Privacy Policy

Notify is a self-hosted software platform for transactional notification management. This Privacy Policy explains how we collect, use, and protect personal data when you visit our website, use our platform, or contact us directly. For the purposes of applicable data protection law, Notify is the data controller for information collected through this website and our sales and support processes.

Information you provide directly: contact form submissions (name, email, company, message), sales enquiries, support requests, and license registration details.

Information collected automatically: server logs (IP address, browser type, pages visited) and session/preference cookies necessary for website operation.

We do not collect data from your installation. Contact records, notification logs, SMTP credentials, and template content stored in your self-hosted Notify instance are never transmitted to us.

We use personal information to: respond to enquiries and support requests; administer license keys and renewal reminders; send security advisories and critical update notices relevant to your installation; meet legal obligations; and analyse aggregated usage patterns to improve the website. We do not use your data for automated decision-making or profiling.

Where GDPR applies, we rely on: Consent (where explicitly given, e.g., subscribing to updates); Legitimate interests (responding to enquiries, administering licenses, improving the website); Legal obligation (complying with applicable laws); and Contract (performing our obligations under a license agreement).

We do not sell, rent, or trade your personal information. We may share it with hosting and email infrastructure providers who are contractually bound to process data only as instructed. We will also disclose data where required by law or court order. All third-party processors are evaluated for data protection compliance and bound by appropriate data processing agreements.

Contact enquiries are retained for 24 months from last contact. License records are kept for the duration of the license plus 6 years for legal purposes. Server logs are deleted after 90 days. You may request earlier deletion subject to any legal retention requirements (see Section 8).

This website uses only essential cookies: a session cookie (expires on browser close) and a CSRF token cookie (session-scoped, protects form submissions). We do not use advertising, cross-site tracking, or analytics cookies that identify individuals. You may disable cookies in your browser, though this may affect form functionality.

Subject to applicable law, you have the right to: access personal data we hold about you; rectify inaccurate or incomplete data; request erasure where no legal retention applies; restrict processing in certain circumstances; receive data in a structured machine-readable format; object to processing based on legitimate interests; and withdraw consent at any time. To exercise these rights, contact privacy@notify.io. We will respond within 30 days.

We implement appropriate technical and organisational measures including encrypted transmission (TLS), access controls, and periodic security reviews to protect your data. No method of internet transmission is completely secure, but we take reasonable precautions.

If we transfer personal data outside your jurisdiction, appropriate safeguards such as Standard Contractual Clauses (SCCs) or adequacy decisions will be in place. Contact us for details of the safeguards applicable to your data.

We may update this Privacy Policy from time to time. The "last updated" date at the top of this page reflects the most recent revision. For material changes, we will provide prominent notice on this website or notify existing license holders by email.

For questions, data subject requests, or concerns about this Privacy Policy, contact us at privacy@notify.io.