Security
LazyNote implements industry-standard security measures to protect your important information.
Payment Security
Secure Payment Processing with Stripe
LazyNote usesStripe, a globally trusted online payment platform.
PCI Compliance
Stripe isPCI DSS Level 1certified. This is the strictest security standard in the credit card industry, required for businesses processing over 6 million card transactions per year.
Credit Card Information Security
- Card information is NOT stored on LazyNote servers
Your credit card information is processed directly on Stripe's secure servers. LazyNote never has access to card numbers or security codes.
- Secure payment flow with Stripe Checkout
When making payments, you are redirected to a secure payment page provided by Stripe. This page is hosted on Stripe's domain and protected by the latest security technologies.
- Customer Portal
Payment method changes and subscription management are also handled through Stripe's secure customer portal.
Encrypted Communication
All payment data is encrypted and transmitted usingTLS (Transport Layer Security), preventing interception or tampering by third parties.
Data Security
End-to-End Encryption
All user content stored in LazyNote (memos, topics, images, etc.) isend-to-end encrypted.
- Data is encrypted with a key derived from your password
- Data is stored encrypted even on the server
- No third party, including the operator, can view your content
Secure Data Storage
- Data is stored onFirebase (Google Cloud Platform)
- Data centers are protected by physical and logical security
Authentication Security
- Secure user authentication withFirebase Authentication
- Multi-factor authentication (MFA) support
Communication Encryption
- All communications encrypted withSSL/TLS
- Protection against man-in-the-middle (MITM) attacks
Security Measures You Can Take
You can strengthen security by taking the following measures:
- Use a strong password
Set a password of 8 or more characters, combining uppercase and lowercase letters, numbers, and symbols.
- Avoid reusing passwords
Do not use the same password as other services.
- Be cautious of suspicious emails
Be aware of phishing emails pretending to be from LazyNote. We will never ask for your password via email.
Third-Party Services Used
| Service | Provider | Purpose | Security Certification |
|---|---|---|---|
| Stripe | Stripe, Inc. | Payment Processing | PCI DSS Level 1 |
| Firebase Authentication | Google LLC | User Authentication | SOC 1, SOC 2, SOC 3, ISO 27001 |
| Cloud Firestore | Google LLC | Data Storage | SOC 1, SOC 2, SOC 3, ISO 27001 |
| Firebase Storage | Google LLC | File Storage | SOC 1, SOC 2, SOC 3, ISO 27001 |
Security Inquiries
For security questions or vulnerability reports, please contact:
- Email:lazynote_support@pigeonthebird.dev
If you discover a vulnerability, we would appreciate it if you report it before disclosure.
Related Links
Last updated: December 6, 2025
© 2025 LazyNote All rights reserved.