Legal

Privacy Policy

How we collect, use, share, and protect information when you use DocuCraft AI — across Free, Pro, and Custom plans.

Last updated: August 22, 2025
Quick links
Terms of Service Choose a Plan
This page is a product privacy template. Get legal counsel for your jurisdiction.
Table of Contents
1. Scope 2. Plan-Specific Data Handling 3. Data We Collect 4. How We Use Data 5. Sharing & Transfers 6. Cookies & Analytics 7. Security 8. Retention 9. Your Rights 10. Children’s Privacy 11. BYO API & Model Providers 12. International Transfers 13. Changes to this Policy 14. Contact
Tip: Need a DPA or custom retention/SLA? Ask us — we support enterprise requirements.

1. Scope

This Privacy Policy describes how DocuCraft AI (“we”, “us”, “our”) handles information when you visit our website, create an account, or use our products and services (collectively, the “Service”).

2. Plan-Specific Data Handling

Plan Model Usage Logging & Telemetry Notes
Free BYO API (your own model keys) + one-time 100k-token PRO trial Basic app telemetry and error logs; minimal metadata for trial anti-abuse We don’t see provider billing on your BYO keys. Trial content isn’t used to train third-party foundation models.
Pro DocuCraft AI hosted models up to 1,000,000 tokens/month Operational logs/metadata (e.g., timestamps, token counts, request IDs) retained briefly for reliability, troubleshooting, and abuse prevention We do not use your content to train third-party foundation models. Aggregated metrics may be used to improve system performance.
Custom Hosted models with custom quotas; optional private endpoints Telemetry scope, retention, and access can be contract-bound (SLA, DPA, region pinning) We support SSO, org policies, reviewer chat, and ISBN workflows; processing terms defined in the MSA/Order Form/DPA.

3. Data We Collect

Account & Contact. Name, email, password (hashed), organization, and preferences. For Pro billing, limited payment metadata from our processor (no full card details stored by us).

Product Usage. App interactions, feature usage, device/browser info, IP address, timestamps, approximate location derived from IP, crash logs.

Content. Documents you create or upload, prompts, comments, and metadata (e.g., titles, structure). You control what you store.

Support. Messages you send to support, feedback, and survey responses.

Optional Integrations. If you connect third-party services (e.g., cloud storage), we receive tokens/IDs necessary to enable the integration.

4. How We Use Data

  • Provide and maintain the Service (auth, documents, collaboration, workflows).
  • Process AI requests and return outputs you request.
  • Improve reliability, safety, and performance; debug and prevent abuse.
  • Communicate about updates, security, billing, and support.
  • Comply with legal obligations and enforce our Terms.

5. Sharing & Transfers

We do not sell personal data. We share data with:

  • Vendors/Processors who help deliver the Service (hosting, analytics, email, payment). They must follow confidentiality and security obligations.
  • Legal/Compliance when required by law or to protect rights, safety, and integrity of the Service.
  • Change of Control if we undergo a merger, acquisition, or asset sale; we’ll notify you where required.

6. Cookies & Analytics

We use cookies and similar technologies to keep you signed in, remember preferences, and understand usage. You can control cookies via your browser settings. Disabling certain cookies may affect functionality.

7. Security

We apply reasonable organizational and technical safeguards (encryption in transit, access controls, backups). No system is perfectly secure. If you suspect unauthorized access, contact [email protected].

8. Retention

We retain personal data as long as needed to provide the Service and for legitimate business purposes (e.g., security, compliance), then delete or anonymize it. You can delete individual documents and request account deletion.

9. Your Rights

Subject to applicable law, you may request to access, correct, export, or delete your data, and object to or restrict certain processing. To submit a request, email [email protected] from the address associated with your account. We may ask for verification to protect your account.

10. Children’s Privacy

The Service is not directed to children under the minimum age required by law in your jurisdiction. If we learn that we collected data from an ineligible user, we will delete it.

11. BYO API & Model Providers

Free (BYO API). If you connect your own AI providers (e.g., OpenAI, Gemini), prompts and data you choose to send will be transmitted to those providers under their policies. You control and are responsible for those connections, including costs and data handling by the provider.

Pro & Custom (Hosted Models). We process prompts and outputs to generate results, operate rate limits, and detect abuse. We may store minimal logs/metadata for a limited period to troubleshoot issues and ensure fair use. We do not use your content to train third-party foundation models. Custom plans may specify stricter controls (e.g., region pinning, private endpoints) in the DPA/MSA.

12. International Transfers

We may process and store data in countries other than yours. Where required, we rely on appropriate safeguards (e.g., contractual clauses) for cross-border transfers.

13. Changes to this Policy

We may update this Policy as our Service evolves. Material changes will be announced with reasonable notice. Continued use after the effective date means you accept the new Policy.

14. Contact

For privacy questions or requests, contact:

Heads up: This Privacy page is a product template. Adapt to your exact data flows, processors (hosting, email, payment), and BYO API providers. Custom plan terms in your DPA/MSA take precedence where they differ.