My notary

1. INTRODUCTION

My Notary (hereinafter "we", "our", "My Notary"), places great importance on protecting your personal data and respecting your privacy.

This Privacy Policy describes how we collect, use, store, and protect your personal data when you use our platform accessible via the website mynotary.io (hereinafter "the Platform").

This policy complies with applicable data protection regulations, including the General Data Protection Regulation (GDPR - Regulation EU 2016/679) where relevant.

2. DATA CONTROLLER

The data controller for your personal data is:

My Notary

Email: support@mynotary.io

3. PERSONAL DATA COLLECTED

3.1 Data Collected Directly

We collect data that you provide directly when:

Creating an account:

First and last name
Email address
Phone number
Complete postal address
Country of residence

Booking and notarization:

Signatory information (first name, last name, email)
Documents to be notarized
Identity documents (passport, ID card, driver's license)
Photograph of your face (during identity verification)
Video recording of notarization session (in accordance with legal requirements)

Payment:

Billing information
Transaction data (via our payment provider Stripe)
Payment history

Communication:

Content of your messages with our customer service
Complaints and requests
Communication preferences

3.2 Automatically Collected Data

When using the Platform, we automatically collect:

Connection data:

IP address
Browser type and version
Operating system
Pages viewed and visit duration
Referral source
Approximate location data (based on IP)

Cookies and similar technologies:

Session identifiers
User preferences
Analytics data (via Google Tag Manager)

3.3 Sensitive Data

We may process data considered sensitive under GDPR, including:

Biometric data (facial recognition for identity verification)
Data contained in your documents (which may reveal sensitive information)

Processing of this data is strictly necessary for the provision of our notarization services and is based on your explicit consent.

4. PURPOSES AND LEGAL BASES OF PROCESSING

We process your personal data for the following purposes:

4.1 Contract Performance

Purpose: Provide our notarization services

Creating and managing your account
Processing your bookings
Organizing notarization sessions
Verifying your identity
Obtaining and sending apostilles
Communication related to your orders

Legal basis: Contract performance (Article 6.1.b GDPR)

4.2 Legal Obligation

Purpose: Comply with our legal obligations

Retention of notarized documents and recordings
Legal archiving of notarization acts
Identity verification (fraud prevention and KYC compliance)
Invoicing and accounting
Response to requests from competent authorities

Legal basis: Legal obligation (Article 6.1.c GDPR)

4.3 Legitimate Interest

Purpose: Improve our services and ensure security

Analysis and improvement of the Platform
Fraud detection and prevention
IT system security
Complaint and dispute management
User experience optimization

Legal basis: Legitimate interest (Article 6.1.f GDPR)

4.4 Consent

Purpose: Marketing and communication

Sending newsletters and promotional offers
Personalized marketing communication
Non-essential cookies and advertising trackers

Legal basis: Consent (Article 6.1.a GDPR)

You may withdraw your consent at any time via unsubscribe links in our emails or by contacting us.

5. DATA RECIPIENTS

Your personal data is accessible to the following categories of recipients:

5.1 Internal Recipients

Authorized My Notary personnel (customer support, technical team)
Partner notaries assigned to your case (limited access to necessary data)

5.2 Service Providers

We use third-party providers for:

Hosting and technical infrastructure:

Supabase (database hosting)
Cloud services for secure document storage

Payment:

Stripe (payment processing)

Communication:

Transactional email services
Secure video conferencing platform for RON sessions

Analytics and marketing:

Google Tag Manager (traffic analysis)
Conversion and optimization tools

Postal services:

Delivery providers for document shipping

All our providers are carefully selected and contractually bound to respect the confidentiality and security of your data.

5.3 Competent Authorities

We may be required to communicate your data to legal authorities in case of:

Legal obligation
Court order
Protection of our legal rights

5.4 International Transfers

Some of our providers may be located outside the European Union. In this case, we ensure that:

The country benefits from an adequacy decision by the European Commission, or
Appropriate safeguards are in place (EU-approved standard contractual clauses)

Transfers to the United States are carried out as part of the notarization service execution, which requires the intervention of certified notaries.

6. RETENTION PERIOD

We retain your personal data only for the duration necessary for the purposes for which it was collected.

6.1 Account Data

Active account: throughout the duration of Platform use
Inactive account: 3 years after last activity, then deletion
After account deletion: immediate deletion, except legal obligations

6.2 Notarization Documents and Recordings

Notarized documents: retained for minimum 10 years (legal obligation)
Video recordings: retained for 10 years (in accordance with notarization requirements)
Identity documents: retained for the duration of contractual relationship + 5 years

6.3 Payment Data

Billing information: 10 years (accounting obligation)
Credit card data: not retained by My Notary (managed by Stripe)

6.4 Communication Data

Support exchanges: 3 years after last interaction
Complaints: time necessary for dispute processing + 5 years

6.5 Marketing Data

Active consent: until consent withdrawal
Inactivity: 3 years without interaction, then deletion

7. YOUR RIGHTS

In accordance with GDPR, you have the following rights regarding your personal data:

7.1 Right of Access

You have the right to obtain:

Confirmation that your data is being processed
A copy of your personal data
Information about processing purposes

7.2 Right of Rectification

You may request correction of inaccurate or incomplete data.

7.3 Right to Erasure ("right to be forgotten")

You may request deletion of your data in the following cases:

Data is no longer necessary
You withdraw your consent
You object to processing
Data has been unlawfully processed

Limitations: This right does not apply to data we must retain to comply with legal obligations (notarized documents, recordings, accounting data).

7.4 Right to Restriction of Processing

You may request restriction of processing in certain situations:

You contest the accuracy of data
Processing is unlawful but you do not wish erasure
You need the data to establish, exercise, or defend legal rights

7.5 Right to Data Portability

You may receive your data in a structured, commonly used format and transmit it to another data controller.

7.6 Right to Object

You may object to processing of your data:

For reasons relating to your particular situation (processing based on legitimate interest)
At any time for direct marketing

7.7 Right to Withdraw Consent

When processing is based on your consent, you may withdraw it at any time. This does not affect the lawfulness of processing performed before withdrawal.

7.8 Right to Define Post-Mortem Directives

You may define directives regarding retention, erasure, and communication of your data after your death.

7.9 Exercising Your Rights

To exercise your rights, contact us at: support@mynotary.io

We commit to responding within a maximum of one month from receipt of your request.

You must provide proof of identity for security reasons.

7.10 Right to Lodge a Complaint

If you believe your rights are not being respected, you may lodge a complaint with the competent data protection authority in your place of habitual residence, your place of work, or the place of the alleged infringement.

8. DATA SECURITY

We implement appropriate technical and organizational measures to protect your personal data against:

Unauthorized access
Accidental loss
Destruction
Alteration
Unauthorized disclosure

8.1 Technical Measures

Encryption: SSL/TLS encryption for all data transmissions
Encryption at rest: Documents and sensitive data encrypted in database
Strong authentication: Account protection by secure passwords
Monitoring: Continuous system monitoring to detect intrusions
Backups: Regular and secure data backups

8.2 Organizational Measures

Limited access: Only authorized persons have access to data
Training: Personnel trained in data protection
Confidentiality: Confidentiality clauses with all employees and providers
Security policy: Strict internal security procedures
Audits: Regular reviews of our security practices

8.3 Breach Notification

In case of a data breach likely to result in a high risk to your rights and freedoms, we will inform you as soon as possible in accordance with GDPR.

9. COOKIES AND SIMILAR TECHNOLOGIES

9.1 What is a Cookie?

A cookie is a small text file placed on your device when you visit the Platform. Cookies allow recognition of your browser and collection of information.

9.2 Types of Cookies Used

Strictly Necessary Cookies:

These cookies are essential for Platform operation:

Authentication and security
Shopping cart and session
Load balancing

These cookies do not require your consent.

Performance and Analytics Cookies:

These cookies help us understand how visitors use the Platform:

Google Tag Manager
Traffic statistics
Conversion measurement

Functionality Cookies:

These cookies enhance your experience:

Language preferences
Display preferences

Advertising Cookies:

These cookies may be used to personalize advertising (if applicable)

9.3 Cookie Management

You can manage your cookie preferences at any time via:

The cookie banner during your first visit
Your browser settings
Our cookie management tool accessible on the Platform

Browser Configuration:

You can configure your browser to:

Accept all cookies
Reject all cookies
Be notified when a cookie is placed

For more information:

Warning: Refusing certain cookies may affect Platform functionality.

9.4 Cookie Retention Period

Session cookies: deleted when browser closes
Persistent cookies: variable duration, maximum 13 months

10. MARKETING AND COMMUNICATION

10.1 Transactional Communications

We send you emails related to use of our services:

Booking confirmation
Appointment reminders
Document status notifications
Invoices

These communications are necessary for contract performance and do not require your consent.

10.2 Marketing Communications

With your consent, we may send you:

Newsletters
Promotional offers
News and features

You can unsubscribe at any time via:

The unsubscribe link in each email
Your user account
By contacting us at support@mynotary.io

11. MINORS

The Platform is not intended for persons under 18 years of age. We do not knowingly collect personal data concerning minors.

If you are a parent or guardian and believe your child has provided us with personal data, contact us immediately at support@mynotary.io so we can delete this data.

12. LINKS TO OTHER SITES

The Platform may contain links to third-party sites. We are not responsible for the privacy practices of these sites. We encourage you to read their privacy policies.

13. POLICY MODIFICATIONS

We may modify this Privacy Policy at any time to reflect:

Changes in our practices
Legal or regulatory developments
Service improvements

Significant modifications will be notified to you by:

Email
Platform notification
Update of "Last updated" date

Your continued use of the Platform after modification constitutes acceptance of the new policy.

14. DATA PROTECTION OFFICER (DPO)

For any questions regarding the protection of your personal data, you may contact our dedicated service:

Email: support@mynotary.io

Subject: "Personal Data Protection"

15. CONTACT

For any questions regarding this Privacy Policy or processing of your personal data:

My Notary

Email: support@mynotary.io

By using the My Notary Platform, you acknowledge that you have read and understood this Privacy Policy.