Legal

Privacy Policy

Effective Date: February 1, 2026

Notomir ("we," "us," or "our") is committed to protecting the information you entrust to us. This Privacy Policy explains what data we collect, how we use it, and the controls you have over it. By using our platform, you agree to the practices described below.

1. What We Collect

  • Account information. Name, email address, and password when you create an account.
  • Documents you upload. Insurance policies, tax documents, financial statements, and any other client files you submit for processing.
  • Extracted data. Structured data our system derives from your documents (client names, policy numbers, document types, dates).
  • Usage data. Log files, IP addresses, browser type, pages visited, and feature interactions collected automatically.
  • Payment data. Billing address and payment method details handled by our PCI-compliant payment processor. We do not store full card numbers.

2. How We Use It

  • To operate, maintain, and improve the Notomir platform.
  • To extract, structure, and deliver document data back to you.
  • To send transactional emails (account verification, processing notifications, billing receipts).
  • To detect and prevent fraud, abuse, and security incidents.
  • To comply with applicable legal obligations.

We do not sell, rent, or share your data with third parties at all. We collect your data to make it available to you only.

3. Third-Party Services

Notomir uses the following sub-processors to deliver our service. Each is bound by data processing agreements consistent with applicable privacy laws.

Supabase

Database, authentication, and file storage hosted in AWS us-east-1. Your documents and account data reside on Supabase infrastructure.

Google Drive

Optional integration for document ingestion. Only accessed when you explicitly connect your Drive account.

Google Gemini

AI model used to extract structured data from documents. Document contents are transmitted to Google's API for processing and are not used to train Google's models under our enterprise terms.

4. Data Retention

We retain your account data and documents for as long as your account is active. After account deletion, data is purged within 30 days, except where retention is required by law. Extracted records in audit logs are retained for up to 7 years to support compliance obligations.

5. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access and receive a copy of the data we hold about you.
  • Correct inaccurate or incomplete data.
  • Request deletion of your data.
  • Object to or restrict certain processing.
  • Port your data to another service.

To exercise any of these rights, contact us at sales@notomir.com.

6. Contact

Questions about this Privacy Policy should be directed to:
sales@notomir.com