Security at NoteMatica AI
How we protect your data, your account, and the people you serve.
Your data is isolated
Every account is fully separated from every other. Your content is private to you, and no other customer can see or reach your data.
Encryption
All communication with NoteMatica is encrypted, and your data is encrypted when stored. We never handle raw card numbers — payments run through trusted providers (Stripe, and Apple and Google for in-app purchases), so card details never touch our servers.
Login and account protection
Secure, modern authentication. Sessions are time-limited and expire automatically, and unusual activity can end a session early.
Privacy
Your content is visible only to you. We never sell or share your data or use it for advertising. You own your data and can request deletion at any time.
Continuous security
We audit the platform for vulnerabilities through automated scanning and hands-on review, and remediate findings through a documented process.
A note on healthcare
NoteMatica AI products aren't intended for healthcare, medical, or HIPAA-regulated use; our Business assistant actively blocks healthcare onboarding.
Per product
For Business
Your assistant only runs on domains you authorize, and copied embed codes won't load elsewhere. Sensitive linked accounts are stored encrypted. Healthcare onboarding is blocked by design.
For Students
Sign-in is handled by a trusted identity provider, so we never store your password. Imported links are checked before they're fetched.
Pathways
Sign-in through a trusted identity provider. Purchases are verified directly with Apple and Google, and access updates automatically if a purchase is refunded.