Loxnote
Open app demo Get Loxnote — free
EU-based · Zero-knowledge

Notes only you can read.

End-to-end encrypted before they leave your device. Stored in Europe. Readable by you alone — not by us, not by anyone.

Get Loxnote — free Open the app demo →
EU-hosted & sovereign Open-source & audited No ads, ever GDPR Art. 32
On your device
What our servers store
notebook · Casework· edited 2m ago
Client intake — M. Bauer
#confidential#2026-Q2
Initial consultation re: contract dispute. Key dates and the settlement position are noted below.
Send retainer agreement
Draft response by Friday
object · 8f3a…b21c· v47 · 1.4 KB
XChaCha20·9d2f4a1c8e0b…
e7Qm+Lk0Zr9aF2pНxV4cT1sD6yJ8wB3nU5oK7gР0iEq2lM9aZx4cV1bN6mD8s
3fW0pT7rY2kH5jL9qС1xZ4vB6nM8dF0gA2sR7tY1uI3oP5l…0aQ9zX2cV4bN6m
tags (blind index)
hmac:5e1c0b9a · hmac:a47f2d80
Title, body, tags and attachments are ciphertext. We can’t read any of it — by design.
Trusted by privacy-first professionals: Lawyers Therapists Clinicians Journalists Accountants Public-sector teams
Why Loxnote

Four promises, kept in the architecture.

Not a privacy policy you have to trust — a design that makes the alternative impossible.

Zero-knowledge by default

Encrypted on your device before it ever syncs. Not a paid add-on, not opt-in — the only mode there is.

European & sovereign

EU company, EU servers, EU sub-processors. No Schrems II asterisks, no transfer-risk footnotes.

Usable, not painful

All the everyday features — rich editor, sync, search, sharing. The encryption is invisible plumbing.

Open & yours

Open-source clients, published audits, open export. No lock-in — your notes outlive us.

The security contract

What we can — and can’t — see.

This table is the whole product. Every endpoint we ship is reviewed against it.

You keep

Held only on your devices, under keys we never receive.

  • Note titles, body text and formatting
  • Tags, folders and the shape of your life
  • Attachments — images, PDFs, any file
  • Your password (never transmitted, ever)
  • Search queries and their results

We store

A breach of our servers yields ciphertext and counters — nothing readable.

  • opaqueEncrypted blobs, object IDs & byte sizes
  • verifierAn OPAQUE login verifier — not your password
  • wrappedKey material, encrypted under your keys
  • edgesThat A shared something with B — never what
  • hmacBlind-index tokens — never the words behind them
The everyday app

Secure shouldn’t mean clunky.

A note app you’d choose even if privacy weren’t the point.

Capture & edit

A rich editor that just feels fast.

Headings, checklists, tables, code, inline images and Markdown shortcuts — with autosave that works offline-first, so you never lose a keystroke.

  • Local-first persistence — fully usable with no connectivity
  • Conflict-free sync (CRDT) merges concurrent edits without loss
  • Per-note version history, reconstructed from encrypted deltas
offline-first · synced
Q2 board prep
forecast-2026.pdf · encrypted
Share & collaborate

Share a note — keep the secrecy.

Hand a notebook to a colleague using public-key key-wrapping. Only the recipient’s device can unwrap it. Our servers move sealed envelopes they can’t open.

  • Recipient-only decryption — the key never touches the server
  • Revoke access and re-key in one click
  • Read-only links carry the key in the URL fragment, never sent

Share “Client intake — M. Bauer”

Encrypted for each recipient’s public key.

DM
dr.mara@kanzlei.de
key 3F9A·B2…·sealed
can edit
JK
j.klein@press.eu
key 7C1D·E4…·sealed
view
Copy read-only link · key stays in #fragment
Account & recovery

Your keys, your devices, your call.

Add up to ten devices, each with its own key you can revoke. Protect login with passkeys or TOTP. And a one-time recovery kit is the only — deliberately backdoor-free — way back in.

  • Per-device keys with named revocation
  • Passkeys (WebAuthn) & TOTP two-factor
  • Recovery kit re-wraps your vault — never escrowed by us
MacBook Pro — Studio
this device · key a91f
● active
iPhone 16
Berlin · key c47d
revoke
Linux desktop
Helsinki · key 0e2b
revoke
Under the hood

Cryptography you can read for yourself.

Modern, audited, crypto-agile. Open source, with reproducible builds and a public bug bounty.

A versioned envelope

Every object carries its algorithm IDs, so we can rotate ciphers and migrate to post-quantum without re-encrypting your life.

version ∥ alg_ids ∥ nonce ∥ AEAD(ciphertext, AAD)

Keys derived from you

Argon2id stretches your password to a master key that never leaves the device. The server holds no master key, and no backdoor.

argon2id → MUK → wraps ASK → per-note keys

Verifiable, not just promised

Published external audit before GA, an ongoing bug bounty, CRA-compliant disclosure and a periodic transparency report.

audit: sha256·9f2c…d10a · verified ✓
XChaCha20-Poly1305 Argon2id X25519 + HKDF Ed25519 OPAQUE aPAKE hybrid ML-KEM-768

A detection order to scan your notes is something we are technically unable to satisfy — because we cannot read content in the first place.

// our standing posture on EU “Chat Control” / CSAR
Pricing

Paid, so you’re never the product.

EUR-native, annual discount, no ads — ever. Education, non-profit and journalist discounts available.

Free

€0
For trying Loxnote & light use.
  • 1 GB encrypted storage
  • Full zero-knowledge app
  • Unlimited devices
  • Import & full export
Start free
Most popular

Personal

€4.99/mo
For privacy-first individuals.
  • 20 GB · 250 MB files
  • On-device AI & web clipper
  • Sharing & unlisted links
  • Agents — 2 identities
Choose Personal

Pro

€9.99/mo
For regulated solo professionals.
  • 50 GB · 1 GB files
  • Signed DPA & audit pack
  • Agents — 5 + A2A workspaces
  • Priority support
Choose Pro

Team

€8/user
Companies, NGOs & public sector. Min 3 seats.
  • Encrypted team spaces & wiki
  • SSO / SCIM, admin & audit
  • Org recovery key (opt-in)
  • Pooled storage & EUR invoicing
Talk to sales
LIFETIME

Own Personal once. €149, one time.

For subscription-averse privacy buyers — early cohorts are capacity-limited.

€149
Get lifetime
Privacy is never a paid add-on — these are identical on every tier, including Free:
End-to-end zero-knowledge encryption EU-only residency & sub-processors Open-source clients & audits Recovery kit · no backdoor Full export & open formats All platforms No ads · no tracking · no scanning
Compare plans Free Personal Pro Team
Storage & history
Encrypted storage1 GB20 GB50 GBPooled + 20 GB/seat
Max file / attachment25 MB250 MB1 GB5 GB
Version history7 days90 days1 yearConfigurable
Selective sync
Privacy & recovery
Zero-knowledge encryption & EU residency
2FA (TOTP / passkeys)SSO-enforced
Recovery kit
Recovery contacts
Hidden / locked notes
Productivity
Import & full export+ white-glove
On-device AI
Web clipper
Sharing & unlisted linksReceive only
Agents — MCP / A2A
Agent identities25Per-seat
Included calls / mo1,0005,000Pooled
A2A multi-agent workspace
Self-hosted MCP
Team & enterprise
Team spaces (private + org-open, E2E)
Page trees, roles & restricted pages
SSO (SAML/OIDC) & SCIM
Admin console & audit logs
Org recovery key (opt-in)
DPA & audit-evidence pack
No lock-in

Bring everything. Leave anytime.

Import from the apps you’re escaping and the raw file formats underneath them — Markdown, Word, PDF, OpenDocument and more. Every file is converted on your device, so the plaintext never reaches us. Two-way on the formats that matter, with an honest fidelity report on every import.

Markdown Word .docx PDF (+ OCR) OpenDocument Evernote .enex Apple Notes Notion Joplin Google Keep HTML · RTF · CSV · images
Converted on your deviceOur Rust core, compiled to WASM — files never leave your machine.
Honest fidelity reportSee exactly what converted cleanly versus what was simplified.
Originals always keptLossy imports preserve the source file as an encrypted attachment.
Your notes, sealed in Europe

Start writing privately
in under three minutes.

Free to begin. No card, no ads, no one reading over your shoulder — including us.

Get Loxnote — free Open the app demo →