Privacy Policy

We are deeply committed to ensuring the security of your data & documents.

Effective Date: 1 September 2023

Introduction

At Documentero (“we,” “us,” or “our”), we take your privacy seriously. This Privacy Policy outlines how we collect, use, and protect your personal information when you use our Software-as-a-Service (SaaS) document generation service. We are committed to complying with the General Data Protection Regulation (GDPR) and ensuring the security and privacy of your data.

Information We Collect

We collect and process the following types of data:

  1. User Account Information: When you create an account, we collect personal information such as your name, email address, and password.

  2. Document Generation Data: When you use our service to generate documents through API or forms, we temporarily collect data provided by you for the sole purpose of document generation. This data includes information necessary to create the documents.

  3. Document Templates: We store document templates that you create and manage within your account.

  4. Activity Logs: We maintain logs of activities related to document generation, including which templates were used and when documents were generated.

How We Use Your Data

We use your data for the following purposes:

  1. Account Management: To create and manage your user account.

  2. Document Generation: To process the data you provide via API or forms to generate documents as per your instructions. We do not use this data for any other purpose, and it is stored temporarily, typically for up to 24 hours.

  3. Document Templates: To store and manage document templates you create (including template fields and configuration).

  4. Activity Logging: To maintain logs for auditing and security purposes, including recording when documents were generated and which templates were used.

Data Security

We prioritize the security of your data:

  • Secure Access: Your account is protected by login credentials (username and password).
  • Data Encryption: Data transmitted to and from our service is encrypted using HTTPS.
  • Regular Security Audits: We conduct routine security assessments and updates to safeguard against vulnerabilities.

Data Retention

We retain your data as follows:

  1. Temporary Data: Data provided for document generation is stored for a maximum of 24 hours or until the document is generated, whichever occurs first. Generated documents are stored for a maximum of 24 hours.

  2. Document Templates: We store document templates for as long as your account remains active.

  3. Activity Logs: Activity logs are retained for auditing and security purposes for up to 60 days.

Your Rights

Under GDPR, you have specific rights regarding your personal data. You can:

  • Access and review your data.
  • Correct inaccuracies in your data.
  • Request the deletion of your data (subject to legal requirements and our data retention policies).
  • Object to or restrict the processing of your data.
  • Receive a copy of your data in a structured format.

To exercise these rights or if you have any questions about your data or this Privacy Policy, please contact us at support@documentero.com.

Subprocessors List

In addition to our commitment to safeguarding your data and ensuring its privacy, we use third-party subprocessors to help us deliver our services. These subprocessors are trusted partners, and we ensure they comply with data protection regulations. Here is a list of our current subprocessors:

  1. Google Cloud Firebase, Cloud Storage & Firestore Database:

    • Purpose: We use Google Cloud services to store user account information, document templates, and account activity logs. This includes personal information such as names and email addresses.
    • Security Measures: Google Cloud employs encryption-at-rest to protect data stored within its infrastructure.

  2. Brevo:

    • Purpose: We use Brevo as a service for sending transactional emails to users. These emails may contain generated documents or important account-related information.
    • Security Measures: Brevo follows industry-standard security practices to ensure the safe and secure transmission of email communications.

  3. Google Analytics:

    • Purpose: We use Google Analytics to gather insights into user behavior on our website and improve our services. Google Analytics collects data such as IP addresses, device and browser information, and user interactions.
    • Security Measures: Google Analytics follows to industry standards for user data protection.

  4. LogRocket:

    • Purpose: We use LogRocket to record and analyze user interactions with our web application. This helps us identify and resolve user issues, improve user experience, and troubleshoot technical problems.
    • Security Measures: LogRocket adheres to industry standards for data security and provides tools for redacting sensitive information captured during user sessions.

Please note that while we take the necessary precautions to secure your data with these subprocessors, their privacy policies and data processing practices may also apply. We encourage you to review the privacy policies of these subprocessors for more information on how they handle your data.

Integration Privacy Policy

At Documentero, we understand the importance of providing our users with the flexibility to integrate our service with other applications and platforms to enhance their experience. This section outlines how data is handled when you use integrations with our service, including but not limited to Zapier, Make.com, Pabbly Connect, OpenAI, and Integrately.

Third-Party Data Processing

It's important to note that when you use integrations, the data shared may be subject to the privacy policies and data processing practices of the integrated service. We encourage you to review the privacy policies of the integrated services to understand how they handle your data.

User Control

You have control over the integrations you enable within your account. You can manage and configure integrations, including revoking access to integrated services by changing your API Key.

Questions and Contact Information

If you have any questions or concerns regarding our subprocessors or how we process your data, please do not hesitate to contact us at support@documentero.com.

Changes to this Privacy Policy

We may update this Privacy Policy to reflect changes in our data practices or legal requirements. Any updates will be posted on our website, so we encourage you to review this policy periodically.

Thank you for using Documentero. We are committed to protecting your privacy and data security.

Data processing agreement

Data Processing Agreement