DocuExtract

Privacy Policy

Effective Date: [EFFECTIVE_DATE]

[COMPANY_NAME] ("we," "us," or "our") operates [DOMAIN_NAME] (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information.

Your Privacy Matters

We are committed to protecting your personal information and your right to privacy. Please read this policy carefully to understand how we handle your data.

1. Information We Collect

1.1 Personal Information

When you register for an account, we collect:

  • Name and email address
  • Company name and business information
  • Payment information (processed securely through third-party payment processors)
  • Account credentials

1.2 Document Data

When you use our Service, we process:

  • Uploaded billing documents, invoices, and financial records
  • Extracted data from your documents
  • Document metadata (upload date, file size, processing status)

1.3 API Credentials

We store your third-party API keys and authentication credentials in encrypted form to enable integration with accounting systems.

1.4 Usage Information

We automatically collect:

  • Log data (IP address, browser type, access times)
  • Usage patterns and feature interactions
  • Device information and operating system
  • Cookies and similar tracking technologies

2. How We Use Your Information

We use your information to:

  • Provide, operate, and maintain the Service
  • Process your documents using AI/LLM technology
  • Connect to and transmit data to third-party accounting systems on your behalf
  • Improve and personalize your experience
  • Send administrative information and service updates
  • Respond to customer support requests
  • Detect and prevent fraud or abuse
  • Comply with legal obligations

3. AI Model Training

We DO NOT use your uploaded documents or extracted financial data to train AI models.

Your business data remains confidential and is used solely to provide the Service to you.

4. Data Sharing and Disclosure

4.1 Third-Party Service Providers

We may share your information with:

  • AI/LLM Providers: To process your documents for data extraction
  • Cloud Infrastructure: For secure data storage and hosting
  • Payment Processors: To handle subscription payments
  • Analytics Providers: To understand usage patterns and improve the Service

4.2 Third-Party Accounting Systems

With your explicit authorization, we transmit extracted data to third-party accounting systems using your provided API keys.

4.3 Legal Requirements

We may disclose your information if required by law, court order, or to protect our rights, safety, or property.

5. Data Security

We implement industry-standard security measures:

  • Encryption of data at rest and in transit (TLS/SSL)
  • Encrypted storage of API keys
  • Access controls and authentication
  • Regular security audits and monitoring
  • Secure data centers with physical security

However, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

6. Data Retention

6.1 Storage Limits

You are allocated 100MB of total storage for all uploaded documents and extracted data. You are responsible for managing your storage by deleting documents you no longer need.

6.2 Retention Periods

  • Active Accounts: Data is retained indefinitely while your account is active and within storage limits
  • Document Data: You can delete documents at any time through the Service
  • Non-Payment (Paid Accounts): After 30 days of non-payment, your account is suspended. After 60 days, we may permanently delete all data
  • Account Termination: You have 30 days to export data before permanent deletion
  • Service Discontinuation: We will provide 60 days' notice (where feasible) before permanently deleting data
  • Legal Requirements: Some data may be retained longer if required by law or for legitimate business purposes (e.g., financial records, audit logs)

6.3 Guest Users

Guest User Data Retention

If you use the Service as a guest (without creating an account):

  • Uploaded Documents: Deleted immediately after processing (typically within minutes)
  • Extracted Data: Not retained after your session ends
  • Email Address: Retained only for marketing communications and service updates if you opt in
  • Usage Data: Basic analytics (IP address, browser type) may be retained for security and fraud prevention

We do not retain guest user documents or extracted financial data beyond the immediate processing session.

Important: Backup Your Data

We are not a backup service. You are responsible for maintaining your own backups of important documents. We recommend regularly exporting your data and storing copies in your own systems.

7. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access: Request a copy of your personal information
  • Correction: Update inaccurate or incomplete information
  • Deletion: Request deletion of your personal information
  • Portability: Receive your data in a portable format
  • Objection: Object to certain processing of your information
  • Withdraw Consent: Withdraw consent for data processing where applicable

To exercise these rights, contact us at [DPO_EMAIL].

8. Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Maintain your session and authentication
  • Remember your preferences
  • Analyze usage patterns and improve the Service
  • Provide security features

You can control cookies through your browser settings, but disabling cookies may affect Service functionality.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your information in accordance with this Privacy Policy and applicable laws.

10. Children's Privacy

The Service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware of such collection, we will delete it promptly.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or through the Service at least 30 days before they take effect. Continued use after changes indicates acceptance.

12. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact:

Data Protection Officer: [DPO_EMAIL]

Privacy Inquiries: [LEGAL_EMAIL]

Customer Support: [SUPPORT_EMAIL]

Business Address: [COMPANY_ADDRESS]

13. Malaysia Personal Data Protection Act (PDPA)

[COMPANY_NAME] is committed to compliance with Malaysia's Personal Data Protection Act 2010 (PDPA).

We are registered with the Personal Data Protection Commissioner and adhere to the seven Personal Data Protection Principles:

  • General Principle
  • Notice and Choice Principle
  • Disclosure Principle
  • Security Principle
  • Retention Principle
  • Data Integrity Principle
  • Access Principle

For PDPA-related inquiries, contact our Data Protection Officer at [DPO_EMAIL].

Last Updated: [EFFECTIVE_DATE]

Return to Home | Terms & Conditions