Log in

Get Noty for Free

Log in

Get Noty for Free

Privacy policy

Privacy policy

Last updated: May 17, 2026


1. Introduction

Welcome to Notyai, Inc (“we,” “us,” or “our”). We operate the website https://noty.ai/ and the “AI Note Taker for Google Meet, by Noty.ai” Chrome browser extension (collectively, the “Service”).

This Privacy Policy explains what data we collect through both the website and the Chrome extension, how we use and store that data, with whom we share it, and how you can exercise your rights. By installing the extension or using the website, you agree to the practices described in this policy.

2. Definitions

  • "Personal Data" means any data that can identify a living individual, directly or in combination with other information.

  • "Usage Data" means data collected automatically from the Service (e.g., page-visit duration, feature-usage frequency).

  • "Conversational Data" means text-based transcripts, summaries, action items, and other content generated from meetings processed by the extension. Noty.ai does not record or store audio.

  • "Cookies" means small files stored on your device by a website.

  • "Data Controller" means the entity that determines the purposes and means of processing Personal Data. For this policy, Notyai, Inc is the Data Controller.

  • "Data Processor (Service Provider)" means any entity that processes data on behalf of the Data Controller.

3. Data We Collect

3.1 Data Collected by the Chrome Extension

When you install and use the Noty.ai Chrome extension, we may collect the following categories of data:

Meeting Transcripts (Real-Time): The extension processes meeting speech in real time to generate text-based transcripts, summaries, action items, and follow-up suggestions. We do not record, store, or retain any meeting audio. Audio is streamed directly to Google’s Vertex AI for immediate speech-to-text conversion and is discarded after processing — no audio files are ever saved on our servers.

Meeting Metadata: This includes the meeting title, date, time, duration, calendar event details, and the names and email addresses of meeting participants as displayed in Google Meet.

Google Account Information: When you sign in to the extension, we collect your name, email address, and profile picture from your Google account via OAuth, solely for authentication and account creation.

Extension Usage Data: We collect data about how you interact with the extension, such as features used, frequency of use, error logs, and performance metrics.

Browser and Device Information: This includes your browser type and version, operating system, device identifiers, and IP address.

3.2 Data Collected via the Website

Account Information: Email address, first and last name, and optionally your address, city, state, province, and postal code.

Usage Data: IP address, browser type and version, pages visited, time and date of visit, time spent on pages, and other diagnostic data.

Cookies and Tracking Technologies: Session cookies, preference cookies, security cookies, and advertising cookies. See Section 8 for details.

4. How We Use Your Data

We use the collected data for the following purposes:

  • To provide, operate, and maintain the Service, including generating meeting transcripts, summaries, action items, and follow-ups.

  • To authenticate your identity and manage your account.

  • To improve, personalize, and expand the Service based on usage patterns and feedback.

  • To communicate with you, including sending service-related notices, updates, security alerts, and support messages.

  • To send promotional communications (only with your consent; you may opt out at any time via the unsubscribe link).

  • To detect, prevent, and address technical issues, fraud, and abuse.

  • To comply with legal obligations and enforce our Terms of Service.

  • To carry out any other purpose disclosed at the time you provide data or with your consent.

5. How We Store Your Data

Location: Your data, including Personal Data and Conversational Data, is stored on secure servers located in the United States.

Retention Period — Conversational Data: Meeting transcripts, summaries, and related Conversational Data are retained in your account for as long as your account is active, or until you manually delete them. Upon account deletion, Conversational Data is permanently removed from our servers within 30 days.

Retention Period — Personal Data: We retain Personal Data for as long as necessary to provide the Service, comply with legal obligations, resolve disputes, and enforce our agreements. When data is no longer needed, it is securely deleted or anonymized.

Retention Period — Usage Data: Usage Data is generally retained for a shorter period for analytics purposes, unless it is needed for security, functionality improvements, or legal compliance.

Security Measures: We employ industry-standard security measures, including encryption in transit (TLS/SSL) and at rest, access controls, regular security audits, and monitoring. However, no method of electronic storage or Internet transmission is 100% secure, and we cannot guarantee absolute security.

6. How We Share Your Data

We do not sell or rent your Personal Data to third parties. We share data only in the following circumstances:

6.1 Third-Party Service Providers

We use third-party service providers to help deliver the Service. These providers access your data only to perform tasks on our behalf and are contractually obligated not to disclose or use it for any other purpose. Our primary AI and infrastructure providers are Google services.

Google Gemini AI: We send Conversational Data (meeting transcripts) to Google Gemini AI for processing, including generating summaries, action items, and follow-up suggestions. Google processes this data in accordance with their privacy policy (https://policies.google.com/privacy).

Google Vertex AI: We use Google Vertex AI for real-time speech-to-text transcription. Meeting speech is streamed to Vertex AI for immediate conversion to text and is not recorded or stored as audio. Only the resulting text transcript is retained. Google processes this data in accordance with their privacy policy (https://policies.google.com/privacy) and the Google Cloud Data Processing Terms.

Google Analytics: We use Google Analytics to monitor website and extension usage. Google may use collected data to contextualize and personalize ads in its own network. See Google’s privacy policy at https://policies.google.com/privacy.

Stripe: Payment processing is handled by Stripe. We do not store or collect your payment card details. See Stripe’s privacy policy at https://stripe.com/us/privacy.

GitHub: Used for development, code hosting, and CI/CD. See GitHub’s privacy policy at https://docs.github.com/en/site-policy/privacy-policies/github-general-privacy-statement.

6.2 Legal and Business Disclosures

  • Law Enforcement: We may disclose Personal Data if required by law or in response to valid requests by public authorities.

  • Business Transactions: In the event of a merger, acquisition, or asset sale, your Personal Data may be transferred. We will provide notice before your data becomes subject to a different privacy policy.

  • Protection of Rights: We may disclose data if we believe it is necessary to protect the rights, property, or safety of Notyai, Inc, our users, or others.

  • Affiliates and Subsidiaries: We may share data with our affiliates and subsidiaries for purposes consistent with this policy.

7. Google API Services User Data Policy Compliance

The Noty.ai Chrome extension accesses Google user data through Google APIs (including Google Meet and Google Calendar data). Our use and transfer to any other app of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements (https://developers.google.com/terms/api-services-user-data-policy).

Specifically:

  • We only request access to the Google data that is necessary for the extension to function (real-time meeting speech for transcription, calendar event information, and user profile for authentication). We do not record or store any audio.

  • We do not use Google user data for serving advertisements.

  • We do not allow humans to read your Google user data unless we have your affirmative consent, it is necessary for security purposes, to comply with applicable law, or our use is limited to internal operations and the data has been aggregated and anonymized.

  • We do not transfer Google user data to third parties except as necessary to provide or improve the Service, to comply with applicable laws, or as part of a merger/acquisition with adequate data-protection provisions.

8. Cookies and Tracking Technologies

We use cookies and similar technologies (beacons, tags, scripts) on our website and within the extension to collect and track information.

  • Session Cookies: Used to operate the Service and maintain your session.

  • Preference Cookies: Used to remember your settings and preferences.

  • Security Cookies: Used for security and fraud prevention.

  • Advertising Cookies: Used to serve relevant advertisements (website only).

You can configure your browser to refuse cookies or alert you when cookies are sent. If you disable cookies, some features of the Service may not function properly.

We honor Do Not Track browser signals and do not track, plant cookies, or use advertising when a Do Not Track mechanism is in place.

9. Your Data Protection Rights

9.1 General Rights (All Users)

Regardless of your location, you may:

  • Access, update, or delete your Personal Data and Conversational Data by logging into your Noty.ai account or emailing us at info@noty.ai.

  • Opt out of marketing communications at any time via the unsubscribe link in any email.

  • Request a copy of your data in a machine-readable format.

9.2 Rights Under GDPR (EU/EEA Residents)

If you are a resident of the European Union or European Economic Area, you have the right to:

  • Access, rectify, or erase your Personal Data.

  • Object to or restrict the processing of your Personal Data.

  • Receive your Personal Data in a structured, machine-readable format (data portability).

  • Withdraw your consent at any time where processing is based on consent.

  • Lodge a complaint with your local Data Protection Authority.

To exercise these rights, email us at info@noty.ai. We may request identity verification before processing your request.

9.3 Rights Under CalOPPA

  • Users can visit our website anonymously.

  • Our Privacy Policy link includes the word “Privacy” and is easily accessible from our homepage.

  • Users will be notified of privacy policy changes on this page.

  • Users can change their personal information by emailing info@noty.ai.

9.4 Rights Under CCPA (California Residents)

If you are a California resident, you have the right to:

  • Know what Personal Data we have collected, the sources, the purposes, and the third parties with whom it has been shared.

  • Request the deletion of your Personal Data.

  • Know whether your Personal Data has been sold or disclosed for a business purpose, and to whom.

  • Opt out of the sale of your Personal Data. Note: we do not sell or rent your Personal Data to any third party.

  • Not be discriminated against for exercising your CCPA rights.

To exercise these rights, email us at info@noty.ai. You are entitled to make these requests up to two times in a rolling twelve-month period.

10. International Data Transfers

Your data, including Personal Data, may be transferred to and processed on servers located in the United States, where data protection laws may differ from those of your jurisdiction. If you are located outside the United States, your submission of information through the Service constitutes your consent to this transfer.

We take all steps reasonably necessary to ensure your data is treated securely and in accordance with this Privacy Policy. No transfer of your Personal Data will take place to an organization or country unless adequate controls are in place, including the security of your data.

11. Links to Third-Party Sites

The Service may contain links to third-party websites not operated by us. We have no control over and assume no responsibility for the content, privacy policies, or practices of third-party sites. We encourage you to review the privacy policy of every site you visit.

12. Children’s Privacy

The Service is not intended for use by children under the age of 13 (“Children”). We do not knowingly collect Personal Data from Children. If we become aware that a Child has provided us with Personal Data, we will take steps to delete that information from our servers. If you are a parent or guardian and believe your child has provided us with Personal Data, please contact us at info@noty.ai.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page, updating the “Last updated” date, and, where appropriate, sending an email notification or displaying a prominent notice within the Service.

You are advised to review this Privacy Policy periodically. Continued use of the Service after any changes constitutes your acceptance of the updated policy.

14. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us:

Email: info@noty.ai

Website: https://noty.ai