Privacy Policy

Last Updated: March 23, 2026 · Version 1.0

1. Who We Are

This Privacy Policy describes how Collatio LLC (“Collatio,” “we,” “us,” or “our”) handles information in connection with Notis, our cryptographic document sealing and digital signature tool.

The short version: Your documents never leave your device. We can’t see, read, or access them. Notis is built so we don’t have to collect your data to provide the service. We make money by building a great product — not by harvesting your information.

2. What Notis Doesn’t Collect

Because of how Notis is designed, there are entire categories of data we simply never have access to:

(a) Your documents. All files you seal, sign, or verify are processed entirely on your device. They are never uploaded to our servers.

(b) Your private keys. Cryptographic keys are generated and stored on your device. We never see them.

(c) Your signatures. Digital signatures are created locally. We do not have copies.

(d) Your document contents. We cannot read, scan, index, or analyze what you sign.

This isn’t a policy choice we might reverse — it’s how the software works. We built it this way on purpose.

3. What We May Collect

We collect only what is necessary to operate the service:

(a) Email address — When you use multi-party signing workflows, we need email addresses to route signing invitations. These are used only for delivery and are not sold, shared, or used for marketing.

(b) Anonymous usage data — We may collect non-identifying analytics (pages visited, features used, browser type) to improve the product. This data cannot be tied back to you or your documents.

(c) Encrypted relay data — When using the optional Encrypted Relay Service for multi-party signing, your device sends encrypted data blobs that we cannot decrypt. See Section 4.

4. Encrypted Relay Service

For multi-party signing, Notis includes an optional relay that routes encrypted data between signers. Here’s what happens:

(a) Your device encrypts all workflow data before it leaves your machine. Only the intended recipient can decrypt it.

(b) The relay stores encrypted blobs temporarily. We do not have the decryption keys and cannot read the contents.

(c) Encrypted data is automatically deleted once the signing workflow is complete.

We operate the relay as a “mere conduit” — like a postal service that delivers sealed envelopes without opening them.

5. How We Use Information

The limited information we collect is used exclusively to:

(a) Deliver signing invitations to the email addresses you provide;

(b) Operate and maintain the Encrypted Relay Service;

(c) Improve Notis through anonymous, aggregated usage analytics;

(d) Respond to support requests you initiate;

(e) Comply with legal obligations (see Section 8).

We do not sell your data. We do not share it with advertisers. We do not use it to build profiles about you.

6. Data We Share

We share data only in these limited circumstances:

(a) With your signing counterparties — When you initiate a signing workflow, the other party receives only the encrypted data your device sends them through the relay.

(b) Service providers — We may use infrastructure providers (hosting, email delivery) who process data on our behalf under strict confidentiality agreements.

(c) Legal requirements — We may disclose information if required by law, subpoena, or court order. However, because we don’t have your documents or private keys, there is very little we could produce even if compelled.

7. Data Retention

(a) Documents, keys, signatures: We never have these, so there is nothing to retain or delete.

(b) Email addresses: Retained only as long as needed for active signing workflows, then deleted.

(c) Encrypted relay data: Automatically deleted upon workflow completion.

(d) Anonymous analytics: Retained in aggregate form for product improvement. Cannot be tied to individual users.

8. Law Enforcement and Subpoenas

If we receive a legal request for your data, here’s what we can and cannot provide:

What we can provide: Email addresses associated with signing workflows, anonymous usage logs, and encrypted data blobs we cannot decrypt.

What we cannot provide (because we don’t have it): Your documents, their contents, your private keys, your signatures, or any information about what you signed.

We will notify you of legal requests where permitted by law.

9. Your Rights

Depending on your jurisdiction, you may have the right to:

(a) Access the personal data we hold about you (which is minimal);

(b) Delete your data from our systems;

(c) Correct inaccurate information;

(d) Port your data to another service;

(e) Object to certain uses of your data.

To exercise these rights, contact us at privacy@collatio.io. Because we hold so little data, most requests can be fulfilled quickly.

10. Children’s Privacy

Notis is not directed at children under 13 (or 16 in jurisdictions where that applies). We do not knowingly collect information from children. If you believe a child has provided us with personal data, contact privacy@collatio.io and we will delete it.

11. International Data Transfers

Collatio is based in the United States. If you use Notis from outside the US, note that the minimal data we collect (email addresses, anonymous analytics) may be processed in the US. Your documents and keys stay on your device regardless of your location.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated at least thirty (30) days before they take effect. Your continued use of Notis after the effective date constitutes acceptance of the updated policy.

13. Contact

For privacy questions or requests: privacy@collatio.io

For general legal inquiries: legal@collatio.io

© 2026 Collatio LLC. All rights reserved.