Privacy Policy

Welcome to Notify Beforehand ("we," "us," or "our"), a product of Eversoft Fzco, registered in the United Arab Emirates. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our website at notifybeforehand.com and use our SaaS platform.

By accessing or using our Service, you agree to the collection and use of information in accordance with this policy. If you do not agree with the terms of this policy, please do not access the Service.

2.1 Personal Information You Provide

• Account Information: Name, email address, and password when you create an account.
• Company Information: Organization name, team size, and industry.
• Employee Data: Employee names, email addresses, certification details, and expiry dates that you enter into the platform.
• Payment Information: Billing details processed securely through our payment provider, Paddle.com. We do not store credit card numbers on our servers.
• Documents: Certification documents you upload to our secure document vault.

2.2 Information Collected Automatically

• Usage Data: Pages visited, features used, time spent on the platform, and interaction patterns.
• Device Information: Browser type, operating system, device type, and screen resolution.
• Log Data: IP address, access times, and referring URLs.
• Cookies: We use essential cookies for authentication and session management. See Section 8 for details.

We use the information we collect to:

• Provide, operate, and maintain the Service
• Send automated certification expiry reminders via email
• Process payments and manage subscriptions
• Communicate with you about your account, updates, and support requests
• Improve and personalize your experience
• Analyze usage patterns to improve our product
• Detect, prevent, and address security issues
• Comply with legal obligations and enforce our terms

Your data is stored on Google Firebase infrastructure, which maintains SOC 2 compliance and provides enterprise-grade security. All data is:

• Encrypted at rest using AES-256 encryption
• Encrypted in transit using TLS 1.2+
• Stored in secure, geographically distributed data centers
• Protected by access controls, monitoring, and regular security audits

While we implement commercially reasonable security measures, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

We do not sell, trade, or rent your personal information to third parties. We may share information with:

• Paddle.com: Our Merchant of Record for payment processing, tax compliance, and billing.
• Google Firebase: Our infrastructure provider for authentication and data storage.
• Resend: Our email service provider for delivering certification reminders and transactional emails.
• Google Ads (gtag.js): We use Google Ads conversion tracking to measure the effectiveness of our advertising. This is loaded only after you accept analytics cookies via our cookie banner; until then, Google Consent Mode v2 keeps ad and analytics storage denied.
• Legal Requirements: When required by law, regulation, or legal process.

Depending on your location, you may have the following rights:

• Access: Request a copy of the personal data we hold about you.
• Correction: Request correction of inaccurate personal data.
• Deletion: Request deletion of your personal data, subject to legal retention requirements.
• Portability: Request your data in a structured, commonly used format.
• Objection: Object to the processing of your personal data for certain purposes.

To exercise any of these rights, please contact us at support@notifybeforehand.com.

We retain your personal data for as long as your account is active or as needed to provide the Service. If you close your account, we will delete your data within 30 days, except where retention is required by law or for legitimate business purposes (e.g., audit logs, fraud prevention).

We use the following types of cookies:

• Essential Cookies: Required for authentication and session management. These cannot be disabled.
• Analytics Cookies: Help us understand how you use the platform to improve our service. These can be opted out of.
• Advertising Cookies (Google Ads):Used to measure conversions from our paid advertising campaigns and, if you visit a Google property, to show you relevant ads. These load only after you click "Accept all" on the cookie banner; clicking "Essential only" keeps them blocked at the source via Google Consent Mode v2.

You can control cookies through your browser settings. Note that disabling essential cookies may prevent you from using certain features.

Our Service is not directed to individuals under the age of 16. We do not knowingly collect personal information from children. If we become aware that we have collected personal data from a child without parental consent, we will take steps to delete that information.

Your data may be transferred to and processed in countries other than the UAE, including the United States (where our infrastructure providers operate). We ensure that appropriate safeguards are in place in accordance with applicable data protection laws.

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the updated policy on this page and updating the "Last updated" date. Your continued use of the Service after changes constitutes acceptance of the revised policy.

If you are a resident of California, the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA) provides you with additional rights regarding your personal information.

12.1 Categories of Personal Information We Collect

• Identifiers: Name, email address, account ID, IP address.
• Commercial information: Subscription plan, billing history (handled by Paddle).
• Internet/network activity: Pages visited, feature usage, device and browser type.
• Professional information: Employer organization, employee certification records you upload.

12.2 We Do Not Sell or Share Your Personal Information

We do notsell your personal information for monetary consideration, and we do not "share" it for cross-context behavioral advertising as those terms are defined under the CCPA/CPRA. We have not done so in the preceding twelve (12) months.

12.3 Your California Rights

• Right to know: Request disclosure of the categories and specific pieces of personal information we have collected about you.
• Right to delete: Request deletion of personal information we have collected from you, subject to certain exceptions.
• Right to correct: Request correction of inaccurate personal information.
• Right to opt out:Direct us not to "sell" or "share" your personal information (we do neither, but the right exists regardless).
• Right to limit use of sensitive personal information: We do not use sensitive personal information for purposes that would require this right.
• Right to non-discrimination: We will not discriminate against you for exercising any of these rights.

12.4 How to Exercise Your Rights

Submit a verifiable consumer request by emailing privacy@notifybeforehand.com with the subject line "California Privacy Request." We will respond within 45 days. You may designate an authorized agent to make a request on your behalf; we will require written proof of authorization and verification of your identity.

12.5 "Do Not Sell or Share My Personal Information"

Because we do not sell or share personal information, no opt-out link is required. If our practices change, we will update this policy and provide a clear opt-out mechanism here and in the site footer.

If you have any questions about this Privacy Policy, please contact us:

• Email: support@notifybeforehand.com
• Company: Eversoft Fzco
• Location: United Arab Emirates