Security Overview

Comprehensive security measures that protect your data from the moment you create it until eternity.

Security by Design

Voidtype's security is not an afterthought—it's the foundation upon which everything is built. Every decision, from architecture to implementation, prioritizes your data security.

Encryption Architecture

AES-256 Encryption

Military-grade symmetric encryption for all your data

256-bit
Key Size
Client-Side
Encryption
Hardware
Keystore

Biometric Protection

Device-level biometric authentication

Your notes are protected by your device's biometric security (fingerprint, face ID, or PIN). Without biometric authentication, your data remains encrypted and inaccessible.

Zero-Knowledge Architecture

We Cannot See Your Data

Zero-knowledge means that even if our servers were completely compromised, your data would remain secure. Here's how it works:

Client-Side Encryption

All encryption happens on your device. We never see unencrypted data.

Encrypted Storage

Our servers sees only encrypted data - meaningless without your keys.

Anonymous Identity

Your identity is a random UUID. The server stores only cryptographic hashes of that UUID.

Temporary Storage

All server data auto-deletes after 7 days.

Infrastructure Security

Enterprise-Grade Hosting

Secure, monitored infrastructure with multiple layers of protection

Network Security

  • HTTPS mandatory (.app domain requirement)
  • DDoS protection through Cloudflare

Data Protection

  • End-to-end encryption
  • Automatic data deletion
  • No data retention logs

Server Location & Jurisdiction

Austria-Based Infrastructure

Servers located in Austria for strong privacy protection

Location

All Voidtype servers are physically located in Graz, Austria.

Infrastructure

Secure, monitored infrastructure with multiple layers of protection.

Privacy Advantage: Austrian data protection laws are among the strongest in Europe, and the country's location outside major intelligence alliances provides additional protection against foreign surveillance programs.

Device Security

Rooted Device Protection

Voidtype prevents installation on rooted Android devices. This ensures that your data cannot be compromised by unauthorized system access.

Why this matters: Rooted devices bypass Android's security model, potentially allowing malware or unauthorized apps to access encrypted data at the system level.

Security Audits & Transparency

Open Source Security

Transparent code that can be audited by security researchers

Our commitment to transparency means our code is open source and can be independently audited. We welcome security researchers to review our implementation and report any findings.

Responsible Disclosure

If you discover a security vulnerability, please contact us at [email protected] before public disclosure.

Compliance & Certifications

GDPR Compliant

Designed to comply with EU data protection regulations

Zero Knowledge

We cannot access your encrypted data under any circumstances

AES-256

Military-grade encryption standard