Privacy Policy

Effective Date: May 7, 2026

1. Information We Collect

The Service may collect the following information:

  • User identifiers provided via Google authentication (e.g. email address, user ID)
  • Service usage information (access logs, operation history, etc.)
  • Cookie data stored by your device or browser

Google User Data (Sign in with Google)

The Service uses Google OAuth 2.0 (Sign in with Google) for authentication. The application does not access, read, or modify content stored in Google services such as Gmail, Google Drive, or Google Calendar through Google APIs.

  • Types of Google user data accessed or collected: As shown on Google’s consent screen at sign-in, we typically request information corresponding to the openid, email, and profile scopes. This may include your Google account subject identifier, email address, display name, and profile picture URL. The exact scopes and fields follow what Google presents during authorization.
  • How we use and process Google user data: We use this data to (1) create and maintain your account and verify your identity, (2) associate and sync your notes and related content with your account in the cloud, (3) respond to inquiries, send important notices, and handle billing-related communication when email is used, (4) display signed-in status in the app, and (5) prevent abuse and protect security.
  • Storage: Information received from Google is retained for as long as needed for these purposes on our authentication and service backends (including databases and hosting we use).
  • Sharing: We may process or store data with service providers required to operate the Service (e.g. Supabase for authentication and infrastructure). We do not sell Google user data. Our use of data received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements (https://developers.google.com/terms/api-services-user-data-policy).

2. Purpose of Use

  • To authenticate users and verify identity
  • To provide, maintain, and improve the Service
  • To prevent abuse and improve security
  • To deliver important notices and support

3. Sharing with Third Parties

Except as required by law, we do not provide personal information to third parties without your consent.

4. Use of External Services

The Service may use external services (e.g. Google and Supabase) for authentication and analytics. Data handling by those services is governed by each provider's policy.

5. Use of Cookies

The Service uses cookies to improve usability and understand service usage. You can restrict or delete cookies through browser settings, but some features may not function properly.

6. Security Measures

We implement reasonable security measures to prevent unauthorized access, leakage, loss, or damage of personal information.

7. Requests for Disclosure, Correction, or Deletion

Users may request disclosure, correction, or deletion of their personal information. We will respond appropriately in accordance with applicable laws after verifying identity.

8. Policy Updates

This policy may be revised as needed. Updated terms become effective when posted on the Service.

Revision History

  • May 2, 2026: Initial release
  • May 7, 2026: Added disclosure on types of Google user data accessed and how they are used
Back to app