NoteGPT Privacy Policy

Effective Date: April 27, 2026

1. Introduction

NoteGPT (hereinafter referred to as "we," "our," or "NoteGPT") is committed to protecting your personal information and privacy. This Privacy Policy aims to describe how we collect, use, disclose, and protect your data when you use our services, including our website (e.g., https://notegpt.io), mobile applications, browser extensions, and other related platforms (collectively, the "Services"). By using our Services, you agree to the practices described in this Privacy Policy.

2. Information We Collect

We collect the following types of personal information as necessary to provide our Services:

2.1 Information You Directly Provide

When you register for a NoteGPT account, use our Services, or otherwise interact with us, you may directly provide us with the following information:

  • Account Registration Information: Includes your name, email address, password (in encrypted form), avatar, and other registration details. This information is used to create and manage your user account and ensure personalized access to the Services.
  • Profile Information: Any information you may choose to add to your user profile, such as your profession, interests, educational background, etc., to enrich your user experience.
  • Content Data: Any content you upload, input, create, or otherwise provide to us while using the Services, which is a key component of your use of NoteGPT's core functionalities.
  • Communication Information: Information you provide when you contact us via email, online chat, feedback forms, or other communication channels, including your name, contact details, and inquiry content. This information is used to provide customer support, resolve technical issues, and respond to your requests.
  • Payment Information: When you purchase our paid Services, we may collect necessary payment information, such as billing address, payment method details, and transaction records. Please note that we typically process payments through PCI DSS compliant third-party payment service providers, and we do not directly store your full payment card information.

2.2 Information We Automatically Collect

We may receive information about you from third-party sources to enhance our Services and provide a more personalized experience. These sources include:

  • Third-Party Login Services: If you choose to log in to our Services through third-party services (such as Google, Apple ID, Facebook), we may receive account information that you authorize these services to share with us (e.g., your username, email address, profile picture).
  • Analytics Service Providers: We use third-party analytics tools (such as Google Analytics) to collect non-personal information about Service usage to help us understand user behavior and improve the Services.
  • Other Users: We may receive information about you when other users share content with you, invite you to a team, or mention you.

2.3 Information Obtained from Third Parties

We may receive information about you from third-party sources to enhance our Services and provide a more personalized experience. These sources include:

  • Third-Party Login Services: If you choose to log in to our Services through third-party services (such as Google, Apple ID, Facebook), we may receive account information that you authorize these services to share with us (e.g., your username, email address, profile picture).
  • Analytics Service Providers: We use third-party analytics tools (such as Google Analytics) to collect non-personal information about Service usage to help us understand user behavior and improve the Services.
  • Other Users: We may receive information about you when other users share content with you, invite you to a team, or mention you.

3. How We Use Your Information

We primarily use the information we collect about you for the following legitimate purposes:

3.1 Provide, Maintain, and Improve Services

  • Create and manage your account and provide you with access to NoteGPT Services.
  • Provide the core functionalities and features you request, such as summarization, transcription, translation, image generation, audio generation, video generation, slide generation, assisted writing, AI Chat, note generation, mind mapping, charting, etc.
  • Use analytics tools to analyze service usage patterns and trends to understand user behavior, identify areas for improvement, and continuously develop new features and enhancements to meet your needs.
  • Ensure the compatibility, security, performance, and stability of the Services, and perform necessary troubleshooting and maintenance.

3.2 Communication and Customer Support

  • Respond to your inquiries, provide efficient customer support, and resolve any technical or non-technical issues you encounter while using the Services.

3.3 Legal Compliance, Security, and Fraud Prevention

  • Comply with all applicable laws, regulations, legal processes, or governmental requests, including but not limited to data protection, consumer protection, and anti-fraud laws.
  • Protect our rights, property, or safety, or the rights, property, or safety of others, including enforcing our Terms of Service and policies.
  • Detect, prevent, and address fraud, cybersecurity vulnerabilities, unauthorized access, misuse of services, or technical issues.
  • Cooperate with law enforcement agencies when necessary to investigate and address illegal activities.

4. Cookie Policy

We use Cookies and similar technologies (such as pixel tags, web beacons, SDKs, device identifiers, etc.) to collect information to provide, protect, understand, and improve our Services. This section explains how we use these technologies and how you can manage them.

4.1 What are Cookies?

Cookies are small text files stored on your browser or device that contain a usually unique identifier. They allow websites to recognize your device and remember information about your visit, such as your preferences or login status. When you return to that website (or visit websites that use the same Cookies), these websites recognize these Cookies and your browsing device.

4.2 Types of Cookies We Use

The Cookies we use are mainly divided into the following categories:

  • Strictly Necessary/Essential Cookies: These Cookies are essential for the proper functioning of the Services and to provide the features you request. They enable you to access and use basic functionalities of the Services, such as login, account authentication, security features, and page navigation. Without these Cookies, the Services may not be available or function correctly.
  • Functional Cookies: These Cookies help us provide enhanced functionality and personalized services, such as remembering your settings and preferences (e.g., language selection, theme preferences), thereby improving your user experience.
  • Performance/Analytics Cookies: These Cookies help us analyze how you use the Services and improve their performance. They collect information such as the number of users accessing the Services, the pages visited, the time spent on each page, traffic sources, and how users interact with Service content. We use this information to understand user behavior, identify popular features, and continuously improve the Services.
  • Advertising/Targeting Cookies: These Cookies are set by us and our advertising partners to display more relevant advertisements to you. They may track your browsing habits across different websites and applications and build your profile based on your interests. We may share this information with third-party advertising partners to display personalized advertisements to you on our Services or third-party websites. These Cookies also help measure the effectiveness of advertising campaigns.

4.3 Third-Party Cookies

We allow third-party service providers (such as Google Analytics, advertising networks) to place Cookies on the Services to help us analyze Service usage, measure advertising effectiveness, and provide other functionalities. These third-party Cookies are subject to their respective privacy policies, and we recommend that you consult these third-party privacy policies for more information.

4.4 How to Manage Cookies

You can control and manage Cookies through your browser settings. Most browsers allow you to refuse all Cookies or indicate when a Cookie is being set. Please note that if you disable essential Cookies, some parts of the Services may not function properly or may have limited functionality.

5. Data Sharing and Disclosure

We only share or disclose your personal information in the following circumstances:

5.1 Third-Party Service Providers

We may share your personal information with third-party service providers who assist us in operating the Services, providing services to you, or conducting analysis and research. These service providers are contractually obligated to protect your personal information and use it only for the purposes we instruct. These service providers include, but are not limited to:

  • Cloud Computing Service Providers: For data storage, computing, and processing (e.g., AWS, Google Cloud).
  • Payment Processors: For processing transactions for paid Services (e.g., Stripe, PayPal).
  • Analytics Service Providers: For analyzing Service usage and performance (e.g., Google Analytics).
  • Customer Support Tool Providers: For providing customer support and communication (e.g., Crisp).
  • Content Generation and Processing Services: When you use specific features, we may transfer your uploaded or input content data (e.g., text, files, images, links, audio, video, voice samples, etc.) to third-party AI models or processing service providers to complete services such as summarization, transcription, translation, image generation, audio generation, video generation, slide generation, assisted writing, AI Chat, note generation, mind mapping, charting, etc. These service providers process data only according to our instructions and are bound by strict data protection agreements.

5.2 Legal Requirements and Law Enforcement

We may disclose your personal information if required by law, regulation, legal process (e.g., court order, subpoena, or government investigation). We may also disclose your information to protect our rights, property, or safety, or the rights, property, or safety of others, including but not limited to investigating potential violations, fraud, or security threats.

5.3 Business Transfers

In the event of a merger, acquisition, asset sale, reorganization, bankruptcy, or other business transfer, your personal information may be transferred as part of the assets to the acquiring or successor entity. We will notify you of such a transfer and inform you of the applicable privacy policy of the new entity.

5.4 With Your Consent

In other circumstances not mentioned, we may disclose your information with your explicit consent.

5.5 Anonymized or Aggregated Data

We may share anonymized or aggregated data that does not identify you personally, such as statistical data on service usage trends, for research, analysis, marketing, or similar purposes.

6. Data Security

We implement industry-standard physical, technical, and administrative security measures to protect your personal data from unauthorized access, use, disclosure, alteration, or destruction. These measures include data encryption (in transit and at rest), access controls, firewalls, Secure Sockets Layer (SSL/TLS) technology, regular security audits, and employee security training. However, please note that no internet transmission or electronic storage method is 100% secure, and therefore we cannot guarantee its absolute security. You are also responsible for protecting your account information and password security.

7. Data Retention

We will retain your personal information for the period necessary to fulfill the purposes for which it was collected, including for establishing, exercising, or defending legal claims, and in accordance with applicable laws and regulations. The specific retention period may vary depending on the type of data, purpose of use, and legal requirements:

  • Account-Related Information: After your account is closed, we may retain your account information for a period in accordance with legal requirements (e.g., tax, audit) or to resolve potential disputes. Typically, after account closure, your personally identifiable information will be deleted or anonymized within a reasonable period, but some non-personally identifiable aggregated data may continue to be retained.
  • Usage Data and Analytics Data: Typically retained for a period (e.g., 3 months to 2 years) to analyze trends, improve services, and measure the effectiveness of marketing campaigns. Thereafter, the data may be anonymized or deleted.
  • Content Data: Content you upload or create will remain in your account until you choose to delete it or your account is closed. Upon deletion, we will delete or anonymize this data from our systems within a reasonable period. Please note that in some cases, we may need to retain some content data to comply with legal obligations or resolve disputes.
  • Communication Information: Your communication records may be retained for a period to allow us to provide ongoing customer support and resolve issues.

8. Your Rights

Subject to applicable data protection laws (e.g., General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA)), you may have the following rights:

  • Right of Access: You have the right to obtain a copy of the personal information we hold about you and to understand how we process this information.
  • Right to Rectification: You have the right to request that we correct inaccurate or incomplete personal information.
  • Right to Erasure (Right to be Forgotten): In certain circumstances, you have the right to request that we delete your personal information, for example, when the data is no longer necessary for the purposes for which it was collected.
  • Right to Restriction of Processing: In certain circumstances, you have the right to request that we restrict the processing of your personal information, for example, when you contest the accuracy of the data.
  • Right to Data Portability: You have the right to receive the personal information you have provided to us in a structured, commonly used, and machine-readable format, and you have the right to transmit this information to another data controller where technically feasible.
  • Right to Object: You have the right to object to our processing of your personal information, particularly when based on legitimate interests or for direct marketing purposes.
  • Right to Withdraw Consent: If you have consented to our processing of your personal information, you have the right to withdraw that consent at any time. Withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.
  • Right to Lodge a Complaint with a Supervisory Authority: You have the right to lodge a complaint with the relevant data protection supervisory authority regarding our processing of your personal information.

To exercise these rights, please contact us using the information provided in the "Contact Us" section of this policy. We may ask you to verify your identity to ensure the security of your data and to process your request.

9. International Data Transfers

NoteGPT is a global company, and your personal information may be stored and processed outside of your country of residence, including but not limited to the United States, EU member states, and other countries. Data protection laws in these countries may differ from those in your country. When we transfer your personal information to other countries, we will take appropriate safeguards to ensure that your data is protected in accordance with this Privacy Policy and applicable data protection laws. These safeguards may include implementing Standard Contractual Clauses (SCCs) approved by the European Commission or relying on other legitimate transfer mechanisms.

10. Children's Privacy

Our Services are not directed to children under the age of 16, and we do not knowingly collect personal information from children under the age of 16. If you are a parent or guardian and become aware that a child under the age of 16 has provided us with personal information, please contact us immediately using the information provided in the "Contact Us" section. We will take reasonable steps to delete such information and terminate the child's account.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our data processing practices, technology, or legal regulations. Any changes will be posted on this page, and we encourage you to review this policy periodically for the latest information. The "Effective Date" at the top of this policy will indicate when it was last updated. Your continued use of our Services after the Privacy Policy has been updated signifies your acceptance of the revised policy.

12. Contact Us

If you have any questions, comments, or concerns about this Privacy Policy, or wish to exercise your data protection rights, please contact us via:

Email: [email protected]