Last updated: March 2026
Minduro is a personal journaling application with end-to-end encryption, built and maintained by Uroš Kristan as a solo developer project. By using Minduro, you agree to these terms.
Minduro provides a private, encrypted diary with voice dictation, photo attachments, and mood tracking. Your notes are encrypted on your device before being stored on our servers — we cannot read your content.
You are solely responsible for safeguarding your encryption key. If you lose it, your encrypted notes cannot be recovered by anyone — including us. We strongly recommend saving your key in a secure location and using the email backup feature.
Minduro offers a free tier with up to 10 notes. For unlimited notes, a Pro subscription is available at €5 per month, billed through Stripe. You can cancel anytime through the subscription management portal.
You can permanently delete your account and all associated data at any time from the user menu. This action is irreversible — all notes, files, audio recordings, and personal data will be permanently removed from our servers and backups.
Minduro is provided “as is” without warranties of any kind. While we take every reasonable measure to protect your data and maintain uptime, we cannot guarantee uninterrupted service. This is a solo developer project maintained with care, not a large corporation with SLAs.
Your privacy is fundamental to Minduro. Here is exactly what data we collect, how we use it, and how we protect it.
We use Google OAuth for sign-in. We store your email address, display name, and profile picture. We do not store your Google password or access token.
All note content (titles, body text, mood data) is encrypted on your device using AES-256-GCM before being sent to our servers. Your encryption key is derived using PBKDF2 with 100,000 iterations and never leaves your browser. The server stores only encrypted ciphertext — we have zero knowledge of your note contents.
Your encrypted data is stored in MongoDB on our self-hosted server infrastructure. Files (photos, audio recordings) are stored in MongoDB GridFS. Daily encrypted backups are replicated to two independent data centers in Frankfurt, Germany and Paris, France (S3-compatible cloud storage).
Voice dictation uses the Soniox speech-to-text API. Audio is processed in real-time and is not stored by the service. In production, audio is proxied through our server — the Soniox API key never reaches your browser. A clear indicator is shown when dictation is active.
Payments are processed through Stripe. We do not store your credit card information. Stripe handles all payment data in compliance with PCI DSS standards. We only store your Stripe customer ID and subscription status.
Location tracking is optional and disabled by default. When enabled, approximate coordinates are attached to notes. You can remove location data from any note at any time.
Minduro does not use Google Analytics, Facebook Pixel, or any third-party tracking scripts. We do not serve ads. We do not sell your data. There are no cookie consent banners because we don't use tracking cookies.
You can delete your entire account and all associated data at any time. Deletion is complete and permanent — notes, files, usage data, and your user profile are all removed. There is no soft delete or retention period.
For any questions about these terms or your data, contact: uros.kristan@gmail.com