Skip to content
BETA

Privacy

Privacy

Section titled “Privacy”

The architecture of Notabotly fundamentally prioritizes privacy. Let’s look at exactly what data touches our infrastructure.

What we store:

Section titled “What we store:”
  • session_id (e.g. sess_abcd123)
  • app_id (Your developer tracking identifier)
  • redirect_url
  • status (pending, true, false, timeout)
  • created_at

Sessions naturally evaporate from our Key-Value storage entirely after 10 Minutes (600 TTL). No historical verification database is maintained.

What we NEVER store:

Section titled “What we NEVER store:”
  • We Never store any biometric data. Your mobile device securely signs a hardware payload via the WebAuthn standard locally. We only verify the cryptographic signature.
  • We Never log end-user IP Addresses.
  • We Never log browser fingerprinting variables or track mouse movements.

GDPR Notes

Section titled “GDPR Notes”

Because Notabotly doesn’t store PII (Personally Identifiable Information), using Notabotly avoids adding extra data processor complexity to your application stack.