Nota← Back to home

Privacy Policy

Last updated: April 1, 2026

Nota ("we", "us", "our") operates the nota.college platform. This Privacy Policy explains how we collect, use, and protect information when you use our services.

1. Information we collect

Account information. When you register, we collect your name, email address, and (if you use university SSO) your institutional affiliation. If you sign in with Google, we receive your name, email, and profile photo from Google.

Content you create. We store the notes, documents, canvas data, PDF annotations, tasks, and calendar events you create inside Nota so we can provide the service to you.

Usage data. We automatically collect basic usage information such as pages visited, features used, browser type, and device information to improve the product. We do not sell this data.

2. How we use your information

We use your information to:

  • Provide, maintain, and improve the Nota platform
  • Authenticate you and manage your account
  • Sync with your university LMS, calendar, and connected services (Zoom, Outlook) when you enable those integrations
  • Send transactional emails (account verification, password resets, collaboration invitations)
  • Generate AI-powered study tools (summaries, flashcards) using your page content - this data is processed per-request and not stored by AI providers

3. AI and your data

When you use AI features (summaries, flashcards, contextual help), we send relevant page content to our AI provider (OpenAI or Anthropic) to generate a response. This content is sent per-request, is not used to train AI models, and is handled according to each provider's data processing agreements. You can use Nota without AI features.

4. Data sharing

We do not sell your personal information. We share data only in these cases:

  • With your permission - when you share a workspace, page, or invite collaborators
  • Service providers - hosting, email delivery, and analytics services that process data on our behalf
  • University integrations - when you connect your LMS, we exchange data with your institution as needed to sync courses and deadlines
  • Legal requirements - if required by law or to protect rights and safety

5. Data storage and security

Your data is stored on secure cloud infrastructure. Files (PDFs, exports) are stored in S3-compatible object storage. We use encryption in transit (TLS) and follow industry-standard security practices.

6. Your rights

You can access, export, or delete your data at any time from your account settings. If you delete your account, we remove your personal data within 30 days, except where required by law. For GDPR and similar privacy rights, contact us at the address below.

7. Open source

Nota's source code is available under the MIT License. You can inspect exactly how we handle data here:

github.com/PavelMenshov/nota-app

8. Changes to this policy

We may update this policy from time to time. We will notify you of significant changes by email or by posting a notice on the platform.

9. Contact

Questions about privacy? Email us at support@nota.college.