Last updated on January 21, 2026
Privacy Policy
This Privacy Policy explains how Bizznote collects, uses, and protects your information when you use the Bizznote platform, in accordance with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC ("GDPR").
1. Data Controller
The controller, within the meaning of Art. 4(7) of the GDPR, responsible for your personal data is Jan Kejř, IČO: 10676678, V Semaji 398, 417 61, Bystřany ("Bizznote", "we" or "us"). For privacy-related inquiries, contact us at privacy@bizznote.com. Bizznote has not appointed data protection officer.
2. Information We Collect
Account Information. When your account is created by Bizznote or your organization's administrator, we collect your email address, first and last name, and password. Passwords are stored in hashed form only.
Document Data. When you submit documents for analysis, we collect the uploaded files (PDF, PPTX, DOCX), contact information you provide, and submission titles and notes.
Technical Information. We automatically collect IP address, browser and device information, login timestamps, and API usage data.
Usage Data. We track AI analysis operations, feature usage, and session activity to improve our services.
3. How We Use Your Information
We use your information to provide the Service including document analysis and report generation, manage your account and authenticate access, improve and optimize platform performance, send service-related notifications, detect and prevent unauthorized access or abuse, for invoicing purposes and for handling complaints that you have submitted to us.
4. Document Security and Data Isolation
Each organization receives a fully isolated deployment with a dedicated database instance and dedicated file storage. Your data is never mixed with or accessible by other organizations.
Encryption. All data is encrypted in transit (TLS/HTTPS) and at rest. Passwords and API tokens are stored in hashed form.
No AI Training. Neither we nor our AI providers use your data to train AI models.
5. Third-Party Services
| Service | Purpose |
|---|---|
| AWS | Cloud infrastructure and file storage |
| Hetzner | Cloud infrastructure |
| OpenAI | AI analysis |
| Anthropic | AI analysis |
All third-party services process data under data protection agreements.
6. Data Sharing
We do not sell your personal information. We share data only with service providers necessary to operate the platform, for legal compliance when required by law, and to protect the rights, property, or safety of Bizznote or others.
7. Data Retention
Account data is retained for the duration of your account. Documents and analyses are retained until deleted by you. Upon account termination, data is available for export for 30 days, then securely deleted.
Personal data necessary for the fulfilment of statutory obligations (invoicing data) are retained for the period required by law, i.e. 10 years.
We may also store personal data for longer periods if it is necessary to protect our rights in proceedings before courts and other state and administrative authorities.
8. Your Rights
Depending on your jurisdiction, you have the right to access your personal data, correct inaccurate data, delete your data, restrict or object to processing, data portability, and withdraw consent. To exercise these rights, contact privacy@bizznote.com. We respond to GDPR requests within 30 days and CCPA requests within 45 days.
9. Cookies
We use essential cookies only for authentication (HTTP-only secure cookies) and security (CSRF protection). We do not use advertising or analytics cookies.
10. International Data Transfers
Data is primarily stored in the European Union. For transfers outside the EU (to AI providers), Standard Contractual Clauses (SCCs) and appropriate safeguards are in place.
11. Children's Privacy
Bizznote is a business platform not intended for individuals under 18 years of age. We do not knowingly collect information from anyone under 18.
12. Security
We implement encryption, access controls, and security monitoring to protect your data. In the event of a data breach, affected users will be notified as required by law.
13. California Privacy Rights (CCPA)
California residents have the right to know what personal information is collected, request deletion of personal information, and opt-out of sale (we do not sell personal information). To exercise these rights, contact privacy@bizznote.com.
14. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by updating the "Last Updated" date and sending email notification for significant changes.
15. Contact
For privacy inquiries: privacy@bizznote.com
For EU residents, you have the right to lodge a complaint with your local data protection authority, which in the case of the Czech Republic is the Office for Personal Data Protection.