Open-source private notes, honestly reviewed. No marketing fluff, just what you get when your notes are actually encrypted.

TL;DR

What it is: End-to-end encrypted note-taking app (AGPL-3.0) — think Evernote, but the encryption is real and the server can live on your hardware [2][5].
Who it’s for: Writers, journalists, legal professionals, and privacy-conscious founders who’ve been burned by Evernote’s “we might read your notes for AI training” policy and want something that mathematically cannot do that [5].
Cost savings: Evernote’s paid plan runs $14.99/mo+. Standard Notes’ free tier covers unlimited notes on unlimited devices. The paid productivity tier adds richer editors and file storage — exact current pricing at their website, since it’s changed over time [pricing page].
Key strength: The encryption is real, independently audited, and open-source. Nine years in operation, zero venture capital, 100% revenue from paying users — that’s a rare combination for a privacy-first app [1][website].
Key weakness: The free tier is deliberately minimal — you get encrypted sync but most of the interesting editors (rich text, code, spreadsheets) are paywalled. The plugin ecosystem requires a paid plan to unlock. AGPL-3.0 license means commercial use of forks requires open-sourcing your modifications [2].

What is Standard Notes

Standard Notes is an end-to-end encrypted note-taking application. You write notes, they’re encrypted on your device before leaving it, and they sync to all your devices — web, Mac, Windows, Linux, iOS, Android — without Standard Notes’ servers ever seeing the plaintext [README][2].

The company’s pitch is almost adversarial toward the rest of the industry: “Note-taking services like Evernote, Google Keep, Notion, and Simplenote cannot prevent employers and governments from reading your data.” That’s not marketing hyperbole; it’s technically accurate. None of those services use end-to-end encryption by default, which means their employees, and anyone with a court order, can read your notes [5][website]. Standard Notes cannot — the keys never leave your device.

What separates it from the other “encrypted notes” apps is three things. First, nine years of sustained operation with zero VC money — 100% revenue from paying users, which means the business model is aligned with the users rather than with an investor expecting a 10x exit [website]. Second, independent security audits — the code isn’t just open source, it’s been reviewed by third-party security researchers, and Standard Notes publishes those audits [4][website]. Third, Listed — an integrated blogging platform that lets you publish from inside Standard Notes directly, without running a separate CMS [README].

As of this review the GitHub repository sits at 6,416 stars with 530 forks, TypeScript as the primary language, and active commits through April 2026 [2].

Why people choose it

The choice pattern from reviews and community discussions is consistent: people move to Standard Notes after a specific event that erodes trust in their previous note-taking tool.

The Evernote exodus. Standard Notes’ own comparison page is blunt about the inciting incident: in 2016, Evernote amended its privacy policy to allow employees to read user notes for AI training purposes. The policy was rolled back after a user revolt, but the damage was done — people learned their notes weren’t actually private [5]. Evernote was then acquired by Bending Spoons in 2022, a studio focused on camera and fitness apps, which didn’t inspire renewed confidence in the platform’s longevity. Standard Notes fields Evernote imports directly and publishes a detailed feature comparison calling out every place Evernote falls short on encryption [5].

The “my employer could read this” problem. The Awesome Privacy guide [2] flags Standard Notes for professional use cases where the notes genuinely need to stay private — legal work, journalism, sensitive personal data. When you use Notion or Google Keep for work notes, your employer may be able to request access. When you use Standard Notes, end-to-end encryption means the answer to that request is “we don’t have the keys.”

Versus Simplenote. Standard Notes publishes a direct comparison [4] worth reading. Simplenote has no end-to-end encryption — its own documentation recommends not storing anything sensitive in it. Standard Notes has richer functionality (markdown, rich text, spreadsheets, nested folders, bi-directional note linking, plugin support, daily email backups) across almost every dimension [4]. Simplenote also hasn’t had a meaningful update to its iOS app since May 2022. The comparison isn’t close.

Versus Obsidian. Obsidian is a frequently cited alternative (Standard Notes has a dedicated comparison page for it). Obsidian uses local files and Markdown, which some users prefer for portability. Standard Notes uses its own encrypted format, which is more secure but less immediately portable. Obsidian’s paid sync service costs $8/mo; Standard Notes’ sync is free in the base tier. The choice usually comes down to whether you value Obsidian’s plugin depth and plain-file portability versus Standard Notes’ encryption guarantees and cross-platform native apps [website comparisons].

Versus Joplin and Notesnook. Joplin is the most direct open-source competitor — also encrypted, also self-hostable, roughly similar feature set. Notesnook is a newer entrant positioning itself as a fully open-source Evernote alternative. The AlterOpen comparison [3] lists Standard Notes at 287K monthly visits against Notesnook’s 175K, suggesting Standard Notes has the larger established user base. Joplin tends to win with users who want local-first, plain-Markdown files. Standard Notes tends to win with users who want a polished mobile experience and audit-backed encryption.

Features

Based on the README, website scrape, and comparison pages:

Core:

End-to-end encryption, on-device encryption, encryption at rest and in transit [4][5]
Two-factor authentication [4]
App lock (Passcode, Face ID, Fingerprint) [4]
Password protection for individual notes [4]
Cross-platform sync: Web, Mac, Windows, Linux, iOS, Android — unlimited devices [README]
Offline access — always a local copy of your data [website]
Nested folders, tags, custom smart views [4]
Note pinning, archiving, and search [4]
Bi-directional note linking [4]

Editors (some require paid plan):

Plain text (free)
Markdown editor [2]
Rich text documents [2]
Code snippets editor [2]
Spreadsheets [2]
Tasks and todos [2]
Math editor [2]
Outlining and lists [2]

Privacy and security:

Third-party security audits, published results [4][website]
Source code is publicly viewable and auditable [4]
ToS DR privacy score: A [2]
User-generated content encrypted, service cannot decrypt it [2]

Extended features:

Encrypted file storage (photos, documents, PDFs) [2]
Daily email backups [4]
Listed blogging platform — publish directly from Standard Notes [README]
Plugin/extensions system for additional functionality [1]
Web clipper [4]

Self-hosting:

Full server self-hosting supported [README]
Static web app build via Yarn/Docker [README]
Configure your own sync server via DEFAULT_SYNC_SERVER env variable [README]

Pricing: SaaS vs self-hosted math

Standard Notes’ free tier is genuinely usable — unlimited notes, unlimited devices, full end-to-end encrypted sync. That’s the baseline. The catch: the interesting editors (rich text, code, spreadsheets) and some features like encrypted file storage and daily backups are locked to paid plans.

Specific current pricing wasn’t available in the scraped data — their plans page has changed over time and the exact numbers shift. Check https://standardnotes.com/plans for the current figures. What the website does confirm: the free tier is sustainable (the company is 100% user-funded, not subsidized by advertising or VC money), and there’s a clear upgrade path when you want more.

For comparison:

Evernote: free tier is severely limited (1 notebook, 50MB/month upload); personal plan starts around $14.99/mo
Notion: free tier is usable but no E2E encryption; paid plans start at $10/user/mo
Obsidian Sync: $8/mo on top of the free local app

Self-hosted math:

Standard Notes server: open source, self-hostable
VPS to run it: $5-10/mo on Hetzner or Contabo
You lose the managed cloud convenience, gain full data sovereignty
The web app is static HTML/JS/CSS served from yarn build:web [README]

For the privacy-first use case — a lawyer, journalist, or founder who needs encrypted notes and is comfortable managing a server — the self-hosted path gives you zero recurring cost for the sync layer. You still may want the paid plan for the extended editors even when self-hosting (the editors are client-side features).

Deployment reality check

Standard Notes’ self-hosting story is more mature than most alternatives but less turnkey than “one docker-compose up and done.”

What you need:

A server or VPS with Docker
The Standard Notes server stack (API server, files server, auth server — it’s a multi-service architecture)
A domain for HTTPS
PostgreSQL and Redis (bundled in compose or external)

The web app specifically (as documented in the README) is a compiled static site you can serve with Python’s built-in HTTP server or any web server. Getting the full sync server running takes more setup — it’s a multi-container architecture [README].

What the README says: git clone, yarn install, yarn build:web, serve the output. That gets you a self-hosted web client. Pointing it at a self-hosted sync server requires the additional server setup documented at their help pages.

Reality signals:

Active maintenance — commits through April 2026 [2]
Community forum and Discord for support [README]
No one-click deploy equivalent to Caprover or Railway that appears in the documentation
The SaaSHub listing [1] notes this as suitable for technically-capable users

For a non-technical founder, the realistic path is either the managed cloud version (easier, no infrastructure) or hiring someone to deploy the server once. The client apps (iOS, Android, desktop) work against either endpoint.

Pros and cons

Pros

Encryption is audited and real. Not “we claim it’s encrypted” — independently verified by third-party security researchers, audit results published [4][website]. This is a meaningful differentiator from every major note app competitor.
Nine years without VC money. 100% user-funded, 0 in venture capital [website]. The business model is simple: users pay for features. No pivot risk, no “we sold to a camera app studio” scenario.
Unlimited devices on free tier. Most competitors restrict devices on free plans. Standard Notes doesn’t [README].
Longevity commitment. They publish an explicit longevity statement about what happens to your data if the company shuts down — a rare and meaningful signal [website].
Full platform coverage. Mac, Windows, Linux, iOS, Android, web — all first-party apps [1].
Listed blogging platform. Publish directly from your notes without a separate CMS. Unusual feature, genuinely useful for writers [README].
AGPL-3.0 open source. Code is auditable, forkable, self-hostable [2].
Offline-first. Always a local copy; works without internet [website].

Cons

Free tier editors are limited. The base free plan gives you basic text notes. Markdown, rich text, code, spreadsheets — these require a paid subscription. This is a real limitation if you’re evaluating “is this better than Evernote free” [1][2].
AGPL-3.0, not MIT. AGPL requires that modifications to the server code must be open-sourced if you distribute the software. This matters less for self-hosters and end users, but if you’re a company building on top of Standard Notes, it’s a material constraint. The Activepieces review cited MIT as a major selling point; Standard Notes’ AGPL-3.0 is stricter [2].
Plugin ecosystem is paywalled. The extension/plugin system that Awesome Privacy praises [2] is locked behind the paid plan. The free tier is intentionally minimal.
Multi-service self-hosting. Running your own Standard Notes server isn’t a single container — it’s a multi-service architecture. More operational complexity than Joplin’s self-host story.
No collaborative editing. Standard Notes is a personal tool. If you need shared docs or team wikis, Notion, Confluence, or AFFiNE are better fits.
Plain file portability trade-off. Notes are stored in Standard Notes’ encrypted format, not plain Markdown files. Export works but the day-to-day experience is locked to the Standard Notes apps. Obsidian users who value “my files are just files on disk” will find this uncomfortable.

Who should use this / who shouldn’t

Use Standard Notes if:

You’re a journalist, lawyer, or founder whose notes contain genuinely sensitive information that you need to be mathematically certain no third party can access.
You left Evernote after the 2016 privacy policy incident and haven’t found a replacement that feels trustworthy.
You write across multiple devices and want encrypted sync without paying for it (the free tier handles this well).
You want a company whose interests are aligned with yours — no VC, no acquisition risk, user-funded.
You’ll pay for the extended editors because you want a feature-complete private notes environment.

Skip it (try Joplin) if:

You want your notes as plain Markdown files on disk, portable to any editor, no vendor format.
You’d rather self-host without managing a multi-service server stack.
You want a capable free tier with no paywalled editors.

Skip it (try Obsidian) if:

You’re building a knowledge base with bi-directional links, graph views, and a large plugin ecosystem.
You’re comfortable storing notes locally and using Obsidian Sync or a third-party sync service.
You’re on a desktop-first workflow and mobile sync is secondary.

Skip it (stay on Notion) if:

You need collaborative editing, databases, and team wikis.
Privacy from your SaaS provider isn’t a primary concern.
You’re already embedded in the Notion ecosystem and the switching cost isn’t worth it.

Skip it (try Notesnook) if:

You want a more modern UI with E2E encryption and don’t mind a younger, less battle-tested app [3].

Alternatives worth considering

Joplin — Open source (MIT), Markdown-native, self-hostable, strong plugin ecosystem. Less polished mobile apps than Standard Notes but fully free including sync via Nextcloud or Joplin Cloud [2][3].
Notesnook — Newer E2E encrypted alternative, fully open source, Evernote-style UI. Less established (175K monthly visits vs Standard Notes’ 287K) but active development [3].
Obsidian — Local-first, plain Markdown, enormous plugin ecosystem. Sync costs $8/mo. Not E2E encrypted through Obsidian Sync (though third-party options exist) [website compare page].
AFFiNE — Open source knowledge base with blocks, databases, and collaborative features. More Notion-like, less privacy-focused [3].
Cryptee — Encrypted docs and photo storage, EU-based. Smaller community but similar privacy philosophy [2].
Logseq — Open source, outliner-style, local-first. No server-side encryption needed because nothing goes to a server by default [3].

For the core Standard Notes use case — private notes with real encryption, across all devices, from a company that won’t sell or pivot — the realistic shortlist is Standard Notes vs Joplin vs Notesnook. Standard Notes wins on polish, platform coverage, and track record. Joplin wins on portability and free editor access. Notesnook is the challenger worth watching.

Bottom line

Standard Notes earns its reputation as the most privacy-serious mainstream notes app. The encryption is real, audited, and nine years of operation without VC money means the business model isn’t quietly betting on monetizing your data. For a journalist, legal professional, or founder who keeps genuinely sensitive information in their notes, the choice is easy — nothing else at this maturity level offers the same combination of audit-backed encryption, cross-platform native apps, and a longevity commitment.

The caveats matter. The free tier is minimal by design — if you want editors beyond basic text, you’re paying. Self-hosting the full server stack requires more operational effort than simpler alternatives. And if you came hoping for Notion-style collaboration, you’re in the wrong place. But for the target audience — someone who just read Evernote’s privacy policy and wants to never have that conversation again — Standard Notes is the answer most likely to still be running in five years.