Privacy Policy
Effective date: 25 May 2026 · Last updated: 25 May 2026
This Privacy Policy describes how Sivaranjani M, trading as LeafSoft ("we", "us") collects, uses, and protects information when you use Jot (the "Service") at https://jot.leafsoft.online.
1. The two modes — what leaves your device
Jot has two modes, and which one you pick determines what data we ever see.
- Local mode — Notes, tags, and settings live only in your browser (IndexedDB) or local SQLite file. Nothing is sent to our servers. If you uninstall the browser, clear site data, or delete the file, the data is gone. We have no copy and cannot recover it. Local mode optionally supports backups to your own Google Drive — see §6.
- Cloud mode — Notes, tags, workspaces, AI settings, and embeddings are stored on our infrastructure (see §4) so they sync across your devices.
2. Information we collect (Cloud mode)
- Account data — your email address (used as your identifier; no password is stored).
- Authentication data — one-time magic-link tokens, session cookies, sign-in timestamps, IP address used at sign-in.
- Your content — notes (title + body), tags, workspaces, summaries, review status, and AI skills (custom system prompts) you create.
- AI configuration — your Google Gemini API key (stored encrypted at rest), preferred model, embedding model.
- Derived data — vector embeddings of your notes generated to power AI chat (RAG).
- Technical logs — standard server logs (IP, user-agent, request path, status, timestamp) retained briefly for abuse prevention and debugging.
- Feedback — anything you submit through the in-app feedback form.
We do not collect: payment info, location beyond IP, contacts, advertising IDs, or device fingerprints.
3. How we use the information
- Provide the Service: authenticate you, save and sync your notes, run AI features you trigger.
- Send transactional email (magic links). We do not send marketing.
- Keep the Service running and secure (rate limits, abuse detection, error monitoring).
- Comply with law if validly required.
We do not sell your data, do not use your notes to train any AI model, and do not use your notes for advertising.
4. Third-party processors (Cloud mode)
To run the Service we share the minimum data needed with the following providers:
| Processor | What they handle | Why |
|---|---|---|
| Vercel (USA) | Hosting, edge requests, logs | Runs the app |
| Turso (USA / EU) | Database storage | Stores your notes, tags, embeddings, sessions |
| Resend (USA) | Email delivery | Sends magic links |
| Google (Gemini API) | Note content you submit to AI features | Refine, summarize, suggest tags, chat — uses your own API key; usage is governed by Google's terms |
When you use AI features, the relevant note text (or your chat message and retrieved note excerpts) is sent to Google under your API key. If you do not configure a key, no content is sent to any AI provider.
5. AI features and your content
- AI features only run when you click them (Refine, Summarize, Suggest Tags, Ask your notes).
- Embeddings are generated in the background about 5 seconds after autosave to enable chat over your notes. You can disable embeddings in Settings → AI provider.
- We do not use your notes to train models. Google's Gemini API terms apply to data you send under your key.
6. Local-mode backups (Google Drive)
Local mode offers an optional backup to your own Google Drive. This feature is off by default and only activates after you click Settings → Backup → Connect Drive and complete Google's consent screen.
- Browser-only OAuth. The Google sign-in popup returns an access token directly to your browser. Our servers never see the token. There is no backend involvement in the Drive flow at all.
- Minimum scope. We request only
https://www.googleapis.com/auth/drive.appdata. This scope is enforced by Google itself: Jot can only read and write files inside its own hidden per-app folder. We cannot read your other Drive files, your inbox, your contacts, or anything else. - End-to-end encrypted. The
.jotfile uploaded to Drive is encrypted in your browser with a key derived from your passphrase (or recovery phrase). Google sees only ciphertext. Without your passphrase or recovery phrase, the backup is useless. - Hidden folder. Backups land in Drive's
appDataFolder, which is invisible in the regular Drive web UI. You can audit Jot's access at myaccount.google.com/permissions. - Token storage. The short-lived access token (≈ 1 hour) is kept in your browser's
localStorageso the "connected" state survives reloads. No refresh token is requested; once the token expires, you reconnect with a fresh consent click. - Revocation. Click Disconnect in Settings → Backup to clear the token locally and revoke the grant on Google's side. You can also revoke from myaccount.google.com/permissions.
Because Drive backup is direct-to-Google and end-to-end encrypted, Local mode remains a zero-server-knowledge configuration even with backups enabled.
7. Cookies
We use one essential cookie, notes_sess, a signed session cookie set after magic-link verification. No analytics, ad, or tracking cookies.
8. Data retention
- Notes, tags, embeddings, AI settings — retained while your account exists (Cloud mode).
- Magic-link tokens — single-use, expire within minutes.
- Sessions — expire after 30 days of inactivity.
- Server logs — retained for up to 90 days for abuse and debugging.
- Google Drive backups — kept until you delete them from within Jot or directly in your Google account. We have no ability to read or delete them remotely.
- Account deletion — email privacy@leafsoft.online. We delete account, notes, embeddings, and AI settings within 30 days; backups roll off within 90 days.
9. Security
- TLS in transit; database encryption at rest via Turso.
- Gemini API keys encrypted at rest before storing.
- Magic-link tokens are one-time and short-lived.
- No password is ever stored.
- Local-mode Drive backups are end-to-end encrypted in your browser before upload.
No system is perfectly secure. If you discover a vulnerability, please email security@leafsoft.online.
10. Your rights
Depending on where you live (India DPDP Act, GDPR, UK GDPR, CCPA, etc.), you may have rights to access, correct, export, or delete your data, and to object to or restrict processing. Export your notes any time via Settings → Export. For other requests, email privacy@leafsoft.online.
11. Children
Jot is not directed at children under 13 (or under 16 in the EEA). Do not use the Service if you are below that age in your jurisdiction.
12. International transfers
Data may be processed in the USA and other countries where our processors operate. Where required, we rely on Standard Contractual Clauses or equivalent safeguards.
13. Changes
We may update this policy. We will post the new "Last updated" date and, for material changes, notify you by email.
14. Contact
LeafSoft — Chennai, Tamil Nadu, India — privacy@leafsoft.online