Privacy Policy


Last Updated November 15th, 2024



Notehouse, Inc. ("us," "we," or "our") operates the getnotehouse.com website and the Notehouse software application (the “Product”). This Privacy Policy outlines our policies regarding the collection, use, and disclosure of personal data when you use our Product, as well as the rights you have associated with your data. By using or accessing the Product, you consent to the practices described here and acknowledge that your use is subject to this Privacy Policy and our Terms of Use, accessible at https://www.getnotehouse.com/terms-of-use .



Definitions

Product: The getnotehouse.com website and Notehouse software operated by Notehouse, Inc.

Personal Data: Data about a living individual who can be identified from that data (either directly or indirectly in our possession or likely to come into our possession).

Usage Data: Data collected automatically by the Product (e.g., duration of a page visit).

Data Controller: The entity that determines the purposes and means of processing personal data. Notehouse, Inc. is the Data Controller of your Personal Data.

Data Processors: Third-party providers who process data on behalf of Notehouse. We use these providers to support our services more effectively.

Data Subject (or User): Any individual who uses our Product and is the subject of Personal Data.



Information Collection and Use

We collect different types of information for various purposes to provide and enhance our Product and services to you.


Types of Data Collected

Personal Data: While using our Product, we may ask you to provide certain information, such as:

  • Your email address
  • Your first and last name
  • Your cookies and Usage Data

We may use your Personal Data to send newsletters, promotions, or other relevant materials. You may unsubscribe from these communications by following the link in any email or contacting us directly.

Usage Data: We may collect information on how the Product is accessed and used, including IP address, browser type, browser version, pages visited, device identifiers, and diagnostic data.

User Submitted Data: We collect data you input or upload to the Product, which may include information about third parties. Notehouse does not own User Submitted Data, and you are responsible for obtaining all applicable third-party consents. Additionally, you are solely responsible for ensuring compliance with all relevant privacy and data protection laws, including but not limited to HIPAA where applicable. By submitting data to Notehouse, you affirm that you have secured necessary permissions and are in compliance with any legal restrictions on data submission as outlined in our Terms of Use.

Tracking & Cookies Data: We use cookies and similar tracking technologies to monitor activity on the Product and store specific information. You can instruct your browser to refuse cookies, although some features of our Product may not function without them.



Use of Data

Notehouse, Inc. uses collected data for purposes including:

  • Providing and maintaining the Product
  • Notifying you of changes
  • Allowing you to participate in interactive Product features
  • Providing customer support
  • Analyzing data to improve our Product
  • Monitoring Product usage
  • Addressing technical issues
  • Sharing news, offers, and updates on similar goods and services
  • Sharing data with third parties to improve the Product’s functionality and analyze usage

Notehouse does not sell data to third parties, nor do we share data with any third-party services that sell data.



Data Retention

Data Retention Policy Introduction:

At Notehouse, we prioritize the privacy and security of your data. This Data Retention Policy outlines our practices regarding the retention and deletion of your company’s data upon the cancellation or termination of your entire account.

Note that this policy applies specifically to company-wide data retention. When individual users are removed from an active company account, their data is simply transferred within the system as needed. However, if the entire company account is canceled or terminated, Notehouse, Inc. will retain Personal Data only as long as necessary for purposes outlined in this Privacy Policy. We may retain Usage Data for internal analysis and may retain it longer if necessary for security, functionality improvements, or legal compliance.

Marketing Data Execption:

This Data Retention Policy does not apply to marketing data, such as data collected for newsletters. Marketing data will be retained until the user unsubscribes, after which it will be deleted within 90 days.

Retention Period

User Submitted Data is retained for thirty (30) days following the end of your subscription (the “Thirty-Day Data Retention Period”), after which all submitted data will be permanently deleted.

During the initial 30 day period, your data will be retained at Notehouse and, should you choose to reactivate your account, you will be able to access it again.

After the 30 day period, however, your data will be Rpermanently deleted from our systems and will no longer be recoverable. If your account is canceled due to non-payment or any other reason, this termination will also trigger the deletion of your User Submitted Data after the Thirty-Day Data Retention Period. Notehouse is not liable for any loss, deletion, or failure to store User Submitted Data resulting from subscription termination, non-payment, or voluntary account deletion. It is solely your responsibility to download, print, or otherwise save any User Submitted Data before the Thirty-Day Data Retention Period expires.

HIPAA Compliance

For Notehouse users who are required to comply with HIPAA regulations regarding the retention of medical or other protected health information (PHI), please note that it is your responsibility to maintain copies of any necessary records prior to canceling your subscription. Once your data is deleted following the 30-day retention period, Notehouse cannot assist with recovering or providing access to any previously stored data.

Note - Exceptions to this policy will only apply to users with a signed and dated BAA acknowledge the specific terms of any agreement, signed and dated by both parties.



Data Transfer and International Compliance

Your information may be transferred to and maintained on computers outside of your region, where data protection laws may differ. For users outside the United States, data is transferred to the U.S. only under legally compliant safeguards, such as Standard Contractual Clauses (SCCs) to ensure equivalent data protection. We continually evaluate and adopt new privacy and security standards to ensure that our data practices align with the latest protections and industry best practices.



Security of Data

We implement security measures, such as encryption and access controls, to protect your data, but no transmission method is 100% secure. While we strive to protect your data, we cannot guarantee its absolute security. To read more about what security measures we have in place, please visit our HIPAA page.



User Rights and Preferences

If you reside in the EEA, California, or other regions providing data protection rights, you have the right to:

  • Access, update, or delete Personal Data in your account settings or by contacting us
  • Correct inaccuracies in Personal Data
  • Object to data processing or restrict data processing
  • Port your data in a commonly used format
  • Withdraw consent at any time where Notehouse relied on consent for processing

For assistance with any of these requests, please contact us at info@getnotehouse.com.



Do Not Track Signals and Global Privacy Control (GPC)

Notehouse does not currently support “Do Not Track” (DNT) or Global Privacy Control (GPC) signals. Users may configure privacy settings within their web browsers to control certain tracking features.



Third-Party Service Providers and Links

We employ third-party companies and individuals to facilitate the Product, provide it on our behalf, or analyze its use. These parties only have access to Personal Data for tasks we assign and must not disclose or use it for other purposes. Notehouse encourages reviewing third-party privacy policies before sharing personal information, as we are not responsible for their policies or practices.

Examples of third-party providers include:

  • Google Analytics:For monitoring website traffic. You may opt out by using the Google Analytics opt-out browser add-on.
  • Stripe/PayPal (Braintree):For payment processing. Payment processors adhere to PCI-DSS standards for secure handling of payment information.



Policy Updates and Contact

We may update our Privacy Policy periodically. Updates are posted here, with notification sent by email and/or in-app notification where applicable. If significant changes are made, we will notify users at least 30 days in advance via email or by posting a notice within the Notehouse platform. This policy is effective as of November 15th, 2024 and was last updated on November 15th, 2024.

If you have questions or requests regarding this Privacy Policy, please contact us at info@getnotehouse.com.