Privacy Policy
Last edited February 10, 2026
Notey, Inc. (“Notey,” “we,” “us,” or “our”) respects your privacy and is committed to protecting the personal information of students, parents, teachers, schools, and individual users.
This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use our websites, mobile applications (including iOS, Android, and Chrome), and related services (collectively, the “Services”).
Notey is an educational technology platform that turns real instruments and voice into interactive learning games for use at home and in schools. Because we serve educators and minors, we design our privacy practices to meet or exceed the requirements of:
- FERPA
- COPPA
- GDPR & UK GDPR
- CCPA/CPRA
Other applicable student data protection laws
1. Company Information
Notey, Inc.
310 Ross Rd
Unit 2D
Columbia, SC 29223
United States
support@notey.co
2. Scope of This Policy
This Policy applies to:
- Students
- Teachers and schools
- Parents/guardians
- Individual consumer users
- Visitors to notey.co
Two Types of Users
Because Notey operates both in schools and directly with families, we treat these groups differently:
A. School/Education Accounts (FERPA context)
When a school or district provides access:
The school controls student data
- Notey acts as a School Official with Legitimate Educational Interest
- We process data only for educational purposes
- We do NOT sell or use student data for advertising
B. Consumer/Direct Accounts
When individuals sign up directly:
- Data is processed under standard consumer privacy laws
- Marketing communications may occur (with consent or opt-out options)
- No sale of personal data
3. Information We Collect
We collect only the minimum information necessary to provide and improve the Services.
A. Information You Provide
- Name
- Email address
- Username/password
- School or teacher affiliation
- Billing/payment information
- Communications or support messages
- Feedback or survey responses
B. Student Information (Education Accounts)
- Nickname or alias
- Classroom/teacher association
- Practice progress and learning metrics
- Gameplay and music activity data
- Device/session identifiers
We intentionally avoid collecting sensitive personal data unless legally required.
C. Automatically Collected Information
- Device type, OS, browser
- IP address (approximate location only)
- Usage logs and session activity
- Crash/error reports
- Cookies and analytics identifiers
D. Third-Party Integrations
If you sign in via Google or another provider, we receive basic account information necessary to authenticate you.
Payment processors provide transaction confirmations (we do not store full card numbers)
4. How We Use Information
We use data to:
- Provide and operate the Services
- Create accounts and authenticate users
- Personalize learning experiences
- Track practice progress
- Support teachers and parents with dashboards
- Process payments and subscriptions
- Communicate service updates
- Provide customer support
- Improve features and performance
- Maintain safety and prevent misuse
- Comply with legal obligations
We do NOT:
- Sell personal data
- Sell student data
- Use student data for advertising
- Build advertising profiles of children
6. Legal Bases for Processing (GDPR/UK)
Where applicable, we rely on:
- Contract performance
- Legitimate interests (service improvement, safety)
- Legal obligations
- Consent (marketing, cookies where required)
7. How We Share Information
We share information only when necessary.
We may share with:
- Hosting/cloud providers
- Payment processors
- Analytics providers
- Customer support tools
- Schools/districts administering accounts
- Legal authorities when required
- Successors during business transfers
All vendors are contractually required to:
- Protect data
- Use it only for authorized purposes
- Maintain security safeguards
8. FERPA Compliance
When used by schools:
- Student records remain under school control
- Notey acts as a School Official
- Data used solely for educational services
- No advertising use
- No sale of student data
- Schools may request deletion/export anytime
9. Children’s Privacy (COPPA)
Children under 13 may use Notey only:
- Through a school, or
- With verified parental consent
We:
- Collect minimal necessary data
- Do not behaviorally advertise to children
- Allow parents/schools to review or delete data
Parents may contact support@notey.co.
10. Cookies & Analytics
We use cookies and similar technologies to:
- Maintain login sessions
- Improve performance
- Analyze usage trends
- Provide security
You may disable cookies in browser settings, though some features may not work.
11. Data Retention
We retain information only as long as necessary.
Typical practices:
- Active accounts → retained during use
- Deleted accounts → removed or anonymized within 30 days
- School contracts → retention per district agreements
- Legal/financial records → retained as required by law
We periodically delete inactive accounts.
12. Security
We implement industry-standard safeguards including:
- Encryption in transit (HTTPS/TLS)
- Secure cloud hosting
- Role-based access controls
- Password protections
- Monitoring and logging
- Vendor security reviews
No system is 100% secure, but we continuously improve protections.
13. Your Rights
Depending on your jurisdiction, you may:
- Access your data
- Correct inaccuracies
- Delete your data
- Export your data
- Restrict or object to processing
- Withdraw consent
- Opt-out of marketing
- Lodge a complaint with regulators
Requests: support@notey.co
14. California Privacy Rights (CCPA/CPRA)
California residents may:
Request access to collected information
Request deletion
Correct inaccuracies
Opt-out of sale/sharing
We do not sell personal information.
15. International Transfers
Data may be processed in the United States.
Where required, we use:
- Standard Contractual Clauses
- Contractual safeguards
- Vendor security requirements
16. Data Processing Addendum (DPA)
Schools and enterprise partners may request a signed Data Processing Addendum covering:
- Roles and responsibilities
- Security measures
- Subprocessors
- Breach notification
- International safeguards
Contact support@notey.co
17. Changes to This Policy
We may update this policy periodically.
Material changes will be posted or communicated through the Services.
18. Contact
Notey, Inc.
310 Ross Rd
Unit 2D
Columbia, SC 29223
United States
support@notey.co
Last edited February 10, 2026
Notey, Inc. (“Notey,” “we,” “us,” or “our”) respects your privacy and is committed to protecting the personal information of students, parents, teachers, schools, and individual users.
This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use our websites, mobile applications (including iOS, Android, and Chrome), and related services (collectively, the “Services”).
Notey is an educational technology platform that turns real instruments and voice into interactive learning games for use at home and in schools. Because we serve educators and minors, we design our privacy practices to meet or exceed the requirements of:
- FERPA
- COPPA
- GDPR & UK GDPR
- CCPA/CPRA
Other applicable student data protection laws
1. Company Information
Notey, Inc.
310 Ross Rd
Unit 2D
Columbia, SC 29223
United States
support@notey.co
2. Scope of This Policy
This Policy applies to:
- Students
- Teachers and schools
- Parents/guardians
- Individual consumer users
- Visitors to notey.co
Two Types of Users
Because Notey operates both in schools and directly with families, we treat these groups differently:
A. School/Education Accounts (FERPA context)
When a school or district provides access:
The school controls student data
- Notey acts as a School Official with Legitimate Educational Interest
- We process data only for educational purposes
- We do NOT sell or use student data for advertising
B. Consumer/Direct Accounts
When individuals sign up directly:
- Data is processed under standard consumer privacy laws
- Marketing communications may occur (with consent or opt-out options)
- No sale of personal data
3. Information We Collect
We collect only the minimum information necessary to provide and improve the Services.
A. Information You Provide
- Name
- Email address
- Username/password
- School or teacher affiliation
- Billing/payment information
- Communications or support messages
- Feedback or survey responses
B. Student Information (Education Accounts)
- Nickname or alias
- Classroom/teacher association
- Practice progress and learning metrics
- Gameplay and music activity data
- Device/session identifiers
We intentionally avoid collecting sensitive personal data unless legally required.
C. Automatically Collected Information
- Device type, OS, browser
- IP address (approximate location only)
- Usage logs and session activity
- Crash/error reports
- Cookies and analytics identifiers
D. Third-Party Integrations
If you sign in via Google or another provider, we receive basic account information necessary to authenticate you.
Payment processors provide transaction confirmations (we do not store full card numbers)
4. How We Use Information
We use data to:
- Provide and operate the Services
- Create accounts and authenticate users
- Personalize learning experiences
- Track practice progress
- Support teachers and parents with dashboards
- Process payments and subscriptions
- Communicate service updates
- Provide customer support
- Improve features and performance
- Maintain safety and prevent misuse
- Comply with legal obligations
We do NOT:
- Sell personal data
- Sell student data
- Use student data for advertising
- Build advertising profiles of children
5. Legal Bases for Processing (GDPR/UK)
Where applicable, we rely on:
- Contract performance
- Legitimate interests (service improvement, safety)
- Legal obligations
- Consent (marketing, cookies where required)
6. How We Share Information
We share information only when necessary.
We may share with:
- Hosting/cloud providers
- Payment processors
- Analytics providers
- Customer support tools
- Schools/districts administering accounts
- Legal authorities when required
- Successors during business transfers
All vendors are contractually required to:
- Protect data
- Use it only for authorized purposes
- Maintain security safeguards
7. FERPA Compliance
When used by schools:
- Student records remain under school control
- Notey acts as a School Official
- Data used solely for educational services
- No advertising use
- No sale of student data
- Schools may request deletion/export anytime
8. Children’s Privacy (COPPA)
Children under 13 may use Notey only:
- Through a school, or
- With verified parental consent
We:
- Collect minimal necessary data
- Do not behaviorally advertise to children
- Allow parents/schools to review or delete data
Parents may contact support@notey.co.
9. Cookies & Analytics
We use cookies and similar technologies to:
- Maintain login sessions
- Improve performance
- Analyze usage trends
- Provide security
You may disable cookies in browser settings, though some features may not work.
10. Data Retention
We retain information only as long as necessary.
Typical practices:
- Active accounts → retained during use
- Deleted accounts → removed or anonymized within 30 days
- School contracts → retention per district agreements
- Legal/financial records → retained as required by law
We periodically delete inactive accounts.
11. Security
We implement industry-standard safeguards including:
- Encryption in transit (HTTPS/TLS)
- Secure cloud hosting
- Role-based access controls
- Password protections
- Monitoring and logging
- Vendor security reviews
No system is 100% secure, but we continuously improve protections.
12. Your Rights
Depending on your jurisdiction, you may:
- Access your data
- Correct inaccuracies
- Delete your data
- Export your data
- Restrict or object to processing
- Withdraw consent
- Opt-out of marketing
- Lodge a complaint with regulators
Requests: support@notey.co
13. California Privacy Rights (CCPA/CPRA)
California residents may:
Request access to collected information
Request deletion
Correct inaccuracies
Opt-out of sale/sharing
We do not sell personal information.
14. International Transfers
Data may be processed in the United States.
Where required, we use:
- Standard Contractual Clauses
- Contractual safeguards
- Vendor security requirements
15. Data Processing Addendum (DPA)
Schools and enterprise partners may request a signed Data Processing Addendum covering:
- Roles and responsibilities
- Security measures
- Subprocessors
- Breach notification
- International safeguards
Contact support@notey.co
16. Changes to This Policy
We may update this policy periodically.
Material changes will be posted or communicated through the Services.
17. Contact
Notey, Inc.
310 Ross Rd
Unit 2D
Columbia, SC 29223
United States
support@notey.co