Back to home

Privacy Policy

Last updated: December 2025

Notice: This privacy policy is provided as a template and should be reviewed by legal counsel. For enterprise customers, we offer custom data processing agreements (DPA) upon request.

1. Introduction

DocuAudit ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our document processing service.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

  • Name and email address
  • Company name and role
  • Authentication credentials (securely hashed)

2.2 Document Data

When you use our Service, you may upload:

  • PDF documents for processing
  • Associated metadata you provide

This data is processed solely to provide the Service and is not used for any other purpose.

2.3 Usage Data

We automatically collect limited technical information:

  • Log data (timestamps, actions performed)
  • Browser type and version
  • Error reports (without PII)

3. How We Use Your Information

We use your information to:

  • Provide and maintain the Service
  • Process your documents as requested
  • Communicate with you about the Service
  • Ensure security and prevent fraud
  • Comply with legal obligations

4. What We Do NOT Do

We do not:

  • Train AI/ML models on your document data
  • Sell or rent your personal information to third parties
  • Use your data for advertising or marketing purposes
  • Share your documents with other customers

5. Data Retention

We retain your data for as long as your account is active or as needed to provide the Service. Document data is retained according to your organization's settings and can be deleted upon request.

Upon account termination, we will delete your data within 30 days, except where retention is required by law.

6. Data Security

We implement appropriate technical and organizational measures to protect your data, including:

  • Encryption at rest and in transit
  • Access controls and authentication
  • Regular security assessments
  • Employee security training

7. Data Sharing

We may share your information only:

  • With service providers who assist in operating the Service (subject to confidentiality obligations)
  • When required by law or legal process
  • To protect our rights or the rights of others
  • With your explicit consent

8. International Data Transfers

Your data may be processed in the United States and European Union. We ensure appropriate safeguards are in place for international transfers in compliance with applicable data protection laws.

9. Your Rights (GDPR)

If you are in the European Economic Area, you have the right to:

  • Access your personal data
  • Rectify inaccurate personal data
  • Erase your personal data ("right to be forgotten")
  • Restrict processing of your personal data
  • Port your data to another service
  • Object to processing of your personal data

To exercise these rights, contact us at privacy@docuaudit.io.

10. Cookies

We use essential cookies only for authentication and session management. We do not use tracking cookies or third-party analytics that collect personal information.

11. Children's Privacy

Our Service is not intended for children under 16. We do not knowingly collect personal information from children.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date.

13. Data Processing Agreement

Enterprise customers may request a Data Processing Agreement (DPA) that provides additional contractual protections for personal data processing.

14. Contact Us

For questions about this Privacy Policy or our data practices, contact us at: