Privacy Policy

GDPR compliance

notimon and all our service providers are GDPR compliant.

This document includes the Privacy Policy and the Data Processing Agreement.


notimon is based in South Africa. The data is hosted mainly in Europe. When we transfer data outside Europe we always make sure that the companies are compliant with EU privacy laws (e.g. they include the Standard Contractual Clauses in their DPA).

Data we hold

notimon stores data about:

  1. Our users (i.e. the customers who sign up to notimon in order to make use of the service).
  2. The email messages sent to notimon email addresses.

notimon does not share, or resell, any kind of user data (whether data described in point 1 or 2 above).

notimon collects the following information:

Data persistence and rectification

Our users can delete monitor parameters and stored messages by logging into their account and using functionality provided to delete their data. Users can contact support to request that all the data linked to their account is completely removed.

Email messages sent to notimon addresses are stored until the user deletes it, or until the mailbox capacity is reached

Technical log data for troubleshooting is automatically removed over time.

Personal data may be stored in encrypted backups for up to one year. Log data may be kept for up to one year.

Access to data and portability

notimon does not claim ownership on your data. You can access your account and export your data at any time.

Data usage

Data collected is used for:


Our users' consent is explicitly provided because they perform actions on notimon.

Anyone who sends mail to a notimon email address other than due to the actions of a notimon user, does so with the same expectations of consent to access of that data by the recipient and their email provider when sending email to any other email address.

Data protection and security

We care about security and we follow best practices to reduce the risk of data breaches.

When we design a new feature, security is a first class citizen.

Data breaches

Data breaches will be notified to our users within 72 hours, after having become aware of it.

Data processors

Data is collected and manipulated both on our own devices and on third-party servers. Our web application servers are provided by Hetzner Online GmbH. We also use other services suited for specific purposes: Cloudflare for security and performance, Sendgrid for emails, and Skrill for payments.

Analytics and cookies

As most websites do, we use cookies for technical reasons such as allowing users to perform actions on their account without continually re-authenticating themselves.

Beside that we use third party services (Google Analytics) for analytics. Data collected by those services is anonymized (IP anonymization) and it is not merged with data from other sources (i.e. it is used only for analytics and not shared to other services like Google Ads).

We use analytics to understand user behaviour to understand their needs and how the product can be improved to offer the best service possible.

Data holder

Data holder and data protection officer is Jan Daniel Bothma born 28 April 1987 and resident in South Africa.

For the data regarding our users (e.g. basic profile information, billing info, etc.) we are the data controller.