Effective Date: March 21, 2026
This Privacy Policy explains how Spillbox.app ("we", "us", or "our") handles your information when you use our mobile and desktop applications (the "App"). We built Spillbox.app from the ground up to respect your privacy and data sovereignty.
We write our legal documents to be as clear and straightforward as possible. If you are looking for our informal philosophy on privacy and local-first storage, you can read our Privacy and Local-First Storage guide.
1. Data Collection and Storage (Local-First)
Spillbox.app is a local-first application. By default:
- We do not require you to create an account, provide an email address, or set a password to use the App.
- All notes, tags, and preferences you create are stored entirely on your local device.
- We do not automatically collect, harvest, or transmit your notes to our servers.
2. Third-Party Integrations
You may choose to connect Spillbox.app to third-party services (such as Notion).
- These integrations are completely opt-in.
- When you enable an integration, you explicitly authorize the App to send specific, selected data directly to that third-party service via their respective APIs.
- We do not act as an intermediate processor for your plaintext data when it is sent to these third-party integrations.
- Please review the privacy policies of any third-party services you connect to, as their handling of your data will be governed by their rules.
3. Analytics and Crash Reporting
We believe in minimizing data collection. The App does not include intrusive third-party trackers or advertising SDKs. If the App crashes or encounters an error, we may offer an opt-in prompt to send anonymous crash reports to help us fix the issue. These reports do not contain the content of your notes.
4. Data Retention and Deletion
Because your data lives on your device, you have complete control over its retention and deletion.
- Local Data: You can permanently delete your notes at any time directly within the App or by uninstalling the App.
5. Your Data Rights
Depending on your location, you may have legal rights (such as under the GDPR or CCPA) to access, correct, port, and delete your personal data. Because Spillbox.app is designed as a local-first application, you possess these capabilities natively:
- Access and Portability: Your data lives on your device. You can export your notes in standard open formats at any time directly from the App, without submitting a data request to us.
- Correction and Deletion: You can edit or permanently delete your notes locally.
- Note: We cannot process traditional data access requests for your plaintext notes because we literally do not have access to them.
6. Children's Privacy
Spillbox.app does not knowingly collect any personal information from children under the age of 13. If you believe we have inadvertently collected such information, please contact us so we can proceed with deleting it.
7. Changes to this Privacy Policy
We may update this Privacy Policy from time to time to clarify our practices or reflect new features. Since we do not collect your email address, we cannot notify you individually. We will post any changes on this page and update the "Effective Date" at the top. We encourage you to review this policy periodically.
8. Contact Us
If you have any questions or concerns about this Privacy Policy or our data practices, please reach out to us at [email protected].