← Back to TidyNotes.io

Privacy Policy

Last Updated: February 5, 2026

1. Introduction

Welcome to TidyNotes.io ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our web application.

By using our service, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our service.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

• Email address (via Google OAuth authentication)
• Name (from Google account)
• Authentication credentials (managed securely by Supabase Auth)

2.2 Usage Data

We collect data about how you use our service:

• Templates: Custom note templates you create
• Bookmarks: URLs and categories you save
• Statements: Text content you store
• Template Values: Data entered into templates
• Preferences: Theme settings and UI preferences
• Calculation Data: Business-specific calculations and data (if used)

3. How We Use Your Information

We use the collected information for the following purposes:

• Service Provision: To provide, maintain, and improve our service
• Account Management: To manage your account and authenticate your identity
• Data Storage: To store your templates, bookmarks, statements, and preferences securely in the cloud
• Support: To respond to your inquiries and provide customer support
• Improvements: To analyze usage patterns and improve our service functionality
• Legal Compliance: To comply with applicable laws and regulations

4. Data Storage and Security

Your data is stored securely using Supabase, a cloud database service. We implement industry-standard security measures including:

• Encryption of data in transit (HTTPS/TLS)
• Encryption of data at rest
• Secure authentication via Supabase Auth with Google OAuth
• Row-level security policies in our database
• Regular security audits and updates

While we strive to protect your personal information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security, but we continuously work to maintain the highest security standards.

5. Third-Party Services

We use the following third-party services that may collect information:

5.1 Google (Authentication)

We use Google OAuth for user authentication. Google processes your email address and profile information during sign-in. Google's privacy policy can be found at: https://policies.google.com/privacy

5.2 Supabase (Authentication & Data Storage)

We use Supabase for authentication and to store your application data (templates, bookmarks, statements, etc.). Supabase's privacy policy can be found at: https://supabase.com/privacy

6. Your Rights and Choices

Depending on your location, you may have the following rights regarding your personal information:

6.1 Access

You can access your data at any time through the application interface or by contacting us.

6.2 Deletion

You can delete your account and all associated data at any time. To delete your account, contact us at the email address provided below.

6.3 Export

You can export your data in JSON format using the export features within the application.

6.4 Correction

You can update your account information and preferences at any time through the application settings.

6.5 Opt-Out

You can opt out of non-essential data collection by not using certain features of the application.

7. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to maintain your session and improve your experience:

• Session Cookies: Managed by Supabase Auth to maintain your authentication state
• Preference Cookies: To remember your theme and UI settings

You can control cookies through your browser settings. However, disabling cookies may limit your ability to use certain features of our service.

8. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you services. If you delete your account, we will delete or anonymize your personal information within 30 days, except where we are required to retain it for legal compliance.

9. Children's Privacy

Our service is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from those in your country. By using our service, you consent to the transfer of your information to these countries.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. You are advised to review this Privacy Policy periodically for any changes.

Material changes will be communicated via email or through a prominent notice in the application.

12. Compliance

This Privacy Policy is designed to comply with:

• GDPR (General Data Protection Regulation): For users in the European Union
• CCPA (California Consumer Privacy Act): For users in California, USA
• PIPEDA (Personal Information Protection and Electronic Documents Act): For users in Canada

13. Contact Us