Reborn Apps - meet E2EE apps for tasks and notes that respect your privacy
Open-source task and note-taking apps with true end-to-end encryption. No email, no tracking, no compromises - and with an architecture you can verify yourself.
Your task list is your chronicle. What you plan, what you dream about, what you’re afraid to forget. Same with notes - drafts of ideas, conversations with your doctor, things you haven’t told anyone yet. And yet you entrust all of this to apps that store your data in plaintext on their servers - accessible to administrators, recommendation algorithms, vulnerable to every leak and every court order.
We built something different.
Reborn Apps - productivity without privacy compromises
Reborn Apps is a suite of productivity tools built from the ground up around one principle: the server never sees your data in plaintext. And we mean that literally - not as a marketing slogan, not as “best effort”, but as a hard architectural guarantee you can verify yourself in the source code.
Two apps are available today:
- re/task - task management
- re/notes - Markdown notes
Both are free, open-source, run in the browser as a PWA (can be installed like a native app), work offline and sync between devices. But with one fundamental difference from everything you probably already know.
What “Zero Knowledge” actually means
The term “end-to-end encryption” is heavily overused today. Many apps advertise themselves as E2E, then keep encryption keys on their servers, encrypt only selected fields, or allow themselves to peek at metadata “for product purposes”.
In Reborn Apps it works like this:
- The encryption key is created on your device. Never - not for a second - does it exist on our server in a form we could use.
- Your password doesn’t reach the server. Only an Argon2id hash is sent - a one-way function from which the original cannot be recovered.
- Everything you create is encrypted by your browser using the AES‑256‑GCM algorithm before the data leaves your device. The key is derived from your password through 600,000 PBKDF2 iterations.
- The server stores only ciphertext. A literally unreadable string of characters. Even we - the creators, administrators, infrastructure owners - cannot read it. Even if we really wanted to. Even if someone forced us.
And it’s not just about task titles or note content. Behavioral metadata is also encrypted - due dates, completion statuses, stars, reminders, tag associations. Everything that could be used to build a profile of your habits is hidden in an encrypted JSON blob that the server cannot unpack.
The consequence is radical: if our server were compromised tomorrow, attackers would get digital noise. Not metadata, not partial information, not hints. Noise.
Why we don’t ask for an email
Note - to create an account in Reborn Apps, you don’t provide an email address. You don’t provide a phone number. There’s no SMS verification, no confirmation link, no Google login. You choose a username and password. That’s it.
This isn’t an oversight. We deliberately don’t collect any contact information. If the server can’t read your notes, why should it know your email? Every field that’s not in the database is a field that can’t leak, that can’t be passed on, that can’t be used against you.
In return, at registration you receive eight one-time recovery codes - your only lifeline if something goes wrong with your second authentication factor. Store them safely. If you forget your password, your data is lost forever - and that’s also a feature, not a bug. No backdoor for you, no backdoor for authorities, no backdoor for us.
re/task - tasks without surveillance
A complete task manager you can actually use day-to-day:
- Task lists
- Subtasks with progress tracking
- Recurring tasks - daily, weekly, or on a custom schedule
- Due dates and reminders with optional push notifications
- Stars, favorites and smart views - Today, Upcoming, Overdue, Starred
- Full-text search across all lists
- Trash with 30‑day recovery of accidentally deleted tasks
- Import and export in JSON - your data is never a hostage of the platform
Offline mode works fully - you can work on a plane, in the subway, in a place with no signal. Changes will sync when you’re back online.
re/notes - notes that are truly private
A Markdown notepad for people who write things they don’t want to give to algorithms:
- Markdown editor with headings, lists, code blocks and images
- Folders and tags - two independent ways to organize
- Version history - up to 10 previous versions of each note
- Internal links with autocomplete - build your own knowledge base
- Live preview - Markdown on one side, formatted result on the other
- Import entire folders - e.g. a complete Obsidian vault, preserving directory structure
- Encryption X‑Ray - see for yourself what actually reaches the server
We especially care about that last feature. Security shouldn’t rely on trust - it should rely on the ability to verify. Open the Encryption X‑Ray tab and you’ll see exactly what the server receives from your browser: Base64 strings, indistinguishable from random noise to anyone without your key.
Who we are and why we can afford this
Reborn Apps is built by the Reborn Foundation - a Polish non‑profit organization. No investors, no ads, no shareholders to explain quarterly growth to. Servers are located in Germany (Hetzner Cloud), data doesn’t leave the European Union. All code is open under the AGPL‑3.0 license - you can audit it, fork it, host it at your own company.
The non-profit model is not a cosmetic detail here. It’s what makes the entire architecture make sense in the first place. Commercial companies quickly discover that user data is an asset. They start with good intentions and end up with “anonymous trend collections” sold to partners. A foundation has no such temptation, because there’s no one to explain why it’s not monetizing the “rich dataset of user behavior.” It simply never collects that data.
Try it
- re/task - reapps.eu/task
- re/notes - reapps.eu/notes
- Source code - github.com/fundacja-reborn/reapps
- Zero Knowledge Architecture - full technical documentation
- Security mechanisms overview - full technical documentation
No email, no card, no strings attached. Choose a username, save your recovery codes - and start using an app that truly works for you, not on you.