Embedded Files
Notearama Privacy Policy
Notearama Privacy Policy
Your privacy matters to us. Here's a straightforward explanation of how we handle your information.
Your privacy matters to us. Here's a straightforward explanation of how we handle your information.
Effective May 31, 2026
1. Introduction
1. Introduction
Notearama ("we," "us," or "our") operates the website and SaaS platform at notearama.com (the "Service"). We are committed to protecting your personal data and respecting your privacy rights under applicable law, including the General Data Protection Regulation (EU) 2016/679 ("GDPR") and the UK GDPR.
This Privacy Policy explains what personal data we collect, why we collect it, how we use and protect it, and what rights you have regarding your data. Please read this policy carefully before using our Service.
2. Data Controller
2. Data Controller
Notearama is the data controller responsible for your personal data. If you have any questions about this policy or our data practices, please contact us at:
Notearama
Email: admin@notearama.com
Website: https://notearama.com
3. Personal Data We Collect
3. Personal Data We Collect
We collect the following categories of personal data:
3.1 Data You Provide Directly
3.1 Data You Provide Directly
Account registration data: name, email address, username, and password.
Payment and billing information: credit card details (processed by our payment provider; we do not store full card numbers), billing address.
Profile information: optional details you add to your account profile.
Content you publish: notes, notebooks, and other content you choose to publish or share through the Service.
Communications: messages and emails you send to us (e.g., support requests).
3.2 Data Collected Automatically
3.2 Data Collected Automatically
Usage data: pages visited, features used, timestamps, and interaction logs.
Device and technical data: IP address, browser type and version, operating system, referring URLs.
Cookies and similar technologies: see Section 8 (Cookies) for details.
3.3 Data from Third Parties
3.3 Data from Third Parties
If you connect a third-party PKM application (e.g., Evernote, Microsoft OneNote), we receive data from that service as authorized by you during the connection process.
4. Legal Basis for Processing
4. Legal Basis for Processing
We process your personal data only where we have a valid legal basis to do so under the GDPR. The legal bases we rely on are:
Performance of a contract (Article 6(1)(b)): Processing necessary to provide the Service to you, including account management, publishing features, and payment processing.
Legitimate interests (Article 6(1)(f)): Processing for fraud prevention, security, analytics to improve our Service, and direct marketing to existing customers — where these interests are not overridden by your rights.
Consent (Article 6(1)(a)): Where you have given us clear consent, such as for marketing emails or non-essential cookies. You may withdraw consent at any time.
Legal obligation (Article 6(1)(c)): Processing required to comply with applicable laws.
5. How We Use Your Personal Data
5. How We Use Your Personal Data
We use your personal data for the following purposes:
To create and manage your account.
To provide, operate, and improve the Service.
To process payments and manage subscriptions.
To respond to your support requests and communications.
To send service-related notifications (e.g., account updates, security alerts).
To send marketing communications where you have consented or where permitted under legitimate interests.
To monitor and analyze usage patterns to improve our platform.
To detect and prevent fraud, abuse, or security incidents.
To comply with legal obligations.
6. Sharing Your Personal Data
6. Sharing Your Personal Data
We do not sell or rent your personal data to third parties. We may share your data in the following limited circumstances:
6.1 Service Providers
6.1 Service Providers
We share personal data with trusted third-party vendors who assist us in operating the Service, including:
Payment processors (e.g., Stripe) for billing and subscription management.
Cloud infrastructure providers for hosting and data storage.
Email service providers for transactional and marketing communications.
Analytics providers for usage analysis.
All service providers are bound by data processing agreements (DPAs) and are prohibited from using your data for any purpose other than providing services to us.
6.2 Legal Requirements
6.2 Legal Requirements
We may disclose your personal data if required to do so by law, court order, or governmental authority, or where necessary to protect our legal rights or the safety of others.
6.3 Business Transfers
6.3 Business Transfers
In the event of a merger, acquisition, or sale of assets, your personal data may be transferred to the successor entity. We will notify you before your data is transferred and becomes subject to a different privacy policy.
7. International Data Transfers
7. International Data Transfers
Notearama operates primarily in the United States. If you are located in the European Economic Area (EEA) or United Kingdom, your personal data will be transferred to and processed in the United States, which may not provide the same level of data protection as your home country.
We ensure appropriate safeguards are in place for such transfers, including:
Standard Contractual Clauses (SCCs) approved by the European Commission with our service providers.
Reliance on the EU-U.S. Data Privacy Framework where applicable.
You may request a copy of the applicable transfer mechanisms by contacting us at admin@notearama.com.
8. Cookies and Tracking Technologies
8. Cookies and Tracking Technologies
We use cookies and similar tracking technologies on our website. Cookies are small text files placed on your device that help us provide and improve our Service.
8.1 Types of Cookies We Use
8.1 Types of Cookies We Use
Essential cookies: Required for the Service to function (e.g., session authentication). These cannot be disabled.
Analytics cookies: Help us understand how users interact with our Service (e.g., Google Analytics). These are only placed with your consent.
Preference cookies: Remember your settings and preferences. These are only placed with your consent.
8.2 Managing Cookies
8.2 Managing Cookies
When you first visit our Service, you will be presented with a cookie consent banner. You may accept or reject non-essential cookies at any time. You can also manage cookies through your browser settings, though disabling certain cookies may affect the functionality of the Service.
9. Data Retention
9. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes described in this policy, unless a longer retention period is required by law. Our standard retention practices are:
Account data: retained for the duration of your account, plus up to 90 days following account deletion.
Published content: deleted within 30 days of your account deletion request.
Payment records: retained for up to 7 years to comply with financial and tax regulations.
Server logs and analytics data: retained for up to 12 months.
When data is no longer required, we securely delete or anonymize it.
10. Your Data Protection Rights
10. Your Data Protection Rights
If you are located in the EEA, UK, or Switzerland, you have the following rights under the GDPR:
Right of access (Article 15): Request a copy of the personal data we hold about you.
Right to rectification (Article 16): Request correction of inaccurate or incomplete data.
Right to erasure (Article 17): Request deletion of your personal data ("right to be forgotten"), subject to certain exceptions.
Right to restriction of processing (Article 18): Request that we limit processing of your data in certain circumstances.
Right to data portability (Article 20): Receive your data in a structured, machine-readable format and transfer it to another controller.
Right to object (Article 21): Object to processing based on legitimate interests or for direct marketing purposes.
Right to withdraw consent: Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.
To exercise any of these rights, please submit a request to admin@notearama.com. We will respond within 30 days. We may ask you to verify your identity before processing your request.
You also have the right to lodge a complaint with your local data protection supervisory authority. In the EU, a list of supervisory authorities is available at: https://edpb.europa.eu/about-edpb/about-edpb/members_en.
11. Data Security
11. Data Security
We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, destruction, or alteration. These measures include:
Encryption of data in transit using TLS/SSL.
Encryption of sensitive data at rest.
Access controls and authentication requirements for our systems.
Regular security reviews and monitoring.
However, no method of transmission over the internet or electronic storage is 100% secure. In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours and affected users without undue delay, as required by the GDPR.
12. Children's Privacy
12. Children's Privacy
Our Service is not directed to individuals under the age of 16. We do not knowingly collect personal data from children under 16. If you believe we have inadvertently collected data from a child, please contact us immediately at admin@notearama.com and we will promptly delete such data.
13. Third-Party Links and Services
13. Third-Party Links and Services
Our Service may contain links to third-party websites or integrate with third-party PKM applications. This Privacy Policy applies only to Notearama. We are not responsible for the privacy practices of third-party services and encourage you to review their privacy policies before connecting them to our Service.
14. Changes to This Privacy Policy
14. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. When we make material changes, we will notify you by:
Posting the updated policy on this page with a new "Last Updated" date.
Sending an email notification to registered users (for significant changes).
Your continued use of the Service after the effective date of the revised policy constitutes your acceptance of the changes.
15. Contact Us
15. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Notearama — Data Privacy
Email: admin@notearama.com
Website: https://notearama.com/contact
We are committed to working with you to resolve any concerns about your privacy.
Page updated
Report abuse