Encryption is done by the openpgpjs library. Upon registering a user in Encryptic, the software will generate you a 2048 bit pgp key with the passphrase set to whatever you typed in during user creation. After this is generated you will be presented with a download for it. This key is stored in your IndexedDB as well, though there is no convenient means of extracting it. Save this key because without it recovering your notes will be impossible.
Your private key is stored in your browser, so that means anyone with access to your browser or app data can view it. However, your passphrase is never stored anywhere (this also means that there's no way to recover it if you forget it). In the options menu there is a section that allows you to wipe the current users. This will remove all notes and the private key from the IndexedDB. Encryptic (or pretty much anything else for that matter) cannot protect you from a compromised browser or computer. If you cannot trust the device you are writing on, you should not be writing on it.
Optionally, multiple device synchronization can be handled through Encryptic. This can be done through Dropbox, though other services will be added in the future. Data is still encrypted before it is sent to any service, so the provider of the service should not have access to the contents of your files. Your private key is NOT synchronized to any service.