diff --git a/Controller/ApiDriverAttributeController.php b/Controller/ApiDriverAttributeController.php
index 5e5179d..66914ba 100644
--- a/Controller/ApiDriverAttributeController.php
+++ b/Controller/ApiDriverAttributeController.php
@@ -377,7 +377,7 @@ final class ApiDriverAttributeController extends Controller
      *
      * @api
      *
-     * @todo: implement
+     * @todo Implement API function
      *
      * @since 1.0.0
      */
@@ -448,7 +448,7 @@ final class ApiDriverAttributeController extends Controller
      */
     public function apiDriverAttributeValueDelete(RequestAbstract $request, ResponseAbstract $response, array $data = []) : void
     {
-        // @todo: I don't think values can be deleted? Only Attributes
+        // @todo I don't think values can be deleted? Only Attributes
         // However, It should be possible to remove UNUSED default values
         // either here or other function?
         // if (!empty($val = $this->validateAttributeValueDelete($request))) {
diff --git a/Controller/ApiDriverController.php b/Controller/ApiDriverController.php
index d640053..7bf2352 100644
--- a/Controller/ApiDriverController.php
+++ b/Controller/ApiDriverController.php
@@ -23,12 +23,14 @@ use Modules\FleetManagement\Models\Driver\DriverMapper;
 use Modules\FleetManagement\Models\Driver\DriverStatus;
 use Modules\FleetManagement\Models\Inspection;
 use Modules\FleetManagement\Models\InspectionStatus;
+use Modules\FleetManagement\Models\PermissionCategory;
 use Modules\Media\Models\CollectionMapper;
 use Modules\Media\Models\MediaMapper;
 use Modules\Media\Models\NullMedia;
 use Modules\Media\Models\PathSettings;
 use Modules\Media\Models\Reference;
 use Modules\Media\Models\ReferenceMapper;
+use phpOMS\Account\PermissionType;
 use phpOMS\Localization\BaseStringL11n;
 use phpOMS\Localization\BaseStringL11nType;
 use phpOMS\Localization\ISO639x1Enum;
@@ -645,7 +647,7 @@ final class ApiDriverController extends Controller
     }
 
     /**
-     * Api method to update note
+     * Api method to update Note
      *
      * @param RequestAbstract  $request  Request
      * @param ResponseAbstract $response Response
@@ -659,15 +661,44 @@ final class ApiDriverController extends Controller
      */
     public function apiNoteUpdate(RequestAbstract $request, ResponseAbstract $response, array $data = []) : void
     {
+        $accountId = $request->header->account;
+        if (!$this->app->accountManager->get($accountId)->hasPermission(
+            PermissionType::MODIFY, $this->app->unitId, $this->app->appId, self::NAME, PermissionCategory::DRIVER_NOTE, $request->getDataInt('id'))
+        ) {
+            $this->fillJsonResponse($request, $response, NotificationLevel::HIDDEN, '', '', []);
+            $response->header->status = RequestStatusCode::R_403;
+
+            return;
+        }
+
         $this->app->moduleManager->get('Editor', 'Api')->apiEditorUpdate($request, $response, $data);
+    }
+
+    /**
+     * Api method to delete Note
+     *
+     * @param RequestAbstract  $request  Request
+     * @param ResponseAbstract $response Response
+     * @param array            $data     Generic data
+     *
+     * @return void
+     *
+     * @api
+     *
+     * @since 1.0.0
+     */
+    public function apiNoteDelete(RequestAbstract $request, ResponseAbstract $response, array $data = []) : void
+    {
+        $accountId = $request->header->account;
+        if (!$this->app->accountManager->get($accountId)->hasPermission(
+            PermissionType::DELETE, $this->app->unitId, $this->app->appId, self::NAME, PermissionCategory::DRIVER_NOTE, $request->getDataInt('id'))
+        ) {
+            $this->fillJsonResponse($request, $response, NotificationLevel::HIDDEN, '', '', []);
+            $response->header->status = RequestStatusCode::R_403;
 
-        if ($response->header->status !== RequestStatusCode::R_200) {
             return;
         }
 
-        $responseData = $response->getDataArray($request->uri->__toString());
-        if (!\is_array($responseData)) {
-            return;
-        }
+        $this->app->moduleManager->get('Editor', 'Api')->apiEditorDelete($request, $response, $data);
     }
 }
diff --git a/Controller/ApiVehicleAttributeController.php b/Controller/ApiVehicleAttributeController.php
index e202749..22fa25a 100644
--- a/Controller/ApiVehicleAttributeController.php
+++ b/Controller/ApiVehicleAttributeController.php
@@ -377,7 +377,7 @@ final class ApiVehicleAttributeController extends Controller
      *
      * @api
      *
-     * @todo: implement
+     * @todo Implement API function
      *
      * @since 1.0.0
      */
@@ -448,7 +448,7 @@ final class ApiVehicleAttributeController extends Controller
      */
     public function apiVehicleAttributeValueDelete(RequestAbstract $request, ResponseAbstract $response, array $data = []) : void
     {
-        // @todo: I don't think values can be deleted? Only Attributes
+        // @todo I don't think values can be deleted? Only Attributes
         // However, It should be possible to remove UNUSED default values
         // either here or other function?
         // if (!empty($val = $this->validateAttributeValueDelete($request))) {
diff --git a/Controller/ApiVehicleController.php b/Controller/ApiVehicleController.php
index 290b845..66073f6 100755
--- a/Controller/ApiVehicleController.php
+++ b/Controller/ApiVehicleController.php
@@ -25,6 +25,7 @@ use Modules\FleetManagement\Models\InspectionTypeL11nMapper;
 use Modules\FleetManagement\Models\InspectionTypeMapper;
 use Modules\FleetManagement\Models\Milage;
 use Modules\FleetManagement\Models\MilageMapper;
+use Modules\FleetManagement\Models\PermissionCategory;
 use Modules\FleetManagement\Models\Vehicle;
 use Modules\FleetManagement\Models\VehicleMapper;
 use Modules\FleetManagement\Models\VehicleStatus;
@@ -36,6 +37,7 @@ use Modules\Media\Models\NullMedia;
 use Modules\Media\Models\PathSettings;
 use Modules\Media\Models\Reference;
 use Modules\Media\Models\ReferenceMapper;
+use phpOMS\Account\PermissionType;
 use phpOMS\Localization\BaseStringL11n;
 use phpOMS\Localization\BaseStringL11nType;
 use phpOMS\Localization\ISO639x1Enum;
@@ -1033,8 +1035,17 @@ final class ApiVehicleController extends Controller
      */
     public function apiNoteUpdate(RequestAbstract $request, ResponseAbstract $response, array $data = []) : void
     {
-        // @todo: check permissions
-        $this->app->moduleManager->get('Editor', 'Api')->apiEditorDocUpdate($request, $response, $data);
+        $accountId = $request->header->account;
+        if (!$this->app->accountManager->get($accountId)->hasPermission(
+            PermissionType::MODIFY, $this->app->unitId, $this->app->appId, self::NAME, PermissionCategory::VEHICLE_NOTE, $request->getDataInt('id'))
+        ) {
+            $this->fillJsonResponse($request, $response, NotificationLevel::HIDDEN, '', '', []);
+            $response->header->status = RequestStatusCode::R_403;
+
+            return;
+        }
+
+        $this->app->moduleManager->get('Editor', 'Api')->apiEditorUpdate($request, $response, $data);
     }
 
     /**
@@ -1052,7 +1063,16 @@ final class ApiVehicleController extends Controller
      */
     public function apiNoteDelete(RequestAbstract $request, ResponseAbstract $response, array $data = []) : void
     {
-        // @todo: check permissions
-        $this->app->moduleManager->get('Editor', 'Api')->apiEditorDocDelete($request, $response, $data);
+        $accountId = $request->header->account;
+        if (!$this->app->accountManager->get($accountId)->hasPermission(
+            PermissionType::DELETE, $this->app->unitId, $this->app->appId, self::NAME, PermissionCategory::VEHICLE_NOTE, $request->getDataInt('id'))
+        ) {
+            $this->fillJsonResponse($request, $response, NotificationLevel::HIDDEN, '', '', []);
+            $response->header->status = RequestStatusCode::R_403;
+
+            return;
+        }
+
+        $this->app->moduleManager->get('Editor', 'Api')->apiEditorDelete($request, $response, $data);
     }
 }
diff --git a/Controller/BackendController.php b/Controller/BackendController.php
index 79e03e2..d775c1a 100755
--- a/Controller/BackendController.php
+++ b/Controller/BackendController.php
@@ -421,7 +421,7 @@ final class BackendController extends Controller
         $view->setTemplate('/Modules/FleetManagement/Theme/Backend/vehicle-profile');
         $view->data['nav'] = $this->app->moduleManager->get('Navigation')->createNavigationMid(1003502001, $request, $response);
 
-        // @todo: This langauge filtering doesn't work. But it was working with the old mappers. Maybe there is a bug in the where() definition. Need to inspect the actual query.
+        // @todo This langauge filtering doesn't work. But it was working with the old mappers. Maybe there is a bug in the where() definition. Need to inspect the actual query.
         $vehicle = VehicleMapper::get()
             ->with('attributes')
             ->with('attributes/type')
@@ -517,7 +517,7 @@ final class BackendController extends Controller
         $view->setTemplate('/Modules/FleetManagement/Theme/Backend/driver-profile');
         $view->data['nav'] = $this->app->moduleManager->get('Navigation')->createNavigationMid(1003502001, $request, $response);
 
-        // @todo: This langauge filtering doesn't work. But it was working with the old mappers. Maybe there is a bug in the where() definition. Need to inspect the actual query.
+        // @todo This langauge filtering doesn't work. But it was working with the old mappers. Maybe there is a bug in the where() definition. Need to inspect the actual query.
         $driver = DriverMapper::get()
             ->with('attributes')
             ->with('attributes/type')
diff --git a/ICAL.txt b/ICAL.txt
index 019045f..f1b55ed 100755
--- a/ICAL.txt
+++ b/ICAL.txt
@@ -1,6 +1,6 @@
 # Individual Contributor License Agreement ("CLA") 1.0
 
-Thank you for your interest in Karaka-Management (the "Company"). In order to clarify the intellectual property license granted with Contributions from any person or entity, the Company must provide a Contributor License Agreement ("CLA") on file that has been made available to each Contributor. This license is for your protection as a Contributor as well as the protection of the Company and its users; it does not change your rights to use your own Contributions for any other purpose.
+Thank you for your interest in Jingga e. K. (the "Company"). In order to clarify the intellectual property license granted with Contributions from any person or entity, the Company must provide a Contributor License Agreement ("CLA") on file that has been made available to each Contributor. This license is for your protection as a Contributor as well as the protection of the Company and its users; it does not change your rights to use your own Contributions for any other purpose.
 
 By contributing to the Company You accept and agree to the following terms and conditions for Your present and future Contributions submitted to the Company. In return, the Company shall not use Your Contributions in a way that is contrary to the public benefit or inconsistent with its bylaws in effect at the time of the Contribution. Except for the license granted herein to the Company and recipients of software distributed by the Company, You reserve all right, title, and interest in and to Your Contributions.
 
diff --git a/Models/PermissionCategory.php b/Models/PermissionCategory.php
index 8db498a..d01d8be 100755
--- a/Models/PermissionCategory.php
+++ b/Models/PermissionCategory.php
@@ -45,4 +45,8 @@ abstract class PermissionCategory extends Enum
     public const DRIVER_INSPECTION = 9;
 
     public const DRIVER_ATTRIBUTE_TYPE = 10;
+
+    public const VEHICLE_NOTE = 11;
+
+    public const DRIVER_NOTE = 12;
 }