Privacy Policy

Last updated: January 27, 2025

Introduction

Notto ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our Chrome extension and web application.

Information We Collect

Personal Information

When you create an account, we collect:

  • Name
  • Email address
  • Password (stored as a secure hash)
  • Profile picture (optional)

Screenshot and Annotation Data

When you use Notto, we collect:

  • Screenshots you capture
  • Annotations you create (drawings, text, shapes)
  • Page URLs and titles of captured screenshots
  • Workspace and project organization data

Authentication Information

We use JWT (JSON Web Tokens) to maintain your session. These tokens are stored locally in your browser and are used to authenticate API requests.

How We Use Your Information

We use the collected information solely for:

  • Providing and maintaining the Notto service
  • Authenticating your account and managing your sessions
  • Storing and organizing your screenshots and annotations
  • Sending screenshots to your configured webhook integrations (Linear, Asana, Jira, etc.)
  • Improving our service and user experience

Data Storage and Security

Your data is stored securely:

  • Account data is stored in a secure PostgreSQL database (Neon)
  • Screenshots are stored using Vercel Blob storage
  • Passwords are hashed using bcrypt before storage
  • All API communications use HTTPS encryption
  • Authentication tokens are stored locally in your browser using Chrome's secure storage API

Third-Party Integrations

When you configure webhook integrations, your annotated screenshots are sent to the third-party services you specify (such as Linear, Asana, or Jira). These transmissions are made at your direction and are subject to the privacy policies of those third-party services.

We do not sell, rent, or share your personal information with third parties for their marketing purposes.

Chrome Extension Permissions

Our Chrome extension requires certain permissions to function:

  • activeTab: To capture screenshots of the current tab
  • downloads: To save annotated screenshots to your computer
  • scripting: To display the annotation overlay on web pages
  • storage: To store authentication tokens and preferences locally
  • tabs: To access page URLs and titles for context

We only access data necessary for the extension's functionality and do not track your browsing history or activity beyond the screenshots you explicitly capture.

Data Retention

We retain your data for as long as your account is active. You can delete individual screenshots or your entire account at any time through the dashboard.

Your Rights

You have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Delete your account and all associated data
  • Export your data
  • Opt out of our service at any time

Cookies and Tracking

We use minimal cookies and local storage for authentication purposes only. We do not use tracking cookies or third-party analytics services.

Children's Privacy

Notto is not intended for users under the age of 13. We do not knowingly collect personal information from children under 13.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by updating the "Last updated" date at the top of this policy.

Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at:

Email: privacy@notto.app