The following is a non-exhaustive list of information we explicitly do not collect:

  • Your name, email address, phone number, or any other contact details.
  • Your IP address, device identifier, advertising identifier, or location.
  • The content of your notes, or any metadata about them (titles, sizes, counts).
  • Crash reports, diagnostic logs, telemetry, or feature-usage events.
  • Cookies, fingerprinting signals, or analytics of any kind.

5. Third-party services

The App does not embed any third-party SDKs, analytics libraries, advertising networks, social-media kits, or crash-reporting frameworks. All native dependencies are vendored as source and run entirely locally — see Software bill of materials below.

6. Children

The App is suitable for general audiences. Because we collect no personal information from anyone, we collect none from children. Solo Note is not directed at children under 13 and we do not knowingly collect data from children under 13.

7. Optional features that involve your data

Two features operate on your data only when you initiate them explicitly:

  • Encrypted export. When you choose “Export to .solonote…”, the App derives a key from a password you supply, encrypts the selected content with AES-256-GCM, and writes the resulting file to the location you choose. We do not see, receive, or store either the password or the file.
  • Import. When you import a .solonote file, the App asks for the password you used when exporting, verifies the file's authentication tag, and merges its contents into your local vault using a conflict-resolution flow you control.

8. macOS system permissions

The App requests only the following system capabilities:

  • App Sandbox — enabled (required by the Mac App Store).
  • User-selected file read/write — to import and export .solonote archives you pick.
  • App-scope bookmarks — to remember your chosen export destination across launches.

The App does not request access to Contacts, Calendar, Reminders, Camera, Microphone, Location, Photos, AppleEvents, or any other privacy-sensitive macOS resource.

9. Security

Full technical details of the cryptographic design are documented in our public THREAT_MODEL.md and summarized in SECURITY.md. Suspected vulnerabilities should be reported privately — see the support page.

10. Software bill of materials

All native dependencies are vendored as source so the App can be built without remote package fetches:

  • SQLCipher 4.9.0 — AES-256 page encryption with HMAC-SHA512 integrity, CommonCrypto backend.
  • Tree-sitter 0.25.9 — local syntax highlighting; grammar sources for Swift, JS, JSON, Bash, Markdown, etc.

11. Changes to this policy

We may update this policy to reflect changes in the App or in applicable law. Material changes will be announced on this page and dated above. Because we do not collect contact information, we cannot notify users individually — please review this page periodically.

12. Contact

Privacy questions, requests, or concerns: email privacy@vicras.io.