Privacy Policy
Privacy Policy
Privacy Policy
Effective Date: March 1, 2026
Introduction
NotareFlow ("we," "us," or "our") understands the importance of your personal privacy. Therefore, we have created this Privacy Policy to explain how we use and disclose your information when you make it available to us. The Privacy Policy below discloses our practices regarding information collection and usage for the website located at NotareFlow.com, the related mobile website, and the mobile application (collectively, the “Websites”) and the service provided thereon (the “Service”).
By using or accessing the Websites and the Service, you signify your agreement to be bound by this Privacy Policy. IF YOU DO NOT AGREE TO THIS PRIVACY POLICY, YOU MAY NOT ACCESS OR OTHERWISE USE OUR SERVICE OR PARTICIPATE IN OUR SERVICES.
1. Information We Collect
Personally Identifiable Information
We may ask you for, or you may voluntarily submit, personally identifiable information when you are using the Service. The personally identifiable information which you may provide to us could include, but is not limited to:
Your name;
Your contact information (including, without limitation, physical address, email address, and phone number);
Your IP address;
Student profile data (including Date of Birth Information);
Lesson notes, practice logs, message content; and
Other personal information you choose to provide.
Payment Information
NotareFlow uses Stripe, a third-party payment processor, to process all payments. When you add a payment method, your credit card or bank information is sent directly to Stripe and is never stored on NotareFlow servers (PCI Compliance).
We only retain the following limited information for display and verification purposes:
A reference identifier linking to your Stripe account;
The last 4 digits of your card;
The card brand and expiration date.
Non-Personal Or Aggregate Information
When you access our Service, we may automatically collect non-personally identifiable information from you, such as IP host address, web pages viewed, browser type, operating system, referring service, search information, device type, page views, usage, and browsing habits on the Service, and similar data. We may also aggregate demographic information collected from our users (such as the number of users in a particular geographical location) in a manner that does not identify any one individual.
2. How We Use Your Information
We will only use your personally identifiable information as described below, unless you have specifically consented to another type of use:
To Provide the Service: We use your information to operate, maintain, and provide the features and functionality of the Service.
Role-Based Access Control: NotareFlow is designed with specific privacy controls based on user roles:
Teachers: Have control and management rights over their studio data.
Parents: Can strictly view data related to their own children.
Students: Can strictly view their own data.
Communication: To send you emails regarding our services, technical notices, updates, security alerts, and support messages.
File Security: User-uploaded files (e.g., sheet music) are stored in secure cloud storage. Access is strictly controlled via authenticated, short-lived signed URLs. Files are not publicly accessible to unauthorized users.
Improvement: To respond to your inquiries, comments, and to improve the Service.
Internal Access to Your Information (Admin Privilege)
To ensure the Service operates correctly, authorized NotareFlow personnel may access user data for specific, legitimate business purposes, including:
Providing customer support;
Troubleshooting technical issues;
Investigating suspected violations of our Terms of Use;
Responding to legal requests;
Ensuring platform security and integrity; and
Processing data export and deletion requests.
All such access is logged and audited. Personnel are strictly prohibited from accessing user data without a legitimate business reason.
3. Data Retention
We retain your personal information only for as long as is necessary for the purposes set out in this Privacy Policy.
Student Data: Student records and associated data are retained for a period of seven (7) years to comply with standard educational and business record-keeping practices.
File Assets: File attachments (e.g., PDFs) uploaded to the Service are retained for seven (7) years.
Messages: In-platform messages are retained for one (1) year.
Deletion: Upon expiry of the retention period, data is securely deleted or anonymized. You may request earlier deletion of your data by contacting us, subject to our legal obligations to retain certain data.
4. Cookies and Similar Technologies
We use cookies and similar technologies to operate our services.
Essential Cookies
We use session cookies to maintain your secure login session. These cookies are required for the website to function, are not used for tracking purposes, and are deleted when you log out or after a set period (e.g., 8 hours).
Local Storage
We use browser Local Storage to save your UI preferences:
theme / vite-ui-theme: Stores your preferred interface theme (light/dark).
sidebar-state: Remembers your sidebar collapse preference.
Your Choices
The NotareFlow application (app.notareflow.com) only uses strictly necessary cookies required for the Service to function. We do not use any tracking, analytics, or marketing cookies within the application. Our marketing website (www.notareflow.com) may use additional cookies as described in the cookie consent banner displayed on that site. You may stop or restrict the placement of cookies on your computer by adjusting your web browser preferences. However, if you block essential cookies, the Service may not function correctly.
5. Information Sharing and Disclosure
We do not sell your personally identifiable information. We may share your information in the following circumstances:
Third-Party Vendors
We use trusted third-party vendors to provide the underlying infrastructure for the Service. These vendors access your information only to perform specific tasks on our behalf and are obligated not to disclose or use it for any other purpose:
Stripe: Payment processing services.
Supabase Auth: Identity authentication and user management.
DigitalOcean: Cloud hosting, server infrastructure, and deployment services.
Supabase: Database hosting, data storage, and file storage.
Google Fonts: Web font rendering services.
unpkg: Content delivery network for UI assets.
Twilio SendGrid: Transactional email delivery services, studio announcements, and lesson updates.
Twilio: SMS delivery services (used for notifications, account security, and COPPA verification).
Legal Requirements: We may disclose information if required to do so by law or in the good-faith belief that such action is necessary to comply with state and federal laws (such as Illinois law), in response to a court order, judicial or other government subpoena or warrant, or to otherwise cooperate with law enforcement or other governmental agencies.
Business Transfers: We may transfer your information in connection with the sale, merger, or change of control of NotareFlow.
6. Security
The security of your personally identifiable information is very important to us. We use reasonable physical, electronic, and managerial procedures to safeguard the information we collect. However, due to the inherent open nature of the Internet, we cannot guarantee that your personally identifiable information will be completely free from unauthorized access by third parties.
7. Protection for Children
We generally do not collect personally identifiable information directly from children under 13 without the consent of a parent or guardian. If you are a teacher using the Service, you represent and warrant that you have obtained all necessary consents from parents or guardians for any student under the age of 13 before inputting their data into the Service.
If we become aware that personally identifiable information from a child under the age of 13 has been collected without such consent, we will use all reasonable efforts to delete such information from our database.
8. International Users
NotareFlow is owned and operated in the United States. If you are accessing the Service from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States, where our servers are located, and our central database is operated.
The data protection and other laws of the United States and other countries might not be as comprehensive as those in your country. By using the Service, you understand that your information will be transferred to our facilities and those third parties with whom we share it as described in this Privacy Policy.
9. Changes to this Privacy Policy
We reserve the right to change, modify, add, or remove portions from this Privacy Policy at any time. If we make material changes to how we use your personally identifiable information, we will post those changes here and give you the opportunity to opt out of any differing uses. Your continued use of the Service following the posting of any changes to this Privacy Policy means you accept such changes.
10. Governing Law
This Privacy Policy and our legal obligations hereunder are subject to the laws of the State of Illinois, regardless of your location. You hereby consent to the exclusive jurisdiction of and venue in the courts located in the State of Illinois, County of Cook, in all disputes arising out of or relating to the Services.
11. Contact Us
If you have any questions about this Privacy Policy, the practices of this site, or your dealings with this website, please contact us at:
NotareFlow LLC
605 N Michigan Ave.
Floor 4
Chicago, IL 60611
Effective Date: March 1, 2026
Introduction
NotareFlow ("we," "us," or "our") understands the importance of your personal privacy. Therefore, we have created this Privacy Policy to explain how we use and disclose your information when you make it available to us. The Privacy Policy below discloses our practices regarding information collection and usage for the website located at NotareFlow.com, the related mobile website, and the mobile application (collectively, the “Websites”) and the service provided thereon (the “Service”).
By using or accessing the Websites and the Service, you signify your agreement to be bound by this Privacy Policy. IF YOU DO NOT AGREE TO THIS PRIVACY POLICY, YOU MAY NOT ACCESS OR OTHERWISE USE OUR SERVICE OR PARTICIPATE IN OUR SERVICES.
1. Information We Collect
Personally Identifiable Information
We may ask you for, or you may voluntarily submit, personally identifiable information when you are using the Service. The personally identifiable information which you may provide to us could include, but is not limited to:
Your name;
Your contact information (including, without limitation, physical address, email address, and phone number);
Your IP address;
Student profile data (including Date of Birth Information);
Lesson notes, practice logs, message content; and
Other personal information you choose to provide.
Payment Information
NotareFlow uses Stripe, a third-party payment processor, to process all payments. When you add a payment method, your credit card or bank information is sent directly to Stripe and is never stored on NotareFlow servers (PCI Compliance).
We only retain the following limited information for display and verification purposes:
A reference identifier linking to your Stripe account;
The last 4 digits of your card;
The card brand and expiration date.
Non-Personal Or Aggregate Information
When you access our Service, we may automatically collect non-personally identifiable information from you, such as IP host address, web pages viewed, browser type, operating system, referring service, search information, device type, page views, usage, and browsing habits on the Service, and similar data. We may also aggregate demographic information collected from our users (such as the number of users in a particular geographical location) in a manner that does not identify any one individual.
2. How We Use Your Information
We will only use your personally identifiable information as described below, unless you have specifically consented to another type of use:
To Provide the Service: We use your information to operate, maintain, and provide the features and functionality of the Service.
Role-Based Access Control: NotareFlow is designed with specific privacy controls based on user roles:
Teachers: Have control and management rights over their studio data.
Parents: Can strictly view data related to their own children.
Students: Can strictly view their own data.
Communication: To send you emails regarding our services, technical notices, updates, security alerts, and support messages.
File Security: User-uploaded files (e.g., sheet music) are stored in secure cloud storage. Access is strictly controlled via authenticated, short-lived signed URLs. Files are not publicly accessible to unauthorized users.
Improvement: To respond to your inquiries, comments, and to improve the Service.
Internal Access to Your Information (Admin Privilege)
To ensure the Service operates correctly, authorized NotareFlow personnel may access user data for specific, legitimate business purposes, including:
Providing customer support;
Troubleshooting technical issues;
Investigating suspected violations of our Terms of Use;
Responding to legal requests;
Ensuring platform security and integrity; and
Processing data export and deletion requests.
All such access is logged and audited. Personnel are strictly prohibited from accessing user data without a legitimate business reason.
3. Data Retention
We retain your personal information only for as long as is necessary for the purposes set out in this Privacy Policy.
Student Data: Student records and associated data are retained for a period of seven (7) years to comply with standard educational and business record-keeping practices.
File Assets: File attachments (e.g., PDFs) uploaded to the Service are retained for seven (7) years.
Messages: In-platform messages are retained for one (1) year.
Deletion: Upon expiry of the retention period, data is securely deleted or anonymized. You may request earlier deletion of your data by contacting us, subject to our legal obligations to retain certain data.
4. Cookies and Similar Technologies
We use cookies and similar technologies to operate our services.
Essential Cookies
We use session cookies to maintain your secure login session. These cookies are required for the website to function, are not used for tracking purposes, and are deleted when you log out or after a set period (e.g., 8 hours).
Local Storage
We use browser Local Storage to save your UI preferences:
theme / vite-ui-theme: Stores your preferred interface theme (light/dark).
sidebar-state: Remembers your sidebar collapse preference.
Your Choices
The NotareFlow application (app.notareflow.com) only uses strictly necessary cookies required for the Service to function. We do not use any tracking, analytics, or marketing cookies within the application. Our marketing website (www.notareflow.com) may use additional cookies as described in the cookie consent banner displayed on that site. You may stop or restrict the placement of cookies on your computer by adjusting your web browser preferences. However, if you block essential cookies, the Service may not function correctly.
5. Information Sharing and Disclosure
We do not sell your personally identifiable information. We may share your information in the following circumstances:
Third-Party Vendors
We use trusted third-party vendors to provide the underlying infrastructure for the Service. These vendors access your information only to perform specific tasks on our behalf and are obligated not to disclose or use it for any other purpose:
Stripe: Payment processing services.
Supabase Auth: Identity authentication and user management.
DigitalOcean: Cloud hosting, server infrastructure, and deployment services.
Supabase: Database hosting, data storage, and file storage.
Google Fonts: Web font rendering services.
unpkg: Content delivery network for UI assets.
Twilio SendGrid: Transactional email delivery services, studio announcements, and lesson updates.
Twilio: SMS delivery services (used for notifications, account security, and COPPA verification).
Legal Requirements: We may disclose information if required to do so by law or in the good-faith belief that such action is necessary to comply with state and federal laws (such as Illinois law), in response to a court order, judicial or other government subpoena or warrant, or to otherwise cooperate with law enforcement or other governmental agencies.
Business Transfers: We may transfer your information in connection with the sale, merger, or change of control of NotareFlow.
6. Security
The security of your personally identifiable information is very important to us. We use reasonable physical, electronic, and managerial procedures to safeguard the information we collect. However, due to the inherent open nature of the Internet, we cannot guarantee that your personally identifiable information will be completely free from unauthorized access by third parties.
7. Protection for Children
We generally do not collect personally identifiable information directly from children under 13 without the consent of a parent or guardian. If you are a teacher using the Service, you represent and warrant that you have obtained all necessary consents from parents or guardians for any student under the age of 13 before inputting their data into the Service.
If we become aware that personally identifiable information from a child under the age of 13 has been collected without such consent, we will use all reasonable efforts to delete such information from our database.
8. International Users
NotareFlow is owned and operated in the United States. If you are accessing the Service from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States, where our servers are located, and our central database is operated.
The data protection and other laws of the United States and other countries might not be as comprehensive as those in your country. By using the Service, you understand that your information will be transferred to our facilities and those third parties with whom we share it as described in this Privacy Policy.
9. Changes to this Privacy Policy
We reserve the right to change, modify, add, or remove portions from this Privacy Policy at any time. If we make material changes to how we use your personally identifiable information, we will post those changes here and give you the opportunity to opt out of any differing uses. Your continued use of the Service following the posting of any changes to this Privacy Policy means you accept such changes.
10. Governing Law
This Privacy Policy and our legal obligations hereunder are subject to the laws of the State of Illinois, regardless of your location. You hereby consent to the exclusive jurisdiction of and venue in the courts located in the State of Illinois, County of Cook, in all disputes arising out of or relating to the Services.
11. Contact Us
If you have any questions about this Privacy Policy, the practices of this site, or your dealings with this website, please contact us at:
NotareFlow LLC
605 N Michigan Ave.
Floor 4
Chicago, IL 60611