Is my data secure (encrypted)?
For syncing purposes, your data is stored on CloudKit (iCloud) and locally on your device (so you have offline access). Apple's iCloud servers use encryption to ensure that only authorized users can access data. We are not using an additional layer of encryption. The data is encrypted in transit by TLS (HTTPS).
Note: Your attachments, like images and PDFs, etc. are stored as CloudKit "Assets", which Apple documents are encrypted by default.
As the developer, we have no access to your data. Your data can be accessed only with your private Apple ID login.
- Read about CloudKit Security.
- Read about CloudKit end-to-end encryption.
- Read about iCloud Drive security.
- Read about iCloud security overview.
Additionally, to secure the locally saved data, you can enable "FileVault" in your system preferences:
You can also enable an extra layer of encryption for your notes by turning on "Save Note Content as Encrypted Asset". To find this option:
- Open Settings.
- Click on Sync.
- Below "Use CloudKit", click the Advanced button to reveal more options.
- At the top you will find the "Save Note Content as Encrypted Asset" option.
Important: Enabling encryption can slow down sync, which might be noticeable if all notes need to be downloaded, as each note needs to be encrypted and decrypted individually.
This will store the contents of your notes as an "asset", which is by default encrypted by Apple on their servers. This includes the title of the note, but not the filename. Read more about this encryption method here.