Privacy Policy
Last updated: June 12, 2026
1. Who we are
Noteline is operated by Foo AI Corp. ("Noteline", "we"). We are the data controller for the personal data described in this policy. You can reach us anytime at contact@noteline.io.
2. The short version
Your notes never leave your device. Noteline has no accounts and no sync servers, and the desktop app contains no analytics or telemetry. The only personal data we ever handle is the email you use to buy a license, error reports from the website, and cookieless page-view counts.
3. What we collect
- Notes — stored on your device only: as plain Markdown files on desktop, and in your browser's local storage in the web editor. They are never sent to us. Word and PDF conversion happens on your device, offline.
- Purchase information — when you buy a license, payment is handled by a payment provider (announced at checkout); your card details never touch our systems. We receive your email address and order record to issue your license key and provide support.
- License activation — activating a license sends your key and a device label to our payment provider (Polar) to count your devices (up to 5). No notes, no usage data.
- Update checks — the desktop app periodically asks our release server (GitHub) whether a newer version exists. This is a standard web request (IP address, app version); it carries no identifier and none of your content.
- Analytics — the website may use Plausible, a cookieless analytics tool, to count page views. No cookies, no persistent identifiers, no advertising profiles.
- Error reports — the website may send error reports to Sentry when something breaks: the error message, browser and OS version, and the page where it happened. We configure error reporting to avoid collecting the content of your notes.
- Local storage — the app uses your browser's local storage for settings like theme and open tabs. We do not use tracking cookies.
Mobile apps (iOS & Android — coming later)
When the Noteline apps for iOS and Android ship, they will follow the same local-only model: notes as plain Markdown (.md) files on your device — no account, no sync server, and no analytics, telemetry, or ads. They will update through the App Store and Google Play, and we will receive no personal data from them.
4. How we use it
- To issue your license key and help you when something goes wrong.
- To find and fix bugs.
- To understand roughly how many people visit the website.
Under the GDPR, our legal bases are: performance of a contract (your purchase), our legitimate interests (keeping the product secure and working), and consent where the law requires it. You can withdraw consent at any time.
5. Who processes data for us
- Cloudflare — website hosting and protection.
- GitHub — hosting downloads and update checks.
- Plausible Analytics — cookieless page-view analytics, hosted in the EU.
- Sentry — error reporting for the website.
Payments: license sales are handled by a payment provider acting as merchant of record; we will name the provider at checkout and update this policy before charging anyone.
6. Security
Your notes are not on our servers, so the most important security property is structural: there is nothing of yours for us to lose. The website is served over TLS, and license keys are verified on your device, offline.
7. How long we keep data
Purchase records are kept as long as tax and commerce law requires. Error reports and analytics are kept only briefly and contain no notes. There is no account to retain — because there is no account.
8. Your rights
You can ask us to access, correct, export, or delete your personal data by emailing contact@noteline.io. We respond within 30 days.
One thing you don't need to ask us for: your notes. They are plain Markdown files on your own disk — already yours to copy, move, or delete.
If you are in the EU/EEA or UK, you also have the right to object to or restrict processing, and to lodge a complaint with your local supervisory authority. If you are a California resident: we do not sell your personal information or share it for cross-context behavioral advertising, and we will never discriminate against you for exercising your rights.
9. International transfers
We are based in South Korea, which holds an EU adequacy decision. Some processors (such as Cloudflare, GitHub, or Sentry) may process data in other regions, including the US; where that happens, we rely on adequacy decisions, Standard Contractual Clauses, or equivalent safeguards.
10. Children
Noteline is not directed at children under 13 (or the higher minimum age in your country). We do not knowingly collect data from children. If you believe we have, email us and we will delete it.
11. Changes
We may update this policy. We'll post the new version here with an updated date.
12. Contact
Questions or requests: contact@noteline.io