NoteLoungeBack to home

Security

How we protect your data, your vault, and your peace of mind.

End-to-end encryption

Vault data is encrypted on your device with keys only you hold. We cannot decrypt it.

TLS everywhere

All data in transit is protected with TLS 1.3. No unencrypted connections, ever.

SOC 2 aligned

Our infrastructure and processes are aligned with SOC 2 Type II standards.

Encryption details

Your vault uses AES-256-GCM encryption with keys derived from your master password via Argon2id. The encrypted blob is stored on our servers, but the decryption key never leaves your device. This means that even in the unlikely event of a server breach, your vault contents remain secure.

For regular notes and calendar data, we use TLS 1.3 for transport and AES-256 at rest on our database servers. Row-level security policies ensure your data is only accessible by you.

Infrastructure

NoteLounge runs on industry-leading cloud infrastructure with automatic failover, encrypted backups, and 24/7 monitoring. Our databases are replicated across multiple regions for durability and availability.

Report a vulnerability

Found a security issue? We take all reports seriously and respond within 48 hours. Responsible disclosure is appreciated and rewarded.

Contact security