Notery
Sign inGet started

Privacy Policy

Last updated: February 13, 2026

1. Introduction

This Privacy Policy describes how TechHive Labs LLC ("TechHive Labs," "we," "us," or "our") collects, uses, stores, and protects your personal information when you use the Notery platform at notery.dev, including the website, REST API, MCP server, and related services (the "Service").

By using the Service, you agree to the collection and use of information as described in this policy.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

  • Name — your display name.
  • Email address — used for authentication, notifications, and account recovery.
  • Password — stored as a cryptographic hash. We never store or have access to your plaintext password.

2.2 Document Content

We store the documents, notes, and code files you create and upload through the Service ("Your Content"). This includes:

  • Document text and metadata (title, path, tags, file type).
  • AI-generated embeddings of your documents, used solely for semantic search functionality.
  • AI-generated summaries and tags, created to improve search results and document organization.

2.3 Billing Information

If you subscribe to a paid plan, payment processing is handled entirely by Stripe. We do not store your credit card number or full payment details. We receive and store:

  • Stripe customer ID and subscription ID.
  • Subscription plan and billing period.
  • Payment status (active, canceled, past due).

2.4 Usage Analytics

We use Umami, a privacy-friendly analytics tool, to collect anonymous usage data. Umami does not use cookies, does not collect personal information, and does not track users across websites. The data collected includes:

  • Page views and referral sources.
  • Browser type and device category.
  • Country-level location (derived from anonymized IP addresses — full IP addresses are not stored).

2.5 Server Logs

Our hosting infrastructure may automatically collect standard server logs, including IP addresses, request timestamps, and HTTP request details. These logs are used for debugging, security monitoring, and abuse prevention, and are retained for no more than 90 days.

3. How We Use Your Information

We use the information we collect to:

  • Provide the Service — store and display your documents, power search, and enable API access.
  • Generate embeddings — your document content is sent to Cohere's embedding API to generate vector representations used for semantic search. Document content is not retained by Cohere after processing.
  • Process payments — manage subscriptions and billing through Stripe.
  • Send transactional emails — account verification, password resets, and billing notifications.
  • Improve the Service — analyze anonymous usage patterns to identify issues and improve features.
  • Ensure security — detect and prevent abuse, fraud, and unauthorized access.

4. Third-Party Data Processors

We share your information with the following third-party services, solely to provide the Service:

ProviderPurposeData Shared
NeonDatabase hostingAll account and document data (encrypted at rest)
CohereEmbedding generationDocument text (processed, not retained)
StripePayment processingBilling details, email address
UmamiAnonymous analyticsAnonymized page view data (no personal data)
RailwayApplication hostingServer logs, application runtime data

We do not sell, rent, or trade your personal information to any third party.

5. Data Retention

  • Account data — retained as long as your account is active. Deleted upon account deletion.
  • Document content — retained as long as your account is active. Soft-deleted documents are permanently purged within 30 days. All content is permanently deleted upon account deletion.
  • Server logs — retained for up to 90 days.
  • Billing records — retained as required by tax and accounting regulations (typically 7 years).

6. Data Security

We implement reasonable technical and organizational measures to protect your data, including:

  • Encrypted database connections (TLS).
  • Encryption at rest for stored data.
  • Cryptographic password hashing (bcrypt/scrypt via BetterAuth).
  • API key authentication with workspace-scoped access controls.

No method of transmission or storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

7. Your Rights (Including GDPR)

Depending on your location, you may have the following rights regarding your personal data:

  • Access — request a copy of the personal data we hold about you.
  • Rectification — request correction of inaccurate personal data.
  • Deletion — request deletion of your account and all associated data.
  • Data portability — request an export of Your Content in a machine-readable format.
  • Restriction — request that we restrict processing of your data in certain circumstances.
  • Objection — object to processing of your data for certain purposes.
  • Withdraw consent — where processing is based on consent, you may withdraw it at any time.

To exercise any of these rights, contact us at [email protected]. We will respond to your request within 30 days.

If you are located in the European Economic Area (EEA) or United Kingdom, you also have the right to lodge a complaint with your local data protection authority.

8. International Data Transfers

Your data is processed and stored in the United States. If you are accessing the Service from outside the United States, your data will be transferred to and processed in the United States. By using the Service, you consent to this transfer.

9. Children's Privacy

The Service is not directed at children under the age of 18. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, contact us at [email protected] and we will delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email or by posting a notice on the Service at least 30 days before the changes take effect. Your continued use of the Service after the effective date constitutes acceptance of the updated policy.

11. Contact

For questions or concerns about this Privacy Policy or your data, contact us at:

TechHive Labs LLC
[email protected]