🎉 Promotion

Launch Offer: Welcome to XeoNote. Join during our launch window and share one feature idea or bug report in the app to unlock Lifetime Pro access and Founder's Club status.

Start free
Open appStart free

Security

Security controls designed for real operational use.

XeoNote combines strong product security with practical governance controls for teams handling sensitive working information.

Core controls

We apply layered controls across authentication, data handling, and operational governance.

  • Client-side AES-256-GCM encryption for protected notes
  • PBKDF2-based key derivation for passphrase hardening
  • Session controls, CSRF protection, and defensive rate limiting
  • Audit-oriented operational logging
  • Role-based permissions for team and workspace governance

UK Data Sovereignty

XeoNote is developed in the United Kingdom and is designed for teams that require UK-centric data handling and governance.

UK-hosted data options

Customer data can be retained in UK-hosted infrastructure to support local data residency requirements.

UK legal and regulatory alignment

We design controls to support UK GDPR obligations, including data minimisation, access control, and traceable audit activity.

Operational transparency

Security and privacy enquiries can be handled through UK-based operational workflows and documented review processes.

Security features in product

Live interface examples of sensitive-data controls.

Encryption controls in XeoNote
Passphrase-based encryption flow for sensitive note content.
Sharing permissions in XeoNote
Permissioned sharing controls to reduce accidental data exposure.