Privacy Policy

1.Who we are

Restora (“Restora”, “we”, “us”) is an independent backup-and-restore tool for Notion, operated by Taha Bakri as a sole proprietor. Restora is not affiliated with, endorsed by, or sponsored by Notion Labs, Inc. For the purposes of data-protection law, the operator is the data controller for the limited processing described here. You can reach us at support@restora.cc.

2.What this policy covers

This policy covers the Restora web application and these policy pages. It does not cover Notion or Paddle, who process your data under their own privacy policies (see sections 7 and 8). When you connect Notion or pay through Paddle, their terms and privacy policies also apply to you.

3.What we don’t collect

Restora is built to need as little of your data as possible. We do not:

• create accounts or store passwords — you connect through Notion’s OAuth instead;
• run analytics, advertising, or tracking of any kind;
• set tracking or advertising cookies;
• keep server-side logs of your Notion content or of your access token.

4.Your Notion connection and access token

When you connect Notion, Notion issues an access token (and a refresh token) to the Restora integration. We handle that token as follows:

• it is encrypted with AES-256-GCM and stored only inside a cookie in your browser;
• the cookie is HttpOnly (your browser’s scripts and other websites cannot read it), Secure (sent only over HTTPS), and SameSite=Lax;
• only our server holds the key that can decrypt it, and it does so transiently, in memory, to make the Notion API calls you ask for;
• the token is never written to any database or file on our servers, never returned to your browser as readable data, and never logged;
• when the access token nears expiry we refresh it with Notion and re-encrypt the new token back into the cookie.

The cookie expires after at most 30 days, and is cleared when you log out.

5.How your Notion content is processed

When you run a backup, your Notion content passes through our server only in transit: we read it from Notion and stream it straight to a file that downloads to your device. When you run a restore, the backup file you upload streams through our server straight into Notion. We process this content transiently, in memory, to move it — we do not store it, cache it, or keep a copy.

Because we keep no copy, you are responsible for storing the backup files you download somewhere safe.

6.Cookies and local storage

Restora uses only what it needs to function:

• an encrypted session cookie holding your Notion authorization (described in section 4);
• a short-lived cookie holding an anti-forgery value during the Notion sign-in redirect;
• a single value in your browser’s local storage holding your Paddle subscription id, so the app can re-check your subscription when you return.

We set no analytics, advertising, or cross-site tracking cookies.

7.Billing data (Paddle)

Payments are processed by Paddle, which acts as the Merchant of Record (the reseller of the subscription). Paddle — not Restora — collects and processes your payment details, billing address, and any tax information, under Paddle’s own privacy policy and buyer terms. We do not receive or store your card details. To check whether your subscription is active, our server asks Paddle’s API about your subscription each time you use the tool, and stores nothing about it on our servers; your subscription id lives only in your browser. See Paddle’s policies at paddle.com.

8.Third parties and sub-processors

The only third parties involved in running Restora are:

• Notion — the workspace you connect; the source and destination of the data you back up and restore.
• Paddle — our payment reseller and Merchant of Record (billing only).
• Cloudflare — hosts the app and runs the server code at its edge; your requests pass through Cloudflare’s network in transit. We have disabled Cloudflare’s request-observability logging for the app.

We do not sell or share your data, and we use no advertising or analytics providers.

9.International data transfers

Restora is operated from the United Arab Emirates, and Notion, Paddle, and Cloudflare operate internationally, so your data may be processed in countries other than your own. Where required, we rely on the transfer protections offered by those providers.

10.Data retention

We retain essentially nothing on our servers: no Notion content, no token store, and no request logs. The encrypted session cookie lives in your browser and expires after at most 30 days, or immediately when you log out. The subscription id in your browser’s local storage stays until you clear it or use “Remove from this browser.” Billing records are retained by Paddle under its own policy.

11.Legal bases for processing (EEA/UK)

Where the GDPR or UK GDPR applies, we process your data to: perform the service you requested (running your backups and restores); pursue our legitimate interest in keeping the service secure and preventing abuse; and perform our contract with you for the paid subscription (through Paddle).

12.Your rights

Depending on where you live, you may have rights to access, correct, delete, port, or object to the processing of your personal data. Because Restora stores almost nothing about you:

• you can end our access at any time by disconnecting Restora in your Notion settings and logging out;
• you can clear the subscription id we hold in your browser with “Remove from this browser,” or by clearing your browser storage;
• for any personal or billing data held by Paddle, please contact Paddle, who holds those records.

To make a request or ask a question, contact us at support@restora.cc.

13.Children

Restora is a paid tool intended for adults and is not directed to children. We do not knowingly collect personal data from anyone under 16. If you believe a minor has used Restora, contact us and we will help.

14.Security

We protect your data with measures including: AES-256-GCM encryption of the Notion token; HttpOnly, Secure, SameSite cookies; no persistent server-side storage of your content or token; and a deliberately small set of third parties. No method of transmission or storage is ever completely secure, and we cannot guarantee absolute security.

15.Changes to this policy

We may update this policy as the product or the law changes. When we do, we will revise the “last updated” date above and, for material changes, surface a notice on this page or in the app.

16.Contact

Questions about this policy or your data: support@restora.cc.