This policy explains, plainly, what data Knotetaker (the “Service”) collects and how it is used. Knotetaker is a personal project operated by an individual in the United States. It is written to be honest about our practices — it is not a claim of compliance with the GDPR, CCPA/CPRA, or other regional privacy laws. The Service is intended for users in the United States; if you are located in the European Union, the EEA, or the United Kingdom, please do not use the Service. Use of the Service is also governed by our Terms of Use.
What we collect
- Account information — your email address and (optionally) phone number. These are your account identifiers: we use them to sign you in and to send you notifications that are part of the Service.
- Your Content — the notes, links, text, emails, meeting notes, and other material you choose to submit for capture and enrichment.
- Technical and usage data — basic logs and error reports needed to operate and debug the Service, plus aggregate usage analytics (see Analytics below). We do not run advertising.
How we use it
- to provide the Service — storing, organizing, and displaying Your Content;
- to power AI features that summarize, enrich, and find connections across your material;
- to secure, maintain, debug, and improve the Service;
- to contact you about your account or the Service.
We use your data only to provide and operate the Service. We do not sell your data, we do not send marketing email, and we do not use Your Content to train our own models. Any messages we send you — by email or SMS — are transactional: sign-in links, account notices, and notifications that are part of the Service.
AI providers and other sub-processors
To run the Service, Your Content and related data may be processed by third-party providers, currently including:
- Supabase — database, authentication, and hosting;
- Render — application hosting;
- Voyage AI — text embeddings;
- Anthropic and OpenAI — AI processing;
- Resend — sending email;
- Sentry — error monitoring;
- Google Analytics — aggregate usage analytics.
We may add other providers as we build advanced features (for example, voice tools such as ElevenLabs), and will update this list when we do. Each provider processes data under its own terms; the AI providers we use generally do not train their models on data sent through their business APIs, but their practices are their own.
Analytics
We use Google Analytics to understand, in aggregate, how the Service is used so we can improve it — things like which pages are visited and general device and region information. This sets cookies and shares that usage data with Google. We use it only for product analytics: never for advertising, and we never sell your data. Because the Service isn’t intended for EU/EEA/UK users (see the Terms), we don’t show a cookie banner; you can block analytics cookies in your browser if you prefer.
Where your data lives
The Service is operated from and hosted in the United States, and your data is stored and processed there and by the providers above. We do not offer regional data residency.
Retention and deletion
We keep Your Content until you delete it or ask us to delete your account. You can request deletion of your data at any time by emailing billwatt@gmail.com; we will delete it within 30 days of a verified request. Some data may persist for a limited time in backups or provider logs.
Security
We use reasonable measures, including encryption in transit and database row-level access controls, to protect your data. No system is perfectly secure, and we cannot guarantee the security of your data. If a breach affecting your personal information occurs, we will notify you as required by applicable law.
Sensitive information — please don’t
Knotetaker is not designed or intended to store sensitive personal or financial information. We strongly discourage submitting any of the following:
- passwords or login credentials;
- bank account or routing numbers;
- credit or debit card numbers;
- Social Security or government ID numbers;
- medical records or health information;
- any other financial, confidential, or highly sensitive information.
We assume no liability for any loss, damage, or exposure resulting from sensitive information you choose to store in the Service.
Your choices
You can, at any time:
- request a copy of the data we hold about you;
- ask us to correct inaccurate account information;
- ask us to delete your account and associated data;
- reply STOP to opt out of SMS notifications (once SMS is offered).
To make a request, email billwatt@gmail.com.
Information about other people
If you submit information about other people — for instance in emails or meeting notes — you are responsible for having the right to do so. That information is treated as part of Your Content.
Children
The Service is not intended for anyone under 18, and we do not knowingly collect data from children.
Changes
We may update this policy from time to time. When we do, we will revise the “Last updated” date above. We may also share more about what we’re building on our blog.
Contact
Questions or requests? Email billwatt@gmail.com.