1. Introduction
HQ-APPS Adrian Jeż ("we," "us," or "our") operates the Notu mobile and desktop application (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.
By using Notu, you agree to the collection and use of information in accordance with this policy. If you do not agree, please do not use the Service.
2. Information We Collect
2.1 Information You Provide
- Account Information: When you register, we collect your email address and a password (stored as a cryptographic hash — we never store your password in plain text).
- Notes & Content: The text, voice recordings, and files you create within the app.
- Calendar Events: If you use calendar features, event data you create or import from your device calendar.
- Quiz & Learning Data: Your quiz answers, scores, spaced repetition schedules, and learning progress.
- Support Requests: Any information you provide when contacting us for support.
2.2 Information Collected Automatically
- Device Information: Device model, operating system version, unique device identifiers, and app version.
- Usage Data: Features used, session duration, screens visited, and interaction patterns (collected anonymously to improve the app).
- Crash Reports: Technical information about app crashes to help us fix bugs.
2.3 Information We Do NOT Collect
- We do not collect your precise geolocation.
- We do not access your contacts, photos, or files outside of Notu.
- We do not sell your personal data to third parties.
3. How We Use Your Information
We use the information we collect to:
- Provide, maintain, and improve the Service.
- Authenticate your identity and secure your account.
- Generate quizzes and AI-powered learning assistance from your notes.
- Schedule spaced repetition reviews based on your learning progress.
- Sync your data across devices (if you enable cloud sync).
- Send important service-related notifications (e.g., security alerts, feature updates).
- Analyze usage trends to improve the user experience.
- Respond to support requests and provide customer service.
4. AI Features & Data Processing
Notu includes AI-powered features such as the chat tutor and quiz generation. When you use these features:
- Your note content and questions are sent to our secure server for AI processing.
- AI processing is performed on our own infrastructure — your data is not sent to third-party AI providers (e.g., OpenAI, Google).
- We do not use your personal notes or content to train AI models.
- AI-generated responses are created in real-time and are not stored beyond your conversation history.
5. Data Storage & Security
- Your notes and data are stored locally on your device in an encrypted database.
- If you use cloud sync, data is transmitted via TLS (HTTPS) encryption and stored on our secured servers.
- Passwords are hashed using industry-standard bcrypt algorithm.
- Biometric authentication data (fingerprint, Face ID) is processed entirely on your device by the operating system. We never receive or store biometric data.
- We implement appropriate technical and organizational security measures to protect your data.
While we strive to protect your information, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security.
6. Data Sharing & Third Parties
We do not sell, trade, or rent your personal information. We may share data only in these limited circumstances:
- Service Providers: We may share data with trusted providers who help us operate the Service (e.g., hosting, analytics), bound by confidentiality agreements.
- Legal Requirements: If required by law, regulation, or legal process.
- Safety: To protect the rights, safety, or property of our users or the public.
- Business Transfers: In connection with a merger, acquisition, or sale of assets (you would be notified).
7. Your Rights
Depending on your jurisdiction (including under GDPR and CCPA), you have the right to:
- Access the personal data we hold about you.
- Correct inaccurate or incomplete data.
- Delete your account and associated data ("right to be forgotten").
- Export your data in a portable format (PDF export is built into the app).
- Object to or restrict certain data processing.
- Withdraw consent at any time where processing is based on consent.
To exercise any of these rights, contact us at root.hqapps@gmail.com. We will respond within 30 days.
8. Data Retention
We retain your data for as long as your account is active or as needed to provide the Service. If you delete your account:
- Your personal data and notes will be permanently deleted from our servers within 30 days.
- Anonymized, aggregated usage data may be retained for analytics purposes.
- Data required for legal compliance may be retained as mandated by law.
9. Children's Privacy
Notu is not directed at children under the age of 13 (or the applicable age of consent in your jurisdiction). We do not knowingly collect personal information from children under 13. If we become aware that we have collected such data, we will delete it promptly. If you believe a child under 13 has provided us with personal information, please contact us.
10. Subscriptions & Payments
Premium subscriptions are processed through Google Play (Android) or the Apple App Store (iOS). We do not collect, process, or store your payment information (credit card numbers, billing addresses). All payment processing is handled by Google or Apple under their respective privacy policies.
11. International Data Transfers
Our servers are located in the European Union. If you are accessing the Service from outside the EU, your data may be transferred to and processed in the EU. We ensure appropriate safeguards are in place for such transfers.
12. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by:
- Posting the updated policy in the app and on this page.
- Updating the "Last Updated" date at the top.
- Sending a notification through the app for significant changes.
Continued use of the Service after changes constitutes acceptance of the updated policy.
13. Contact Us
If you have questions about this Privacy Policy or your data, contact us at:
HQ-APPS Adrian Jeż
Katowice, Poland
Email: root.hqapps@gmail.com
Phone: +48 731-552-855