What services does Standard Notes use for daily operation?
For our cloud servers and databases, we use Amazon Web Services.
We do not use analytics across our web, desktop, and mobile applications. For our website, we use a self-hosted, privacy-respecting analytics software called Matomo.
For crash reporting on our mobile app, we use Bugsnag. Bugsnag is non-invasive, and collects only what it needs to produce helpful crash reports for mobile that help us maintain application stability.
For server-side error reporting, we use Sentry. We do not collect or store IP addresses as part of our Sentry configuration.
On our servers, we use NGINX with no IP address logging. In addition, no IP addresses are logged across all of our server-side applications, like our open-source syncing server.
For Windows application code signing, we use a Digicert Extended Validation Certificate. For macOS code signing, we use a verified Apple Developer account. Code signing ensures that the application you download and run has not been modified or tampered with, and does not deviate from the code we produce and ship on our end.
For general email inquiries to firstname.lastname@example.org, we use Google Apps. For encrypted support to email@example.com, we use Protonmail. Apart from optional Google Drive integration, this marks the only integration point we have with Google. We do not use Google Analytics anywhere in our ecosystem, nor do we use Google's reCAPTCHA for spam control.
This summarizes the list of external services we use in our daily operation.
When it comes to protecting your sensitive, actual data, we're proud to rely on no other entity than the laws of mathematics and cryptography. Your notes are always encrypted with a secure key that no one has besides you, and this key never leaves your computer or touches a cloud. Simply put: you are the only person that can read your private notes.