The decrypted message must be available to privnote, there is no such thing as entirely server side encryption that is secure from the server providing it. If I understand privnote correctly, the key to decrypt is in the URL. So they generate the key for you. That means they have access to the plaintext.