Privacy & security
Designed to minimize exposure: on-device encryption, zero-knowledge and no default trackers.
What end-to-end means here
Sensitive content is encrypted on-device before syncing. The server stores ciphertext only.
Zero-knowledge
Your key is derived from your password via PBKDF2. Without it, data is unreadable.
EU/GDPR
We minimize data and aim for compliance with European regulations.
Architecture in 4 steps
Step 1
Password -> key derivation (PBKDF2 100k)
Step 2
On-device encryption (AES-256)
Step 3
Upload: ciphertext only
Step 4
Decryption: on-device only
Technical details (short)
Control & deletion
You can request full data deletion. Email us at info@mooles.com.
No tracking (by default)
This website does not include third-party analytics or pixels. We only use a technical cookie to remember language.