Skip to main content
YouNote
Back to Home

Privacy Policy

Last Updated: December 29, 2024

This Privacy Policy describes how YouNote ("we," "us," or "our") collects, uses, and protects your personal information when you use our Service. By using YouNote, you agree to the collection and use of information in accordance with this policy.

1. Information We Collect

1.1 Information You Provide

When you create an account and use YouNote, we collect:

  • Account Information: Email address, password (encrypted), and optional profile information
  • User Content: Notebooks, pages, notes, and any other content you create through the Service
  • Communication Data: Messages you send to us for support or inquiries

1.2 Automatically Collected Information

When you access the Service, we automatically collect:

  • Usage Data: Pages visited, features used, timestamps, and interaction patterns
  • Device Information: Browser type, operating system, device type, IP address
  • Analytics Data: We use Vercel Analytics and Vercel Speed Insights to understand how users interact with the Service and monitor performance
  • Session Data: We may use session recording tools (such as Microsoft Clarity) to improve user experience and identify technical issues

1.3 Google Sign-In Integration

When you sign in with Google, we collect:

  • Email Address: Used to create and identify your account
  • Profile Information: Your name and profile picture (optional) to personalize your experience

Important: We only access basic profile information through Google OAuth. We do NOT access your Gmail, Google Drive, YouTube history, or any other Google services beyond the email and profile information you explicitly authorize during sign-in.

The Google data we collect is used solely for:

  • Creating and authenticating your YouNote account
  • Displaying your name in the app interface
  • Sending you transactional emails (password resets, account notifications)

Your use of Google Sign-In is subject to Google's Privacy Policy. You can revoke YouNote's access to your Google account at any time through your Google Account settings.

1.4 YouTube Integration

When you add YouTube videos to your pages, we collect:

  • YouTube video IDs and URLs
  • Video metadata (title, thumbnail, duration, channel name) via YouTube API
  • Video transcripts when available

Your use of YouTube content through the Service is subject to YouTube's Privacy Policy and Terms of Service.

2. How We Use Your Information

We use the collected information for the following purposes:

  • Provide the Service: To operate, maintain, and improve YouNote's features and functionality
  • Account Management: To create and manage your account, authenticate you, and provide customer support
  • Communication: To send you transactional emails (password resets, account notifications) and, if you opt in, marketing communications
  • Analytics: To understand usage patterns, improve user experience, and develop new features
  • Security: To detect, prevent, and address technical issues, abuse, and security threats
  • Compliance: To comply with legal obligations and enforce our Terms of Use

2.1 Your Content is Private

We will never use, analyze, sell, or share your User Content (notebooks, pages, notes) for any purpose other than providing the Service to you. Your notes are private and belong to you. We do not use your content for marketing, training AI models, or any other purpose.

3. How We Share Your Information

3.1 We Do Not Sell Your Data

We do not sell, rent, or trade your personal information to third parties for their marketing purposes.

3.2 Third-Party Service Providers

We share information with trusted third-party service providers who assist us in operating the Service:

  • Supabase: Database hosting and user authentication
  • Vercel: Application hosting, deployment, analytics, and performance monitoring
  • Email Service Providers: For sending transactional and marketing emails
  • Vercel Analytics: For usage analytics, traffic insights, and user behavior tracking
  • Vercel Speed Insights: For real-time performance monitoring and Web Vitals tracking
  • Session Recording Services (e.g., Microsoft Clarity): For user experience analysis and troubleshooting
  • YouTube API: For fetching video metadata and transcripts
  • Google OAuth: For secure user authentication via Google Sign-In

These service providers have access to your information only to perform specific tasks on our behalf and are obligated to protect your data and not use it for other purposes.

3.3 Shared Pages

When you use the sharing feature to share a page, anyone with the share link can view that page's content. Shared pages are view-only and do not expose your account information.

3.4 Legal Requirements

We may disclose your information if required by law, subpoena, court order, or other legal process, or if we believe in good faith that disclosure is necessary to:

  • Comply with legal obligations
  • Protect our rights, property, or safety, or that of our users or the public
  • Detect, prevent, or address fraud, security, or technical issues
  • Enforce our Terms of Use

4. Data Retention

4.1 Active Accounts

We retain your account information and User Content for as long as your account is active.

4.2 Account Deletion

When you delete your account:

  • Your User Content (notebooks, pages, notes) will be permanently deleted within 30 days
  • We retain account information for up to 30 days to allow for account recovery in case of accidental deletion
  • After 30 days, all your data is permanently deleted from our systems
  • Some information may be retained in backups for up to 90 days, after which it is permanently deleted

4.3 Legal Obligations

We may retain certain information for longer periods if required by law or to resolve disputes.

5. Data Security

We implement reasonable security measures to protect your information from unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit (HTTPS/TLS)
  • Encryption of passwords using industry-standard hashing
  • Secure database access controls
  • Regular security updates and monitoring

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

6. Cookies and Tracking Technologies

6.1 What Are Cookies?

Cookies are small text files stored on your device that help us provide and improve the Service.

6.2 How We Use Cookies

We use cookies and similar tracking technologies for:

  • Essential Cookies: Required for authentication, security, and basic functionality
  • Analytics Cookies: To understand how you use the Service (via Vercel Analytics)
  • Performance Monitoring: To track page load times and Web Vitals (via Vercel Speed Insights)
  • Preference Cookies: To remember your settings and preferences
  • Session Recording: To analyze user interactions and improve the Service (via Microsoft Clarity, if enabled)

6.3 Your Cookie Choices

You can control cookies through your browser settings. Note that disabling cookies may affect the functionality of the Service. Essential cookies required for authentication cannot be disabled.

7. Your Rights and Choices

7.1 Access and Update

You can access and update your account information and User Content at any time through the Service.

7.2 Account Deletion

You can delete your account by contacting us at adi@adidacta.com. Upon deletion, your data will be removed in accordance with our data retention policy.

7.3 Email Communications

You can opt out of marketing emails by clicking the "unsubscribe" link in any marketing email. You cannot opt out of essential transactional emails (password resets, security alerts).

7.4 Do Not Track

We currently do not respond to Do Not Track (DNT) browser signals. However, you can manage tracking through your browser settings and cookie preferences.

8. International Users and Data Transfers

YouNote is operated from Israel. If you access the Service from outside Israel, your information may be transferred to, stored, and processed in Israel or other countries where our service providers operate.

By using the Service, you consent to the transfer of your information to Israel and other countries that may have different data protection laws than your country of residence.

9. GDPR Rights (European Users)

If you are located in the European Economic Area (EEA), you have certain rights under the General Data Protection Regulation (GDPR):

  • Right to Access: Request a copy of your personal data
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data ("right to be forgotten")
  • Right to Restrict Processing: Limit how we use your data
  • Right to Data Portability: Receive your data in a structured, machine-readable format
  • Right to Object: Object to processing of your personal data
  • Right to Withdraw Consent: Withdraw consent for data processing at any time

To exercise these rights, contact us at adi@adidacta.com.

Legal Basis for Processing: We process your data based on:

  • Your consent (for marketing communications, analytics)
  • Performance of a contract (to provide the Service)
  • Legitimate interests (to improve the Service, prevent abuse)
  • Legal obligations (to comply with applicable laws)

10. CCPA Rights (California Residents)

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA):

  • Right to Know: Request disclosure of personal information we collect, use, and share
  • Right to Delete: Request deletion of your personal information
  • Right to Opt-Out: Opt out of the sale of personal information (note: we do not sell personal information)
  • Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights

To exercise these rights, contact us at adi@adidacta.com.

We do not sell your personal information to third parties.

11. Children's Privacy

The Service is available to users aged 13 and older. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child under 13 has provided us with personal information, please contact us at adi@adidacta.com, and we will delete such information.

If you are between 13 and 18, you represent that you have your parent or guardian's permission to use the Service.

12. Third-Party Links

The Service may contain links to third-party websites, including YouTube. We are not responsible for the privacy practices or content of these third-party sites. We encourage you to review the privacy policies of any third-party sites you visit.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by:

  • Posting the updated policy on this page
  • Updating the "Last Updated" date
  • Sending an email notification (for significant changes)

Your continued use of the Service after changes to this Privacy Policy constitutes acceptance of the updated policy. We encourage you to review this Privacy Policy periodically.

14. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: adi@adidacta.com
Privacy Inquiries: Please include "Privacy" in the subject line

15. Data Protection Officer

For GDPR-related inquiries, you may contact our Data Protection Officer at adi@adidacta.com.

16. Your Consent

By using YouNote, you consent to the collection, use, and sharing of your information as described in this Privacy Policy.

This Privacy Policy is effective as of the "Last Updated" date above. Thank you for trusting YouNote with your data.