The NEST
The NESTby The Notary Edge

Security & Privacy

Built for elite mobile notaries who keep total control of their data. Here is exactly how The NEST protects your business records.

Security & Data Protection: Keeping Your Account and NPI Safe

At MyNotaryEdge, security is built into every layer of our platform. Because independent notaries handle highly sensitive Non-Public Personal Information (NPI), loan documents, and identity verification records, we maintain strict security protocols to ensure compliance with the Gramm-Leach-Bliley Act (GLBA) and state notary regulations. Here is exactly how our platform protects your data, how our session management keeps you efficient, and what you can expect when logging in.

Strict Tenant Isolation

Database-enforced multi-tenant separation via Postgres Row-Level Security plus app-level user scoping. Another subscriber cannot query, view, or cross paths with your records.

Encryption & Credential Protection

Passwords are hashed with bcrypt. Your connected Google (Sheets + Calendar) OAuth refresh tokens are AES-256-GCM encrypted at rest.

Session-Only Data Access

Your signing, relationships, and tax data is read only inside your own authenticated session — no unattended cron job reads or transmits your business data. The only background jobs (recurring-expense materializer, public statutory-fee check) never read your private data.

Your Own Copy in Google Drive

Optionally keep a reconciled copy of your operational ledger in your own private Google Drive workbook — synced on login, roughly daily, not a continuous live mirror. Your archive stays yours.

Compliance

Built for the way notaries are regulated

Independent notaries handle highly sensitive Non-Public Personal Information (NPI), loan documents, and identity records. The NEST is designed around the obligations that come with that responsibility.

  • Aligned with Gramm-Leach-Bliley Act (GLBA) safeguarding expectations
  • Respects state notary regulations for record handling
  • You stay the custodian of your own client records
MFA Enrollment Requirements

Multi-factor authentication is required, not optional

Because your account can reach sensitive business and client data, every member must enroll in multi-factor authentication (MFA). After your password, you confirm a one-time code from an authenticator app before the app unlocks.

  • Time-based one-time passcodes (TOTP) via any authenticator app
  • Enrollment is enforced on first login — the app won't open without it
  • Trusted devices remember your check so you're not re-challenged constantly
Data Security & Encryption Standards

Encryption and isolation at every layer

Your credentials and connected accounts are protected with modern encryption, and your records are separated from every other subscriber at the database level.

  • Passwords hashed with bcrypt — never stored in plain text
  • Google (Sheets + Calendar) OAuth tokens AES-256-GCM encrypted at rest
  • Postgres Row-Level Security enforces strict per-account isolation
  • Traffic is encrypted in transit over HTTPS

The NEST Security Promise

  • We do not aggregate your pricing data. Your personal AR numbers are strictly your own.
  • We do not sell user data. We provide the cockpit, you own the archive.
  • Take your data with you. Export your records anytime — and if you connect Google Drive sync, a reconciled copy lives in your own private workbook, so your archive is always yours.