Privacy Policy

Version 2023-04-21

Welcome to our Privacy Policy. Here, we outline our commitment to protecting your personal information and describe how we collect, use, and protect your personal information when you use our platform. We want to be transparent and clear about our privacy practices so that our users feel confident and safe when using our services. By accessing or using our platform, you agree to this Privacy Policy. Please take a moment to read through this policy to learn more about what we do to safeguard your privacy. If you have any questions or concerns, please feel free to reach out to us at any time at contact@neuralnote.io

Terms

Throughout this document, neuralnote.io ("NeuralNote", "we", "us") will use a few terms to describe various products and roles:

"Platform" means all of the text, data, information, software, graphics, photographs and more that we and our affiliates make available to you via the neuralnote.io website and/or mobile application.
"User" or "you" refers to anyone who accesses and/or uses our Platform, including registered Account holders and non-registered Visitors.
"Account" refers to a personal profile created by a User to access and use our Platform, which may include personal information.
"Visitor" is a person who visits the Platform, but may or may not be a User
"Personal Information" refers to any information that identifies, relates to, describes, or is capable of being associated with a particular individual, including but not limited to name, email address, phone number, and location data.
"Non-personal information" refers to any information that does not identify a specific individual, such as statistics, demographics, and usage data
"Cookies" refers to small text files stored on a User's device that capture certain information about the User's browing and use of our Platform

Third Party Service Providers

This section lists the Third-party Services that we use to allow us to offer services from our Platform to our Users. We take reasonable steps to ensure that our Third-party Service providers are also bound by appropriate confidentiality and privacy obligations.

Third Party Service Provider	Purpose
Amazon Web Services	Website hosting, scheduled tasks, Email sending
OpenAI	AI generated content, detecting content policy violations
Stripe	Payments and Billing, PCI data, carbon removal
ProtonMail	Email sending/receiving
Google Analytics	Anonymized website analytics

Data Types

This section describes the specific types of data covered by this Privacy Policy:

Personal Information

We may collect the following types of personal information:

Name
Contact Information (address, email address, phone number)
Payment information (see Financial Information below).
Login credentials (username and password)
Social media profile information
IP address and device information (when using our website or mobile app)
The country of the IP address
Timezone

Financial Information

We and/or our payment processor, Stripe, may collect and store the following types of financial information for the purpose of processing payments, refunds, disputes, and saving card information, storing transaction history, and for providing our products and services:

Billing email address
Billing physical address
Zip Code or Postal Code
Card expiry date
Last 4 card digits
Transaction receipt details
Tax number (if applicable)
Tokenized payment card information
Payment history related to purchasing a subscription plan on the Platform

The Financial Information above may be used in resolving billing issues with you or with Stripe via email, where we use ProtonMail as our email provider. Full credit card numbers and CVC are securely passed from the User directly to our payment processor, Stripe, where they are stored and tokenised so that full credit card numbers are not visible to or stored with the Platform. Stripe is a certified PCI Level 1 Service Provider - the most stringent level of certification available in the payments industry with its own Privacy Policy.

Non-personal information

We or our Third Party Service Providers may collect and store non-personal information such as your:

Browser type / User Agent
Device type
Device fingerprint
Operating System
IP Address and Country
Timezone
Preferred Language
Referral URL
Time spent on the Platform
Features used on the Platform
User preferences within the Platform
Your login session identifier for neuralnote.io that we store in a Cookie on your browser when you log in

Some of this information may be collected by our analytics provider (Google Analytics) in order to better understand our Users and usage trends, to improve the functionality of our Platform, and to diagnose problems in our Platform. Some of this information may also be collected by any of our Third Party Service Providers for the purposes described by their Privacy Policies.

Third-party information

In addition to the data we collect directly from you, we may also collect certain types of information from third-party sources, including:

Advertising and analytics partners: We use Google Analytics to analyze the behavior of users on our Platform. Google Analytics may use cookies, web beacons, or other similar technologies to collect information about your activities on our site and other websites.
Social media sites: If you connect our Platform with a social media site (such as Facebook, Twitter, Mastodon, or LinkedIn), we may receive information from that site, including your profile information and any data you have made publicly available. We have pages on social media sites like Medium, Twitter, Dev.To, Mastodon, YouTube, and LinkedIn. When you interact with our social media pages, we will collect Personal Information that you elect to provide to us, such as your contact details (collectively, “Social Information”). In addition, the companies that host our social media pages may provide us with aggregate information and analytics about our social media activity.

We use this third-party information to offer services, improve our services, to personalize your experience on our site, and to better understand our users. Content retrieved from social media sites may be used in conjunction with the Third Party Service Providers to provide our products and services to you.

User Generated Content

When you use our Platform, you may provide us with various types of user generated content, including but not limited to:

Notes
Lists
Questions or Prompts
Posts
Bookmarks
Feedback

We collect this data to improve our service and provide personalized experiences. Your content is stored on encrypted drives, and while we are able to access your user-generated content, we use appropriate security measures to ensure that your content is not visible or accessible to other Users of the Platform. We do not share your user-generated content with third parties other than with OpenAI, where we may send any form of your user generated content to OpenAI for the purpose of producing API responses that we use to create AI generated content for your Account. By submitting user generated content, you grant us a worldwide, non-exclusive, royalty-free, transferable, and sublicensable license to use, copy, modify, distribute, and display that content for any purpose, in any format or medium now known or later developed.

Data Retention

This section describes how various types of data is retained:

Personal Information collected on the Platform may be retained for up to 1 year after your account is closed, or longer if necessary to comply with a legal obligation. This information is retained to resolve disputes, to enforce our policies, to comply with legal obligations, and to make your data available to you if you request a download or choose to reactivate your account while the data is still retained. You may reach out to us at contact@neuralnote.io to request a download of the Personal Information for your Account.
Financial Information is retained by Stripe as described in Stripe's Privacy Policy. The Platform may store subscription purchase and payment history for up to 1 year after your account is closed, or longer if necessary to comply with a legal obligation. Financial information stored with the Platform is retained to resolve disputes, to enforce our policies, or to comply with legal obligations.
Non-Personal Information is retained for up to 14 months by Google Analytics, our analytics provider. This information is not available for download or deletion by request.
User Generated Content within the Platform is retained for up to 1 year after your account is closed, or longer if necessary to comply with a legal obligation. The user generated content (including AI generated content) from your Account is retained to resolve disputes, to enforce our policies, to comply with legal obligations, and to make your data available to you if you request a download or choose to reactivate your account while the data is still retained. You may reach out to us at contact@neuralnote.io to request a download of the User Generated Content for your Account, or to have it deleted. If you use our Platform to post any content to a third party social media site, then the resulting content hosted on that third party site is not in scope of our Privacy Policy, and is not available for download or deletion.

Geographic Scope

Regions: At present, the Platform is only open to new Accounts from citizens residing in these countries:
- Canada
Data Locality: We may store and process your personal data in any country where we have facilities or in which we engage service providers.
- Data stored within the Platform is hosted in Canada.
- Our Third Party Services are located in Canada and the United States
Data Transfer: Personal Information, Non-personal Information, Financial Information, User Generated Content, and Third Party Information may be transferred from our Platform in Canada to our Third-Party Services in the United States and Canada who perform functions on our behalf. By using our products and services or providing us with your personal information, you consent to the transfer of your personal information to the United States or Canada. Our Third-Party Services have their own Privacy Policies that may describe where and how they store and transfer data.

Government access

We may be required to disclose your personal information to government or law enforcement officials in response to a lawful request such as a court order, subpoena or search warrant. We will comply with such requests to the extent required by law and consider whether any applicable legal privilege may apply before providing access to your personal information. If we receive a National Security Letter or another extraordinary request from the government, we will evaluate the legality of the request before complying. We will also notify you where possible and legally permissible if we are compelled by the government or law enforcement officials to disclose your personal information to a third party.

Use of information

We may use Personal Information for the following purposes:

Marketing communications: We may use your information to send you newsletters, special offers, promotions, and other marketing communications that we think may be of interest to you. If you do not wish to receive such communications, you can opt-out at any time by following the unsubscribe instructions included in each communication or by contacting us directly at contact@neuralnote.io.

Products and Services: We use your information to provide, administer, maintain, improve and/or analyze our products, services, and content on the Platform. We may also use your information to develop new products and services, to process and fulfill your orders, and to provide customer support. Additionally, we may use your information to communicate with you about updates, new products, and other relevant information.

Legal Compliance: We may use and disclose your information as necessary or appropriate to comply with applicable laws, regulations, legal processes, subpoenas or government requests, and to protect our rights, privacy, safety, or property, and/or that of our affiliates, you, or other third parties. We may also share your information in connection with investigations, litigation, or dispute resolution. We may also use your information to prevent fraud, criminal activity, or misuses of our Services, and to ensure the security of our IT systems, architecture, and networks

Research: We may use your information stored on the Platform or with our Third-Party Service providers for research purposes, including but not limited to analyzing user trends and preferences, conducting market research, and improving our products and services. Any data used for research purposes will be anonymized and aggregated to protect your privacy and will not be shared with third parties beyond those explicitly listed in the Third Party Service Providers section above.

Payments and Billing: We may use your personal information to process payments and bill you for any products or services you purchase from us. This may include sharing your information with our third-party payment processor for the purpose of completing transactions, refunds, or dispute resolution. We may also use your information to send you invoices, receipts, and other billing-related communications either directly or via our third party payment processor. We retain this information to comply with our legal and accounting obligations and to resolve any disputes that may arise.

Third parties: We may share your information with our Third-party Service providers to help us provide and improve our services.

Data Security

Encryption: All communication with the Platform occurs across TLS encrypted connections, using at least TLS 1.2 with at least ECDSA 256 or RSA 2048 certficates. Communication with Third Party Services is performed across TLS encrypted connections. TLS client authentication is not used. User information is stored on encrypted drives, and is encrypted in transit.
Access Control: We take measures to control access to personal data in our possession, including strong passwords and role-based access control. Access to personal data is limited to authorized personnel who have a legitimate business purpose for accessing the information.

User Rights

Access to Data: As a User of our services, you have the right to access the data we hold about you. You can request access to your data by submitting a written request to contact@neuralnote.io from the email you use with your account. Upon such a request, we will ask you for further information that can help us to verify your identity and to establish that you are the valid owner of the Account as a prerequisite to providing you with a copy of your data. We will provide you with a copy of your personal information in a structured, portable, commonly used and machine-readable format, unless it is not technically feasible. If we are unable to provide you with access to your personal information, we will explain the reasons for our inability to do so.
Correction of Personal Information: You have the right to request that we correct any inaccurate information we hold about you. If you believe that any of the information we hold about you is incorrect, please use the Platform to correct the information, or contact us at contact@neuralnote.io and we will either make the necessary corrections, or help you make them.
Deletion of Personal Information: Users have the right to request the deletion of their personal information from our systems. Requests for deletion can be made either through the Platform directly, or by contacting us at contact@neuralnote.io. We will respond to requests for deletion within 30 days of receiving them. If we are unable to fulfill a deletion request, we will explain the reason why. We may retain certain information for legal or legitimate business purposes, such as fraud prevention or complying with legal or accounting obligations.
Objection to Processing: You have the right to object to the processing of your personal data in certain circumstances. This includes situations where we are processing your personal data for direct marketing purposes, or if the processing is unlawful. If you object to such processing, we will stop processing your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms, or for the establishment, exercise, or defense of legal claims. If you wish to exercise your right to object, please contact us at contact@neuralnote.io.
Complaints: If you believe that your privacy rights have been violated, you may file a complaint with our company by contacting us at contact@neuralnote.io. We take all complaints seriously and will investigate any reported violations. We will respond to all complaints in a timely manner, and we will take appropriate steps to address any violations found during our investigation. In the event that we are unable to resolve your complaint, you have the right to file a complaint with the appropriate regulatory agency.

Links to other websites

The Platform may contain links to other websites not operated or controlled by neuralnote.io, including social media services (“Third Party Sites”). The information that you share with Third Party Sites will be governed by the specific privacy policies and terms of service of the Third Party Sites and not by this Privacy Policy. By providing these links we do not imply that we endorse or have reviewed these sites. Please contact the Third Party Sites directly for information on their privacy practices and policies.

Your choices

If you choose not to provide information that is needed to use some features of our Platform, you may be unable to use those features.

Changes to the privacy policy

We may change this Privacy Policy at any time. When we do, we will post an updated version on this page, unless another type of notice is required by applicable law. By continuing to use our Service or providing us with Personal Information, Financial Information, or User Generated Content after we have posted an updated Privacy Policy, or notified you by other means, you consent to the revised Privacy Policy.