Notra Logo
Notra

Privacy Policy

Last updated: February 13, 2026

1. Privacy Statement

This Privacy Policy describes how Notra ("we", "us", or "our") collects, uses, and protects your personal information when you use our website at usenotra.com and our dashboard application at app.usenotra.com (collectively, the "Service"). By using the Service, you agree to the collection and use of information in accordance with this policy.

2. Your Privacy Rights

If you are a resident of the European Economic Area (EEA) or the United Kingdom, you have certain data protection rights under the General Data Protection Regulation (GDPR). These include the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate personal data
  • Request deletion of your personal data
  • Object to processing of your personal data
  • Request restriction of processing your personal data
  • Request portability of your personal data
  • Withdraw consent at any time where we rely on consent to process your data

To exercise any of these rights, please contact us at dominik@usenotra.com. We will respond to your request within 30 days.

3. Age Limit

The Service is not intended for individuals under the age of 13. If you are under 13, you may not use the Service. If you are a resident of the European Union, you must be at least 16 years old to consent to the processing of your personal data. If we become aware that we have collected personal data from a child under the applicable age limit, we will take steps to delete that information.

We use only functional and session cookies that are strictly necessary for the operation of the Service. These cookies enable core functionality such as authentication and session management.

For analytics, we use DataBuddy, a cookie-free, GDPR-compliant analytics service. DataBuddy does not use cookies, does not collect personal data, and does not track individual users across sessions. Because no cookies are used for analytics, no cookie consent banner or opt-out mechanism is required.

We do not use any tracking cookies, advertising cookies, or third-party marketing cookies.

5. Information We Collect

We collect the following types of information:

Account Data: When you create an account, we collect your name, email address, and profile information provided through OAuth authentication (GitHub or Google).

Usage Data: We automatically collect information about how you interact with the Service, including pages visited, features used, and timestamps.

Content Data: When you connect third-party integrations (such as GitHub, Linear, or Slack), we collect and process the data you authorize us to access from those services. This includes repository activity, issue data, and messages that you explicitly choose to connect.

Payment Data: If you subscribe to a paid plan, payment processing is handled by our billing provider Autumn (powered by Stripe). We do not store your credit card details directly. When you sign up, we create an Autumn customer profile to enable usage tracking. If you later initiate a payment and a Stripe customer does not already exist, we may create one to process the transaction.

6. Third-Party Services

We use the following third-party services to operate and improve the Service:

  • Vercel — Hosting and deployment
  • Resend — Transactional email delivery
  • Upstash — Redis database and message queues
  • OpenRouter — AI model access for content generation (using models such as Anthropic Claude Haiku 4.5 and Kimi K2.5)
  • Autumn — Subscription billing (powered by Stripe)
  • DataBuddy — Cookie-free, GDPR-compliant website analytics
  • GitHub — OAuth authentication and repository integration
  • Google — OAuth authentication

Each of these services has its own privacy policy governing the data they process.

7. Retention and Deletion

We retain your personal data for as long as your account is active or as needed to provide you with the Service. If you request deletion of your account, we will delete your personal data within 30 days, except where we are required to retain certain information for legal or regulatory purposes.

To request deletion of your account and associated data, contact us at dominik@usenotra.com.

8. Third-Party Websites

The Service may contain links to third-party websites. We are not responsible for the privacy practices or content of those websites. We encourage you to read the privacy policy of any website you visit.

9. How We Use Your Information

We use the information we collect for the following purposes:

  • Service delivery: To provide, maintain, and improve the Service
  • Billing: To process subscriptions and payments
  • Communications: To send you important updates about the Service, including security notices and changes to our terms. Marketing emails are opt-in only, and you can unsubscribe using the link in the footer of each marketing email.
  • AI content generation: To process your connected data through AI models and generate content drafts on your behalf
  • Analytics: To understand how the Service is used and to improve the user experience

We do not sell your personal data to third parties.

10. California Privacy Rights

If you are a California resident, you have the right to request disclosure of the categories and specific pieces of personal information we have collected about you, the categories of sources from which your personal information is collected, the business purpose for collecting your personal information, and the categories of third parties with whom we share your personal information.

To exercise your rights under the California Consumer Privacy Act (CCPA), contact us at dominik@usenotra.com.

11. Updates to This Notice

We may update this Privacy Policy from time to time. When we make changes, we will update the "Last updated" date at the top of this page. We encourage you to review this Privacy Policy periodically. Continued use of the Service after any changes constitutes your acceptance of the updated policy.

12. Data Breach

In the event of a data breach that affects your personal data, we will notify the relevant supervisory authority within 72 hours as required by the GDPR, where applicable. If the breach is likely to result in a high risk to your rights and freedoms, we will also notify you directly.

13. Governing Law

This Privacy Policy is governed by the laws of the Federal Republic of Germany. Any disputes arising from or relating to this Privacy Policy shall be subject to the exclusive jurisdiction of the courts in Hamburg, Germany.

14. Contact

If you have any questions about this Privacy Policy or our data practices, please contact us at:

Email: dominik@usenotra.com

Dominik Koch
c/o IP-Management #8532
Ludwig-Erhard-Str. 18
20459 Hamburg, Germany

Notra Logo
Notra
Turn your daily work into publish-ready content!
© 2026 Notra. All rights reserved.
LinkedinGitHub
Product
FeaturesPricingShowcase
Legal
Privacy PolicyTerms of ServiceLegal Notice