Privacy Policy

Draft · Last updated 2026-05-26. Please review with legal counsel before launch.

1. Who we are

Noteline ("we", "us") is a note-taking and AI-output conversion service operated by Noteline Inc. (or its successor). This Policy explains what information we collect and how we handle it.

2. What we collect

• Notes you write or paste — stored locally on your device by default. If you sign in to enable sync, your notes are also stored encrypted at rest in our database (Supabase, hosted in Asia-Northeast region by default).
• Account information — only if you choose to create an account: your email address and, if you use Google sign-in, the basic profile fields Google provides.
• Limited analytics — aggregated, privacy-friendly page views via Plausible. We do not use cookies for tracking and do not build advertising profiles.
• Error and diagnostic logs — anonymized, used solely to fix bugs.

We do not collect your notes when you use Noteline without an account. We do not sell personal data to third parties, ever.

3. How we use it

• To operate sync between your devices when you sign in.
• To send transactional emails (sign-up confirmation, password reset).
• To diagnose errors and improve product quality.

4. Third parties (sub-processors)

• Supabase — authentication and database hosting (Postgres with row-level security).
• Cloudflare — web hosting and DDoS protection.
• Plausible Analytics — privacy-friendly, cookieless page-view analytics.
• Google — only if you choose Sign in with Google.

5. Data retention

Your notes are retained until you delete them. Account information is retained while your account is active. If you delete your account, we permanently remove your data within 30 days, except where required by law to retain limited records (e.g. financial records related to payments).

6. Your rights

You can export all your notes at any time from within the app (Settings → Export). You can delete individual notes or your entire account. To exercise rights under GDPR, PIPA, or CCPA (access, rectification, erasure, portability), email us at the address below.

7. International transfers

We process data in Asia-Northeast (Seoul) by default; some sub-processors may process data in other regions. Where required, we rely on Standard Contractual Clauses or equivalent safeguards.

8. Children

Noteline is not directed at children under 13. We do not knowingly collect data from children. If you believe we have, please contact us and we will delete it.

9. Changes

We may update this Policy. We will post the new version with a revised "Last updated" date and, for material changes, notify signed-in users by email.

10. Contact

Questions or requests: privacy@noteline.io