Privacy

Last updated: June 21, 2026

notify is notification infrastructure. We hold the least we can to deliver a notification, and nothing we don’t need to. This policy explains exactly what that is.

Overview

You — the developer — embed notify and tell us which of your users to notify. notify stores the device subscription behind an identifier you choose and delivers the message. We are a processor acting on your instructions; you decide who gets notified and what they’re told.

What we collect

• Push subscriptions — the browser push endpoint and its public keys (p256dh, auth), created by the user’s browser when they opt in.
• The user identifier you send — the userId you pass to notify.subscribe(). It is opaque to us. Send a pseudonymous id, not an email or name.
• API tokens — the tokens you create to authenticate requests.
• Operational data — IP addresses, timestamps, and request metadata, used only for rate limiting, abuse prevention, and debugging.

What we don’t do

• We don’t require an account to start.
• We don’t sell personal information — ever.
• We don’t track your end users across sites or build advertising profiles.
• We don’t retain notification content. Titles and bodies are encrypted and forwarded to the browser’s push service for delivery, then dropped.

How we use data

Strictly to run the service: map a userId to its devices, deliver notifications, enforce rate limits, prevent abuse, and keep enough records to debug delivery. Nothing here is used for marketing.

Who we share it with

• Browser push services — to deliver a notification, the encrypted payload is relayed through the user’s browser vendor (Google, Mozilla, Apple, or Microsoft). This is how the Web Push standard works.
• Infrastructure providers — the service runs on Cloudflare, which processes requests on our behalf.

That’s the entire list. No data brokers, no ad networks.

Retention

• Subscriptions: kept until the user unsubscribes or you delete the associated token.
• Tokens: kept until you delete them.
• Operational logs (incl. IP): kept briefly for security, then rotated out.
• Notification content: not retained after delivery.

New channels

notify starts with browser push and will add channels over time (in-app, email, and more). Each new channel follows the same rule — collect only what’s required to deliver — and this policy will be updated before a channel handles new categories of data.

Your controls

Deleting a token removes the subscriptions tied to it. End users can revoke notifications at any time in their browser, which invalidates the subscription. You can also run notify on your own Cloudflare account, in which case all data stays in your infrastructure.

Changes

We’ll post updates here with a new date. Material changes will be called out.

Contact

Questions or a deletion request? Email contact@getnotify.dev.