Terms of Service
Please read the following Terms of Service carefully before continuing to use this website.
Privacy Policy
Last updated: November 6, 2025
This Privacy Policy explains how Notalyn (“we,” “our,” “us”), operated by RAE Kersten in the Netherlands, collects, uses, and protects your personal data when you use our platform at notalyn.io.
1. Who We Are
We operate Notalyn, a SaaS platform that transforms Notion documentation into guided, trackable onboarding experiences for teams.
2. Data We Collect
We collect only the information necessary to deliver and improve our service.
a. Account Information
Name
Email address
Password (securely hashed)
b. Workspace & Activity Data
Onboarding flow content imported from your Notion workspace
Learner progress, assignments, and completion metrics
c. Usage & Technical Data
Log data (browser type, device, IP address, timestamps)
Cookies or local storage for authentication and session management
d. Payment Information
Handled exclusively by Stripe. We never store or have access to full payment card details.
3. How We Use Your Data
We use your information to:
Provide and maintain the Notalyn platform
Authenticate users and secure accounts
Display, track, and manage onboarding progress
Communicate important service updates or technical notices
Improve features and user experience
Comply with legal obligations
We do not sell or share personal data with third parties for marketing purposes.
4. Legal Basis for Processing
Under the EU GDPR, we process personal data on the following legal bases:
Contractual necessity – to provide you the Notalyn service
Legitimate interests – to improve the platform and ensure security
Legal obligation – to comply with financial or tax requirements
Consent – for optional communications or analytics where applicable
5. Data Storage & Security
Data is securely hosted on Supabase, a GDPR-compliant provider.
Backups and encrypted connections (TLS/SSL) protect all user data.
Access to data is restricted to authorized personnel only.
We maintain appropriate technical and organizational measures to prevent unauthorized access, alteration, or disclosure.
6. Data Retention
We retain your data as long as your account is active.
When you delete your account, we remove associated personal data within 30 days, except where retention is legally required (e.g., for invoices or audit purposes).
7. International Transfers
Data is primarily stored in EU-based servers.
If any processing occurs outside the EEA, it is done under GDPR-approved safeguards such as Standard Contractual Clauses (SCCs).
8. Your Rights
Under GDPR, you have the right to:
Access, correct, or delete your personal data
Request data portability
Withdraw consent (where applicable)
Object to or restrict certain processing
File a complaint with your local data protection authority (in the Netherlands: Autoriteit Persoonsgegevens)
To exercise these rights, contact us at rein@notalyn.io.
9. Third-Party Services
We use certain third-party providers to operate Notalyn:
Notion – for workspace data connection
Mailgun – for sending transactional emails
Stripe – for payment processing
Supabase – for data storage and authentication
Each provider processes data according to its own privacy policy. We ensure these providers meet GDPR and data-protection standards.
10. Cookies & Tracking
We use essential cookies for authentication and session management.
Optional analytics cookies (if introduced) will only be activated with your consent.
11. Children’s Privacy
Notalyn is not directed toward children under 16.
We do not knowingly collect personal data from minors.
12. Changes to This Policy
We may update this Privacy Policy periodically.
The latest version will always be available at notalyn.io/privacy.
Material updates will be announced within the platform or via email.
13. Contact
For any privacy-related questions or data requests:
📧 rein@notalyn.io