Privacy Policy

Last Updated: October 16, 2025.
Your data security is our priority.

1. Data Collection and Purpose

We, PeerNotez, act as the Data Fiduciary and collect personal data only when necessary to provide our Service (lawful purpose).

Personal Data We Collect:

  • User Provided Data: Name, Email Address, Hashed Password, and Profile Avatar (collected during sign-up or profile update).
  • Service Data: Notes, Blogs, Reviews, and Comments uploaded (this content is public, but associated with your ID), as well as Followed/Saved Notes lists.
  • Technical Data: IP address and device identifier (collected automatically for security, logging, and performance analysis).

Purpose of Processing:

The collected data is used exclusively to: (1) Create and manage your account and profile. (2) Enable core service functionality (uploading, viewing, following). (3) Communicate with you regarding service updates or security alerts. (4) Maintain service security and comply with legal obligations.

2. Data Storage & Security

We implement reasonable safeguards to prevent unauthorized access, loss, or misuse of your data.

Security Measures:

  • Passwords are stored using strong, one-way hashing (encryption).
  • Data is stored only for the duration necessary to serve the stated purpose.

Third-Party Sharing:

We do not sell or rent your personal data. We share data only with service providers necessary for platform operation:

  • Cloudinary: Used for storing note files and profile avatars securely.
  • MongoDB (via Mongoose/Atlas): Used for storing user metadata, content indices, and other database information.

3. Your Rights as a Data Principal

Under the DPDP Act and global regulations, you have several rights regarding your data. To exercise any of these rights, please contact us via the email below.

  • Right to Access: You may request access to the personal data we hold about you.
  • Right to Rectification: You have the right to correct inaccurate or incomplete data (e.g., updating your name/email via your profile).
  • Right to Erasure: You may request the deletion of your account and all associated personal data (subject to legal retention requirements).
  • Right to Withdraw Consent: You may withdraw your consent for future data processing at any time (e.g., by deleting your account).

Contact Us

If you have questions about this policy or wish to exercise your rights, please contact us:

aadiwrld01@gmail.com