Privacy Policy for Noteify

Privacy Policy for Noteify

Effective Date: August 1, 2025

Welcome to Noteify. This Privacy Policy explains how we collect, use, share, and protect your information when you use our mobile application ("Noteify" or the "Service"). Your privacy is a core pillar of our app's design, and we are committed to protecting your data and empowering you with control.

By using Noteify, you agree to the collection and use of information in accordance with this policy.

1. Our Privacy Philosophy: Local-First and Secure by Design

Noteify is built on a foundation of user privacy. Our key principles are:

  • Local-First Data: Your primary notes and to-do lists are stored exclusively on your device in a local database (Room). We do not have access to this core content.
  • Ephemeral Cloud: We use cloud services (Firebase Firestore) strictly as a temporary, secure transport layer for features you choose to use, like sharing and chat. This data is designed to be short-lived.
  • End-to-End Encryption (E2EE): Your chat messages are encrypted on your device and can only be decrypted by the intended recipient. They are unreadable by us or any third party on our servers.

2. Information We Collect

To provide and improve our Service, we collect the following types of information:

a) Information You Provide Directly:

  • Account Information: When you create an account, we collect your authentication details, which may include your email address (via Google Sign-In or manual entry), a user-selected nickname, and your Firebase user ID. This is used to identify you, secure your account, and enable social features.
  • Public Encryption Key: To enable E2EE, we generate and store a public key associated with your account. This key is mathematically linked to a private key that remains securely on your device and is used to encrypt and decrypt messages.
  • User Content (Stored Locally): Your personal notes, documents, and to-do lists are stored in the app's local database on your device. We do not transmit or store this content on our servers unless you explicitly use a sharing feature.
  • Social & Interaction Data: This includes friend requests you send or receive, your list of friends, and your list of blocked users. This information is stored on our servers to manage your social connections within the app.

b) Information Collected via Third-Party Services:

  • Advertising: We use Google AdMob to display ads. AdMob may collect device identifiers and usage data to serve personalized advertisements. You can manage your ad personalization settings in your device's Google settings.
  • AI Features: When you use features powered by Google Gemini, the relevant text prompts you provide are sent to Google's servers to generate a response. We do not permanently store these prompts or responses.

3. How We Use Your Information

We use the information we collect for the following purposes:

  • To provide, maintain, and improve the Noteify Service.
  • To create and manage your account.
  • To enable secure, end-to-end encrypted chat and collaboration features.
  • To process friend requests and manage your social graph within the app.
  • To personalize your experience, including showing relevant advertisements.
  • To respond to your support requests and communicate with you.
  • To ensure the security and integrity of our Service.

4. Data Sharing and Disclosure

We do not sell your personal data. We may share your information only in the following limited circumstances:

  • With Third-Party Service Providers: We work with third parties that help us operate our Service. These are listed below. They only have access to the information necessary to perform their functions and are contractually obligated to protect it.
  • For Legal Reasons: We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or a government agency).

5. Third-Party Services

Noteify relies on the following third-party services:

  • Firebase (by Google): We use Firebase for user authentication (Auth), our ephemeral database and friend system (Firestore), backend logic (Cloud Functions), and push notifications (Firebase Cloud Messaging).
  • Google AdMob: Used for serving advertisements within the app.
  • Google Play Services: Used for core app functionalities like In-App Reviews and In-App Updates.
  • Google Gemini: Powers our AI-assisted writing features.

We encourage you to review the privacy policies of these services to understand their data handling practices.

6. Data Security

We take the security of your data very seriously and implement robust measures, including:

  • End-to-End Encryption (E2EE) for all chat messages.
  • Transport Layer Security (TLS) to encrypt data in transit between your device and our backend services.
  • Secure authentication protocols provided by Firebase.

7. Data Retention and Destruction

You are in control of your data's lifecycle.

  • Local Data: Your notes and to-dos stored locally remain on your device until you manually delete them or uninstall the app.
  • Cloud Data: Shared content and other temporary data stored in Firestore are subject to Time-to-Live (TTL) policies for automatic deletion.
  • Account Deletion: You can delete your entire account through the app's settings. This action will trigger a Cloud Function designed to permanently remove your user profile, friends list, and associated data from our servers.

8. Children's Privacy

Our Service is not intended for use by anyone under the age of 13. We do not knowingly collect personally identifiable information from children under 13. If you become aware that a child has provided us with personal information, please contact us so we can take steps to remove it.

9. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Effective Date" at the top. You are advised to review this Privacy Policy periodically for any changes.

10. Contact Us

If you have any questions about this Privacy Policy, please contact us at:

Email: [email protected]