Privacy Policy

1. Introduction and Overview

PANote ("we", "our", "us", or the "Company") is committed to protecting and respecting your privacy. This Privacy Policy ("Policy") explains how we collect, use, process, store, and safeguard your personal information when you use our mobile application, website, and related services (collectively, the "Services").

This Policy applies to all users of PANote, an intelligent note-taking application that integrates with artificial intelligence services and third-party platforms such as Notion. By accessing or using our Services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy and our Terms of Service.

If you do not agree with any part of this Policy, please do not use our Services. We may update this Policy periodically, and your continued use of our Services after such updates constitutes acceptance of the revised Policy.

2. Information We Collect

2.1 Information You Provide Directly

We collect information that you voluntarily provide to us, including:

• Note Content: Text, images, attachments, and other content you create, edit, or import into PANote
• Account Information: When connecting to third-party services like Notion, we collect authentication tokens and associated metadata
• User Preferences: App settings, customization preferences, themes, and feature configurations
• Support Communications: Information you provide when contacting customer support, including email correspondence and feedback
• Survey Responses: Feedback, ratings, and responses to user experience surveys or beta testing programs

2.2 Automatically Collected Information

We automatically collect certain information about your device and usage patterns:

• Device Information: Device type, model, operating system version, unique device identifiers, mobile network information
• Usage Analytics: Feature usage patterns, session duration, frequency of use, user interactions within the app
• Performance Data: Crash reports, error logs, app performance metrics, and diagnostic information
• App Activity: Information about how you navigate and interact with our Services
• Network Information: IP address, internet service provider, and general geographic location (city/country level)

2.3 Information from Third-Party Sources

When you connect PANote to third-party services, we may receive:

• Notion Integration: Page content, database structures, user permissions, and workspace metadata that you authorize us to access
• AI Service Responses: Processed content and suggestions returned by artificial intelligence services
• Authentication Data: OAuth tokens and related authentication information from connected services

3. How We Use Your Information

We process your personal information for the following legitimate business purposes:

3.1 Service Provision and Enhancement

• Providing, maintaining, and improving our core note-taking functionality
• Synchronizing your notes across devices and with connected third-party services
• Processing your content through AI services to provide intelligent features and suggestions
• Customizing your experience based on your preferences and usage patterns
• Ensuring app stability, security, and optimal performance

3.2 Communication and Support

• Responding to your inquiries, support requests, and feedback
• Sending important service announcements, security updates, and policy changes
• Providing technical support and troubleshooting assistance
• Conducting user research and gathering feedback to improve our Services

3.3 Legal and Security Purposes

• Complying with applicable laws, regulations, and legal processes
• Protecting against fraud, unauthorized access, and security threats
• Enforcing our Terms of Service and other policies
• Protecting the rights, property, and safety of PANote, our users, and the public

4. Artificial Intelligence Processing

PANote integrates advanced AI capabilities to enhance your note-taking experience. This section explains how we handle AI processing and your data:

4.1 AI Service Providers

We currently utilize various AI services to enhance your note-taking experience:

• Third-party AI Services: For content analysis, summarization, enhancement suggestions, and intelligent formatting
• Additional AI Providers: We may integrate with other reputable AI service providers to expand functionality

4.2 Data Processing and Transmission

• Note content is transmitted to AI services only when you explicitly use AI-powered features
• Data transmission occurs over encrypted channels using industry-standard security protocols
• We implement data minimization principles, sending only necessary content for processing
• Processed content is returned to your device and not permanently stored by AI service providers
• You maintain full control over which notes and content are processed by AI services

4.3 AI Feature Controls

• All AI features can be disabled through app settings
• You can choose to exclude specific notes or content types from AI processing
• AI processing is opt-in for sensitive content categories
• We provide clear indicators when AI processing is active or has been applied to content

4.4 AI Data Retention and Deletion

• AI service providers do not retain your content beyond the processing session
• We do not use your content to train AI models without explicit consent
• AI-generated suggestions and enhancements are stored locally on your device
• You can delete AI-generated content and disable future AI processing at any time

5. Third-Party Integrations

5.1 Notion Integration

Our Notion integration allows seamless synchronization between PANote and your Notion workspace:

• OAuth Authentication: We use Notion's official OAuth 2.0 system for secure, industry-standard authentication
• Password Security: Your Notion password is never shared with, transmitted to, or stored by PANote
• Granular Permissions: You control exactly which Notion pages and databases PANote can access
• Real-time Synchronization: Changes made in PANote are synchronized with your Notion workspace in real-time
• Revocation Rights: You can revoke PANote's access to your Notion workspace at any time through Notion's settings
• Data Integrity: We maintain data consistency and prevent conflicts during synchronization

5.2 Future Integrations

We may add integrations with other productivity and note-taking platforms. Any new integrations will follow the same privacy and security standards outlined in this Policy, and you will be notified of material changes.

6. Data Storage, Security, and Retention

6.1 Data Storage

• Local Storage: Your notes are primarily stored locally on your device using platform-specific encrypted storage systems
• Cloud Backup: Optional cloud backup services use end-to-end encryption to protect your data in transit and at rest
• Cross-Device Sync: When enabled, data synchronization uses encrypted channels and secure cloud infrastructure

6.2 Security Measures

We implement comprehensive security measures to protect your information:

• Encryption: Data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption
• Authentication: Secure token-based authentication with automatic expiration and refresh
• Access Controls: Strict internal access controls and regular security audits
• Infrastructure Security: Use of secure cloud infrastructure with regular security updates and monitoring
• Incident Response: Comprehensive incident response procedures for potential security breaches

6.3 Data Retention

• User-generated content is retained until you choose to delete it or terminate your account
• Technical logs and analytics data are retained for up to 12 months for performance optimization
• Support communications are retained for up to 3 years for quality assurance and legal compliance
• Deleted data is permanently purged from our systems within 30 days unless legally required to retain

7. Data Sharing and Disclosure

We do not sell, rent, or trade your personal information. We may share your information only in the following limited circumstances:

7.1 With Your Consent

• When you explicitly authorize us to share information with third parties
• When you enable integrations with third-party services like Notion
• When you participate in collaborative features or content sharing

7.2 Service Providers and Partners

• AI Service Providers: Content sent to third-party AI services for processing
• Cloud Infrastructure: Secure hosting and data storage providers
• Analytics Providers: Aggregated, anonymized usage data for app improvement
• Support Services: Customer support and technical assistance providers

7.3 Legal Requirements

• When required by law, regulation, or valid legal process
• To protect the rights, property, or safety of PANote, our users, or the public
• To enforce our Terms of Service or investigate potential violations
• In connection with a merger, acquisition, or sale of assets (with user notification)

8. Your Privacy Rights and Controls

We believe you should have control over your personal information. Depending on your location, you may have the following rights:

8.1 Access and Portability Rights

• Access: Request a copy of all personal information we have about you
• Data Export: Export your notes and data in common, machine-readable formats
• Account Information: View and update your account settings and preferences

8.2 Control and Correction Rights

• Correction: Update, correct, or modify inaccurate personal information
• Deletion: Request deletion of your personal information and account data
• Restriction: Limit how we process certain categories of your information
• Objection: Object to certain types of data processing

8.3 Service-Specific Controls

• Disconnect from Notion or other integrated services at any time
• Disable AI features and prevent AI processing of your content
• Control which notes are synchronized across devices
• Manage notification preferences and communication settings
• Choose which analytics and usage data to share

8.4 Exercising Your Rights

To exercise any of these rights, please contact us at pan@panote.net. We will respond to your request within 30 days and may require verification of your identity to protect your privacy.

9. GDPR Compliance and International Transfers

9.1 Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), UK, and Switzerland, we process your personal data based on the following legal grounds:

• Contract Performance: Processing necessary to provide our Services
• Legitimate Interests: App improvement, security, and customer support
• Consent: AI processing, marketing communications, and optional features
• Legal Obligation: Compliance with applicable laws and regulations

9.2 International Data Transfers

• We may transfer data to countries outside the EEA for processing by our service providers
• All international transfers are protected by appropriate safeguards such as Standard Contractual Clauses
• We ensure that any third-party processors provide adequate protection for your data

9.3 Data Protection Officer

For GDPR-related inquiries, you can contact our Data Protection Officer at pan@panote.net. You also have the right to lodge a complaint with your local data protection authority.

10. Cookies and Tracking Technologies

We use various technologies to collect and store information when you use our Services:

10.1 Types of Technologies Used

• Local Storage: For app preferences, settings, and offline functionality
• Analytics Tools: To understand app usage and improve performance
• Security Technologies: For authentication and fraud prevention
• Performance Monitoring: To identify and resolve technical issues

10.2 Managing Tracking Preferences

• You can control analytics and tracking through app settings
• Essential functionality cookies cannot be disabled without affecting app performance
• You can reset your device advertising identifier through your device settings

11. Data Breach Notification

In the unlikely event of a data breach that poses a risk to your privacy rights:

• We will notify affected users within 72 hours of discovering the breach
• Notifications will include the nature of the breach, affected data types, and steps being taken
• We will provide guidance on protective measures you can take
• We will cooperate fully with relevant authorities and regulatory bodies
• We maintain comprehensive incident response procedures and regular security assessments

12. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or business operations. We are committed to transparency in how we handle these updates:

• Notification: We will notify users of material changes through the app, email, or prominent website notices
• Effective Date: Changes will take effect 30 days after notification, unless immediate implementation is required by law
• Continued Use: Your continued use of our Services after the effective date constitutes acceptance of the updated Policy
• Objection Rights: If you disagree with changes, you may discontinue use of our Services or contact us to discuss your concerns
• Version History: Previous versions of this Policy are available upon request

13. Contact Information and Privacy Inquiries

We are committed to addressing your privacy concerns and questions promptly. For any privacy-related inquiries, requests, or concerns, please contact us through the following channels:

13.1 What to Include in Your Privacy Request

To help us process your request efficiently, please include:

• Your full name and the email address associated with your account
• A clear description of your request or concern
• Any relevant details about the specific information or processing you're inquiring about
• Preferred method for our response (email, phone, etc.)

13.2 Additional Resources

• Terms of Service: Available at https://panote.net/terms
• Security Information: Available at https://panote.net/security
• Help Center: Available at https://panote.net/help

Thank you for trusting PANote with your information. We are committed to maintaining the highest standards of privacy protection and transparency in all our operations.