Privacy Policy

Last updated: January 11, 2026

1. Introduction

Notify Dev ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service at notifydev.online.

By using our service, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Account Information

When you sign in with GitHub, we collect:

  • Your GitHub username
  • Your GitHub avatar URL
  • Your GitHub user ID
  • Your email address (if provided via GitHub)

2.2 Subscription Data

We store information about:

  • NPM packages you subscribe to
  • GitHub repositories you track
  • Blog RSS feeds you follow
  • Your notification preferences and schedule settings

2.3 Connected Services

If you connect notification channels, we store:

  • Slack webhook URLs or workspace identifiers
  • Telegram chat IDs
  • Email addresses for notifications

2.4 Technical and Log Data

We automatically collect certain technical information when you access our service:

  • IP address
  • Browser type and version
  • Operating system
  • Access timestamps
  • Pages visited and features used
  • Referring URLs

3. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA), we process your personal data based on the following legal grounds:

  • Contract: Processing is necessary to provide you with the service you requested (sending notifications about libraries and blogs you subscribe to)
  • Consent: You have given consent for processing for specific purposes (e.g., connecting third-party notification channels)
  • Legitimate Interest: Processing is necessary for our legitimate interests (e.g., improving our service, preventing fraud) where those interests are not overridden by your rights

4. How We Use Your Information

We use the collected information to:

  • Provide and maintain our service
  • Send you notifications about library updates and blog posts
  • Authenticate your account
  • Analyze usage patterns to improve our service
  • Communicate important service updates or security alerts
  • Detect and prevent fraud or abuse

5. Data Sharing and Disclosure

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

We may share your information only in the following circumstances:

  • Service Providers: With third-party services that help us operate our service (see Section 7)
  • Legal Requirements: If required by law, court order, or governmental authority
  • Safety: To protect the rights, property, or safety of Notify Dev, our users, or others
  • Business Transfers: In connection with a merger, acquisition, or sale of assets (you would be notified)

6. Data Storage and Security

Your data is stored on servers hosted by Railway. The service is operated from Ukraine.

We implement the following security measures:

  • Encryption of data in transit using TLS/HTTPS
  • Secure authentication via OAuth (GitHub)
  • Regular security updates and monitoring
  • Access controls limiting who can access your data

While we strive to protect your personal information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

7. Third-Party Services

We integrate with the following third-party services to provide our functionality:

  • GitHub - For authentication and fetching repository release data
  • NPM Registry - To fetch package version information
  • Slack - To send notifications to your workspace (only if you connect Slack)
  • Telegram - To send notifications via bot (only if you connect Telegram)
  • PostHog - For analytics and understanding how users interact with our service
  • Railway - Infrastructure and hosting provider

Each of these services has their own privacy policies. We encourage you to review them:

8. Cookies and Tracking

We use the following types of cookies and similar technologies:

  • Essential Cookies: Required for authentication and maintaining your session
  • Analytics Cookies: Used by PostHog to understand usage patterns and improve our service
  • Local Storage: Used to store your preferences and dashboard information locally in your browser

You can control cookies through your browser settings. Note that disabling essential cookies may prevent you from using certain features of our service.

9. Data Retention

We retain your data for the following periods:

  • Account Data: Retained for as long as your account is active
  • Subscription Data: Retained for as long as your account is active
  • Notification History: Retained for 90 days
  • Server Logs: Retained for 30 days
  • Analytics Data: Retained according to PostHog's retention policies

When you delete your account, we will delete or anonymize your personal data within 30 days, except where we are required to retain certain data for legal or legitimate business purposes.

10. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

10.1 All Users

  • Access: Request a copy of the personal data we hold about you
  • Correction: Request correction of inaccurate data
  • Deletion: Request deletion of your account and associated data
  • Disconnect: Disconnect notification channels (Slack, Telegram, Email) at any time through your dashboard

10.2 EEA Residents (GDPR)

  • Data Portability: Request your data in a structured, machine-readable format
  • Restriction: Request restriction of processing in certain circumstances
  • Object: Object to processing based on legitimate interests
  • Withdraw Consent: Withdraw consent at any time where processing is based on consent
  • Complaint: Lodge a complaint with your local data protection authority

To exercise any of these rights, please contact us using the information in Section 14.

11. Data Breach Notification

In the event of a data breach that affects your personal information, we will:

  • Notify affected users via email within 72 hours of becoming aware of the breach
  • Notify relevant supervisory authorities as required by applicable law
  • Provide details about the nature of the breach and steps we are taking to address it
  • Offer guidance on steps you can take to protect yourself

12. Children's Privacy

Our service is not intended for children under 13 years of age (or 16 in the EEA). We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately so we can delete it.

13. Changes to This Policy

We may update this Privacy Policy from time to time. When we make changes:

  • We will update the "Last updated" date at the top of this page
  • For significant changes, we will notify you via email (if you have provided one) or through a prominent notice on our website
  • We encourage you to review this Privacy Policy periodically

Your continued use of the service after changes are posted constitutes acceptance of the updated policy.

14. Contact Us

If you have any questions about this Privacy Policy, want to exercise your rights, or have concerns about our data practices, please contact us:

We will respond to your request within 30 days.

15. Governing Law

This Privacy Policy is governed by and construed in accordance with the laws of Ukraine. If you are located in the European Economic Area, you also have rights under the General Data Protection Regulation (GDPR). Nothing in this policy limits your rights under applicable local law.