Security, privacy, and how we handle your workspace data.
Notion Scan reads workspace metadata to produce consultant-grade analysis. The policies below describe what we access, how we protect it, and how we keep tenants isolated.
Policies and disclosures
Security Overview
How we encrypt Notion tokens, isolate customer data, and harden the infrastructure that supports Notion Scan.
Privacy Policy
What we collect, how we use it, who we share it with, and the privacy rights that may apply.
Subprocessors
The third-party services we use to deliver Notion Scan, what each does, and where data is processed.
Data Retention Policy
How long we keep customer data, what triggers deletion, and the timeframes you can expect.
Customer Isolation Policy
How we keep one customer's data separate from every other customer's data at the database, token, and application layers.
Incident Response Plan
How we detect, contain, and communicate about security incidents that affect customer data.
Information Security Policy
The umbrella policy that governs how Notion State protects customer data, including governance, classification, and review cadence.