Privacy Policy
Effective Date: April 2, 2026
This Privacy Policy explains how Presage42 ("Notto," "we," "us," or "our") collects, uses, stores, discloses, and otherwise processes personal data in connection with the Notto mobile application, related websites, and any related services we provide (collectively, the "Service").
By using the Service, you acknowledge that your personal data may be processed as described in this Privacy Policy.
1. Who We Are
If you have any questions about this Privacy Policy or our data practices, you may contact us at:
Presage42
Email: hello@presage42.com
Address: Taşucu Mahallesi, Taşucu Toki Konutları, 86. Sokak, FG-1, 1-B, Daire 1 Mersin/Silifke
2. Scope of This Privacy Policy
This Privacy Policy applies to personal data we collect when you use the Service, create an account, use AI-powered features, upload or sync content, manage subscriptions, or otherwise interact with us.
The Service may not be available in all jurisdictions. We may limit, restrict, or decline access to the Service in certain countries or regions where offering the Service is not supported, is not intended, or would create legal, regulatory, operational, or business concerns.
3. Personal Data We Collect
We collect the following categories of personal data:
A. Account Information
* Email address
* Authentication provider (for example, Apple or Google)
* Authentication user ID
* Name or profile information, where available or provided
B. AI-Related Data
When you use AI-powered features in the Service, we may process:
* User prompts
* User notes submitted for AI features
* AI-generated responses
* Chat history used to provide AI features
* Uploaded files or content submitted for AI processing, including PDFs, audio files, and YouTube transcripts
C. User Content
We may process content you create, upload, store, or sync in the Service, including:
* Notes
* Chat history
* Uploaded and downloadable content, including PDFs, audio files, images, and similar files
* Any other content you create, upload, store, or sync in the app
D. Subscription and Purchase Data
If you purchase a subscription or use paid features, we may process:
* Purchase history
* Subscription status
* Product ID or entitlement information
* Store-related subscription metadata
* Subscription validation and access-level data
* Adapty customer ID
E. Notification Preferences
If you use reminders or notification-related features, we may process:
* Notification settings and reminder preferences, such as whether reminders are enabled and the selected time
* Local notification scheduling data
F. Limited Service Usage and Abuse-Prevention Data
We may process limited service-usage information, such as token usage counts or similar metrics, for operational monitoring, service integrity, fraud prevention, abuse prevention, and troubleshooting. This information does not include the content of notes, prompts, chats, or uploaded files.
4. How We Use Personal Data
We may use personal data for the following purposes:
* To create and manage user accounts
* To authenticate users and maintain account security
* To provide core note-taking, storage, sync, and app functionality
* To provide AI-powered features and generate responses requested by users
* To process and manage subscriptions, purchases, and entitlements
* To provide reminders and notification-related features
* To maintain, secure, monitor, troubleshoot, and improve the Service
* To detect, investigate, and prevent fraud, misuse, abuse, unauthorized access, and other harmful activity
* To comply with legal obligations and enforce our terms, policies, and rights
* To respond to user inquiries, support requests, or lawful requests from authorities where required
5. How AI Features Work
If you use AI-powered features, content you choose to submit for those features may be processed by third-party AI service providers on our behalf, including providers such as OpenAI and Anthropic. This may include prompts, selected notes, uploaded files, transcripts, chat history, and related context necessary to generate a response.
We use this information solely to provide the AI feature you requested. We do not use your personal data or user content to train our own AI models. Third-party AI providers may process submitted content in accordance with their own terms, policies, and data-handling practices.
We do not describe our storage as end-to-end encrypted, and authorized personnel may access stored data when necessary for service operation, support, security, or legal compliance.
6. How We Share Personal Data
We may share personal data in the following circumstances:
A. Service Providers and Infrastructure Providers
We may share personal data with vendors and service providers that help us operate the Service, including for:
* Authentication and backend infrastructure
* Cloud storage and database hosting
* AI processing
* Subscription management and purchase validation
* Notifications and related functionality
Examples of third-party providers we may use include:
* Supabase
* OpenAI
* Anthropic
* Adapty
* Apple
B. Legal and Compliance Purposes
We may disclose personal data if we believe disclosure is reasonably necessary to:
* Comply with applicable law, regulation, legal process, or governmental request
* Enforce our terms, agreements, or policies
* Protect the rights, property, safety, and security of Notto, our users, or others
* Detect, investigate, or prevent fraud, abuse, security incidents, or technical issues
C. Business Transfers
We may disclose or transfer personal data in connection with a merger, acquisition, financing, reorganization, sale of assets, bankruptcy, or similar business transaction.
7. Data Storage and Security
We use reasonable technical and organizational measures designed to protect personal data.
In particular:
* Notes, folder names, and chat messages are encrypted before being stored in Supabase using AES-256-GCM
* Some data, such as image URLs, may not be encrypted in the same way
* Data is not end-to-end encrypted
* Authorized personnel may access stored data when necessary for service operation, support, security, or legal compliance
No method of transmission or storage is completely secure, and we cannot guarantee absolute security.
8. Data Retention
We retain personal data for as long as reasonably necessary for the purposes described in this Privacy Policy, including to provide the Service, maintain user accounts, support ongoing functionality, comply with legal obligations, resolve disputes, prevent abuse, and enforce agreements.
Retention periods may vary depending on the type of data, how it is used, and applicable legal requirements. When personal data is no longer reasonably necessary, we will delete it or anonymize it where appropriate, subject to legal, operational, or legitimate business needs.
9. Your Rights and Choices
Depending on your location and applicable law, you may have rights regarding your personal data, which may include the right to:
* Access personal data we hold about you
* Request correction of inaccurate or incomplete personal data
* Request deletion of your personal data
* Request restriction of processing
* Object to certain processing
* Request data portability, where applicable
* Withdraw consent, where processing is based on consent
You may also be able to manage certain information directly in the app, such as notification preferences.
For users located in Türkiye, personal data is processed in accordance with the Law on the Protection of Personal Data No. 6698 ("KVKK"), where applicable. Users in Türkiye may contact us to exercise their applicable rights under KVKK.
To exercise any applicable privacy rights, contact us at hello@presage42.com.
10. Account Deletion
You may request deletion of your account and associated personal data by using the account deletion functionality made available within the Service or by contacting us at hello@presage42.com.
We may retain limited information where necessary to comply with legal obligations, resolve disputes, prevent fraud or abuse, enforce our agreements, or maintain security and integrity.
11. International Data Transfers
Your personal data may be processed in countries other than your country of residence, including where our service providers operate. Those countries may have data protection laws that differ from those in your jurisdiction.
Where required by applicable law, we will take appropriate steps designed to provide an adequate level of protection for personal data transferred internationally.
12. Children’s Privacy
The Service is not directed to children under 13, or under the age required by applicable law to provide valid consent to data processing in their jurisdiction. We do not knowingly collect personal data from children where prohibited by law.
If you believe that a child has provided personal data in violation of applicable law, please contact us at hello@presage42.com.
13. Third-Party Services
The Service may rely on or integrate with third-party platforms, services, or providers. Their processing of personal data is governed by their own privacy policies and terms, where applicable. We encourage users to review those policies when relevant.
14. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. If we make material changes, we may provide notice through the Service or by other appropriate means. The "Effective Date" above indicates when this Privacy Policy was last updated.
15. Contact Us
If you have questions, requests, or complaints regarding this Privacy Policy or our privacy practices, please contact us at:
Presage42
Email: hello@presage42.com
Address: Taşucu Mahallesi, Taşucu Toki Konutları, 86. Sokak, FG-1, 1-B, Daire 1 Mersin/Silifke