Your data & privacy
Retention you control per document, one-click export, self-serve deletion — and where the data actually lives.
Store or Discard — you choose per document
Every document you ingest gets a retention mode:
- Store keeps the document indexed for as long as your account is open — or until you delete it, which you can do from the library at any time.
- Discard purges the document — including its chunks and any shared content no longer referenced by anyone — within 24 hours of upload, via an hourly background sweep.
Export your data
The Your data card on the dashboard account pagedownloads everything in one click as a single JSON file: your account details, documents, summaries, chat history and notes. That's the UK GDPR data portability right, self-serve — no email required.
Delete your account
Account deletion is self-serve too, from the danger zone on the same dashboard page. It first cancels any active subscription immediately (so you can't be billed after deleting), then permanently deletes your documents, notes, collections, chat history and connected-account tokens, and cleans up any stored content that no other account references. It is irreversible — export first if you want a copy.
Where your data lives
Your documents are stored in the United Kingdom — the eu-west-2 (London) region on Supabase — encrypted at rest, with row-level security isolating every account so no two users can read each other's content. Your content is never used to train AI models: Sidenote never fine-tunes on user content, and the model and embedding providers it uses (Anthropic and Voyage AI) run with no-training defaults on the tiers Sidenote uses.
Connected accounts
Connectors (Google Docs, Notion, Microsoft, Slack) use least-privilege, read-only scopes and only read the documents you explicitly ingest. Disconnecting a provider — from the Connections page or the extension — deletes its stored access token immediately.
The full detail
The Privacy Policyis the canonical statement of what's collected and your rights under UK GDPR; Security & compliance covers the protections in depth, and the security & disclosure policy explains how to report a vulnerability. For anything specific — including data-processing questions — contact us or email support@getsidenote.app.