diff --git a/backend/src/main/java/de/srsoftware/umbrella/backend/Application.java b/backend/src/main/java/de/srsoftware/umbrella/backend/Application.java
index a0d2eb0..8ff9b8f 100644
--- a/backend/src/main/java/de/srsoftware/umbrella/backend/Application.java
+++ b/backend/src/main/java/de/srsoftware/umbrella/backend/Application.java
@@ -70,7 +70,7 @@ public class Application {
 		var tagModule         = new TagModule(config,userModule);
 		var notesModule       = new NoteModule(config,userModule);
 		var projectModule     = new ProjectModule(config,companyModule,tagModule);
-		var taskModule        = new TaskModule(config,projectModule,tagModule);
+		var taskModule        = new TaskModule(config,projectModule,tagModule,notesModule);
 		var timeModule	      = new TimeModule(config,taskModule);
 		var webHandler        = new WebHandler();
 
diff --git a/frontend/src/routes/notes/List.svelte b/frontend/src/routes/notes/List.svelte
index af0aabf..f621d85 100644
--- a/frontend/src/routes/notes/List.svelte
+++ b/frontend/src/routes/notes/List.svelte
@@ -16,6 +16,21 @@
         entity_id = null
     } = $props();
 
+    async function drop(nid){
+        if (!confirm(t('confirm_delete',{element:t('note')}))) return;
+        const url  = api(`notes/${nid}`);
+        const resp = await fetch(url,{
+            credentials : 'include',
+            method      : 'DELETE'
+        });
+        if (resp.ok) {
+            error = false;
+            delete notes[nid];
+        } else {
+            error = await resp.text();
+        }
+    }
+
     async function load(){
         const url  = api(`notes/${module}/${entity_id}`);
         const resp = await fetch(url,{credentials:'include'});
@@ -85,7 +100,12 @@
 {#each Object.entries(notes) as [nid,note]}
 <fieldset>
     <legend class="author">{authors[note.user_id].name}</legend>
-    <legend class="time">{note.timestamp.replace('T',' ')}</legend>
+    <legend class="time">
+        {note.timestamp.replace('T',' ')}
+        {#if user.id == note.user_id}
+        <button class="symbol" onclick={() => drop(nid)}></button>
+        {/if}
+    </legend>
     <Editor value={note.text} onSet={(newVal) => update(nid,newVal)} editable={user.id == note.user_id} />
 </fieldset>
 {/each}
diff --git a/notes/src/main/java/de/srsoftware/umbrella/notes/NoteModule.java b/notes/src/main/java/de/srsoftware/umbrella/notes/NoteModule.java
index cb549dc..0ee2927 100644
--- a/notes/src/main/java/de/srsoftware/umbrella/notes/NoteModule.java
+++ b/notes/src/main/java/de/srsoftware/umbrella/notes/NoteModule.java
@@ -4,8 +4,7 @@ package de.srsoftware.umbrella.notes;
 import static de.srsoftware.umbrella.core.ConnectionProvider.connect;
 import static de.srsoftware.umbrella.core.ResponseCode.HTTP_UNPROCESSABLE;
 import static de.srsoftware.umbrella.core.Util.mapValues;
-import static de.srsoftware.umbrella.core.exceptions.UmbrellaException.missingFieldException;
-import static de.srsoftware.umbrella.core.exceptions.UmbrellaException.unprocessable;
+import static de.srsoftware.umbrella.core.exceptions.UmbrellaException.*;
 import static de.srsoftware.umbrella.notes.Constants.CONFIG_DATABASE;
 import static java.net.HttpURLConnection.HTTP_OK;
 
@@ -50,12 +49,20 @@ public class NoteModule extends BaseHandler implements NoteService {
 			Optional<Token> token = SessionToken.from(ex).map(Token::of);
 			var user = users.loadUser(token);
 			if (user.isEmpty()) return unauthorized(ex);
-			var module = path.pop();
-			if (module == null) throw unprocessable("Module missing in path.");
 			var head = path.pop();
-			long noteId = Long.parseLong(head);
-			noteId = notesDb.delete(noteId,user.get().id());
-			return sendContent(ex, noteId);
+			if (head == null) throw unprocessable("Module missing in path.");
+//			try {
+				var noteId = Long.parseLong(head);
+				var note = notesDb.load(noteId);
+				if (note.authorId() != user.get().id()) throw forbidden("You are not allowed to delete notes of another user");
+				return sendContent(ex, notesDb.delete(noteId));
+/*			} catch (NumberFormatException ignored) {
+				var module = head;
+				head = path.pop();
+				long entityId = Long.parseLong(head);
+				notesDb.deleteEntity(module,entityId);
+				return sendContent(ex, entityId);
+			}*/
 		} catch (NumberFormatException e){
 			return sendContent(ex,HTTP_UNPROCESSABLE,"Entity id missing in path.");
 		} catch (UmbrellaException e){
diff --git a/notes/src/main/java/de/srsoftware/umbrella/notes/NotesDb.java b/notes/src/main/java/de/srsoftware/umbrella/notes/NotesDb.java
index e08d62c..b9ff479 100644
--- a/notes/src/main/java/de/srsoftware/umbrella/notes/NotesDb.java
+++ b/notes/src/main/java/de/srsoftware/umbrella/notes/NotesDb.java
@@ -6,7 +6,7 @@ import de.srsoftware.umbrella.core.model.Note;
 import java.util.Map;
 
 public interface NotesDb {
-	long delete(long noteId, long userId);
+	long delete(long noteId);
 
 	void deleteEntity(String module, long entityId);
 
diff --git a/notes/src/main/java/de/srsoftware/umbrella/notes/SqliteDb.java b/notes/src/main/java/de/srsoftware/umbrella/notes/SqliteDb.java
index 84044cd..acc522b 100644
--- a/notes/src/main/java/de/srsoftware/umbrella/notes/SqliteDb.java
+++ b/notes/src/main/java/de/srsoftware/umbrella/notes/SqliteDb.java
@@ -85,8 +85,7 @@ CREATE TABLE IF NOT EXISTS "{0}" (
 	}
 
 	@Override
-	public long delete(long noteId, long userId) {
-		LOG.log(WARNING,"Not checking whether deleted not belongs to user!");
+	public long delete(long noteId) {
 		try {
 			Query.delete().from(TABLE_NOTES)
 					.where(ID,equal(noteId))
diff --git a/task/src/main/java/de/srsoftware/umbrella/task/TaskModule.java b/task/src/main/java/de/srsoftware/umbrella/task/TaskModule.java
index 6fbc9e9..6a2aada 100644
--- a/task/src/main/java/de/srsoftware/umbrella/task/TaskModule.java
+++ b/task/src/main/java/de/srsoftware/umbrella/task/TaskModule.java
@@ -39,12 +39,14 @@ public class TaskModule extends BaseHandler implements TaskService {
 	private final UserService users;
 	private final CompanyService companies;
 	private final TagService tags;
+	private final NoteService notes;
 
-	public 	TaskModule(Configuration config, ProjectService projectService, TagService tagService) throws UmbrellaException {
+	public 	TaskModule(Configuration config, ProjectService projectService, TagService tagService, NoteService noteService) throws UmbrellaException {
 		var dbFile = config.get(CONFIG_DATABASE).orElseThrow(() -> missingFieldException(CONFIG_DATABASE));
 		taskDb     = new SqliteDb(connect(dbFile));
 		projects   = projectService;
 		companies  = projectService.companyService();
+		notes      = noteService;
 		tags       = tagService;
 		users      = companies.userService();
 	}
@@ -66,6 +68,7 @@ public class TaskModule extends BaseHandler implements TaskService {
 		var member = task.members().get(user.id());
 		if (member == null || !member.mayWrite()) throw forbidden("You are not allowed to delete {0}",task.name());
 		taskDb.delete(task);
+		notes.deleteEntity(TASK,taskId);
 		tags.deleteEntity(TASK,taskId);
 		return sendContent(ex,Map.of(DELETED,taskId));
 	}
diff --git a/translations/src/main/resources/de.json b/translations/src/main/resources/de.json
index 541e289..83d68f9 100644
--- a/translations/src/main/resources/de.json
+++ b/translations/src/main/resources/de.json
@@ -141,6 +141,7 @@
   "new_password": "neues Passwort",
   "new_document_from": "{2} / neues {0}s-Dokument von {1}",
   "no_company": "keine Firma",
+  "note": "Notiz",
   "notes": "Notizen",
   "number": "Nummer",