MiYu Note Privacy Policy (Last updated: May 26, 2026)
MiYu Note (hereinafter “we”) understands how important privacy is to you and is committed to protecting your personal information. This Policy explains how we collect, use, store, and protect your information, especially how we use technical measures to help keep your note content absolutely private.
I. Information We Collect
To provide stable note synchronization and management services, we follow a “minimum necessary” principle and collect the following:
1. Account information
The email address you provide when registering, used for identity verification, account recovery, and core service notifications.
2. Non-encrypted operational metadata (non-E2EE storage)
To enable seamless cross-device synchronization and smooth client list display, we store the following limited information in the cloud in a non-end-to-end-encrypted manner: space name, space background image, note title, note icon, note header image, and user nickname. Please note that apart from this structured metadata, your actual note content is completely invisible to us.
3. Encrypted content data (ciphertext)
Your note body text, images, documents, and other core attachments. Such data is cryptographically encrypted with the highest level of security using your space key on the client before leaving your local device. We only host and store binary ciphertext that cannot be reversed into plaintext by us or any third party.
4. Device and anonymized log information
To keep the service stable and fix bugs, we collect device model, operating system version, and application crash logs. All such log data undergoes strict de-identification and anonymization and does not contain any of your personally identifiable information or note content.
5. Transient IP address and geolocation determination (special notice)
We take your privacy extremely seriously. We do not store, record, or retain your full IP address in any permanent cloud storage medium (such as databases or server logs), nor do we use your IP address for user profiling, behavioral tracking, or identity correlation. However, when your device establishes a network connection with our servers (or with global network security and content delivery service providers we use), our system must transiently read the incoming IP address of your request in memory. This processing is solely and exclusively for instantly determining your approximate country or region in memory to conduct necessary compliance review. This comparison is completed instantly in memory; once determination is complete, the IP address data is immediately discarded with no records retained.
II. Space Key Storage and Client-Side Decryption (Core)
This application uses zero-knowledge end-to-end encryption. Your key management works as follows:
1. Encrypted escrow
To enable multi-device synchronization, your Space Key is uploaded and saved to the cloud as an encrypted key blob.
2. Client-side decryption
That key copy can and must only be decrypted using the “space key password” you set yourself and that only you know. Decryption occurs entirely on your local client device. We neither collect nor store your space key password in plaintext on the server and cannot bypass the password to access your Space Key in the cloud.
3. Absolute control
Because we implement a zero-knowledge architecture, unless someone has your space key password, no third party—including us, cloud providers, attackers, or government agencies—can recover the Space Key or read any of your note body text or attachments.
III. How We Use Information
- Provide and maintain the service: use email for identity verification and non-encrypted metadata to build your note directory and space lists.
- Data relay and synchronization: as a highly secure ciphertext hosting provider, we ensure encrypted data blocks are synchronized accurately and promptly across your devices.
- Geographic compliance and access verification: when your device initiates a request, by transiently reading and comparing IP addresses with regions, we ensure our Service complies with local laws and geographic access restrictions in your location.
- Security protection: monitor abnormal sign-in behavior and safeguard system security.
IV. Storage and Retention
1. Location
Your information is stored in secure data centers in the region you selected when using or registering for the Service.
2. Retention period
We retain information only for the shortest period necessary to provide the Service. When you delete your account, delete a specific space, or manually delete notes, the corresponding ciphertext and metadata are permanently removed from production servers in sync. For IP addresses described in Section I, item 5 of this Policy, retention in memory lasts only the few milliseconds required for transient determination and is destroyed immediately thereafter.
3. Key loss risk (important)
Because of zero-knowledge end-to-end encryption, if you forget your space key password and have not backed up your Space Key locally, we cannot technically recover, reset, or retrieve your data. Any resulting permanent data loss is borne by you.
V. Sharing and Disclosure
We do not sell, rent, or unlawfully provide your personal information to third parties. We may disclose information only in the following circumstances:
- With your explicit consent.
- No plaintext disclosure capability (legal requests): when we receive lawful, compliant, and legally binding judicial requests or government orders, we may disclose stored account metadata or ciphertext. You expressly acknowledge and agree that because we do not possess your local decryption credentials, we cannot and will not provide plaintext of your encrypted content (such as note body or attachments) to any authority.
VI. Your Rights (GDPR and similar standards)
Under applicable law, you have full control over your personal information. In the app you may exercise:
- Right to know and access: view your account profile and non-encrypted metadata at any time.
- Right to erasure: permanently delete your ciphertext data and account from cloud servers.
- Right to data portability: export your notes for independent local backup at any time.
VII. Protection of Minors
The Service is primarily intended for adults. If you are a minor, please read this Policy and use the Service only under the supervision and guidance of a guardian.
VIII. Policy Updates
We may revise this Privacy Policy from time to time. When we make material changes, we will notify you via in-app announcement, pop-up, or email. Your continued use of the Service constitutes acceptance of the revised Policy.
IX. Contact Us
If you have questions, suggestions, or complaints about this Privacy Policy, please contact us through the in-app “Help & Feedback” channel or our official support email.