diff --git a/README.md b/README.md
index 09a227c..c718aa9 100644
--- a/README.md
+++ b/README.md
@@ -590,34 +590,6 @@ Bill Tracker intentionally separates full-system backups from user exports.
 
 ---
 
-## Development Notes
-
-When changing the app:
-
-- Keep Profile as the user/account/data hub.
-- Keep Settings focused on app-level preferences.
-- Keep Admin tools admin-only.
-- Keep user import/export separate from admin backup/restore.
-- Do not expose admin backup tools to regular users.
-- Keep user ownership checks on all object routes.
-- Use existing Tailwind/shadcn/Radix patterns.
-- Update `HISTORY.md` when behavior changes.
-
----
-
-## Limitations
-
-Known limitations:
-
-- Admin backup encryption is not implemented.
-- CSP is not fully implemented.
-- authentik live flow requires testing against a real authentik instance.
-- OIDC single logout is not implemented.
-- Rate limiting uses in-memory storage, suitable for single-instance deployments.
-- XLSX parsing remains a sensitive area and is mitigated through authentication, file limits, validation, and preview/apply flow.
-
----
-
 ## License
 
 License: Not specified.