Privacy Policy

The primary data controller for personal data processed through Nowtarise is Stacklinx Computers, registered in Dubai, United Arab Emirates (“we”, “us”, “our”).

We operate the Nowtarise platform at https://nowtarise.com. Independent notaries, identity providers, and payment processors may also process your data as separate controllers or processors for their own fulfilment and compliance obligations. Where they act as processors on our instructions, we remain accountable for their handling under applicable data-protection law.

Privacy enquiries and rights requests: support@nowtarise.com.

This policy applies to visitors, customers, and individuals whose data appears in documents submitted through the service. If you are in the European Economic Area (EEA), United Kingdom, or Switzerland, we process personal data in accordance with the General Data Protection Regulation (GDPR) and applicable national laws.

Because we route EU document workflows, we may process identity data, biometrics (where required by a partner rail), document content, and transaction metadata originating from EU data subjects.Stacklinx Computers remains the primary Data Controller for platform-level processing unless stated otherwise for a specific partner-led step.

• Identity and account data: name, email, authentication identifiers, session tokens, and verification outcomes from our identity provider.
• Document data: PDF uploads, filenames, hashes, notarized outputs, and vault metadata.
• Payment data: billing details and transaction references processed by Stripe (we do not store full card numbers).
• Technical data: IP address, device and browser information, logs, cookies, and security telemetry.
• Compliance data: audit trails, consent records, and information required for KYC/KYB and partner notarization.

• Providing the service and fulfilling your order (contract — Art. 6(1)(b) GDPR).
• Payment, fraud prevention, and platform security (legitimate interests / contract — Art. 6(1)(b) and (f)).
• Regulatory compliance and record-keeping (legal obligation — Art. 6(1)(c)).
• Product improvement and analytics in aggregated or pseudonymised form where possible (legitimate interests — Art. 6(1)(f)).
• Marketing only with your consent where required (consent — Art. 6(1)(a)).

Notarized and high-assurance artifacts are stored in a WORM-compliant digital vault (write-once, read-many) designed to prevent silent alteration of sealed records. Object storage and databases holding personal data are protected with 256-bit AES encryption at rest, in addition to TLS 1.2+ encryption in transit.

Temporary uploads during checkout may reside in encrypted storage for a limited period before vaulting or deletion according to our retention schedule. Access is restricted by role, least-privilege policies, session binding, and authenticated download endpoints where applicable.

We maintain integrity controls, logging, and backup procedures appropriate to a regulated document workflow. No security measure is perfect; you are responsible for safeguarding your account credentials and devices.

We use vetted sub-processors for cloud hosting, payments (Stripe), customer authentication, email, and notarization or eIDAS identity rails (e.g. Signicat, ZealiD, and region-specific notary partners). Contracts include confidentiality, security, and data-processing terms consistent with GDPR Article 28 where applicable.

Stacklinx Computers is established in the United Arab Emirates. Data may be processed in the UAE, EEA, United States, and other countries where our infrastructure or partners operate. For EEA/UK transfers, we implement appropriate safeguards such as Standard Contractual Clauses and supplementary measures where required.

We retain personal data only as long as necessary for the purposes above, including statutory limitation periods. Temporary upload records are deleted or vaulted after fulfilment or expiry. Notarized artifacts may be subject to longer mandatory retention imposed by partner notaries or applicable law.

Depending on your location, you may have the right to access, rectify, erase, restrict processing, object to certain processing, and data portability. EEA/UK residents may lodge a complaint with a supervisory authority.

Access and deletion: You may request access to or deletion of personal data we control by emailing support@nowtarise.com. We will respond within applicable statutory timeframes and may require identity verification.

Limitations: Deletion or erasure may be delayed or refused where we must retain data to comply with law, defend legal claims, complete an active transaction, or where legally notarized artifacts are subject to mandatory retention periods imposed by an independent notary, regulator, or archival rule. In such cases we will explain the basis and retention period where permitted.

We use essential cookies for sessions, security, and locale preferences. Non-essential analytics or marketing cookies, if introduced, will be disclosed and consented to where required by law.

The service is not directed to individuals under 18. We do not knowingly collect personal data from children. Contact us if you believe a minor has provided data and we will take appropriate steps to delete it.

We may update this policy to reflect legal, technical, or business changes. Material updates will be posted here with a revised “Last updated” date. Continued use after changes constitutes notice where permitted by law.