Privacy Policy

1. Information We Collect

We may collect the following types of information:

1.1. Account & Contact Information

• Name
• Email address
• Password (stored in hashed form)
• Business name and details (if provided)

1.2. Usage & Document Data

When you use the Service to generate or manage documents, we may process:

• Document inputs you provide (e.g. client names, item descriptions, prices, policies)
• Generated document content (invoice, quotation, receipt, policies, agreements, etc.)
• Metadata such as document type, timestamps, and usage statistics

1.3. Technical & Log Information

We may automatically collect:

• IP address
• Browser type and version
• Device information
• Pages visited, time and date of your visit
• Referring website or link

This information is used for security, analytics, and improving the Service.

1.4. Payment Information

If you subscribe to a paid plan, payments may be processed by third-party payment providers.

• We do not store full payment card details on our servers.
• We may store limited information such as transaction IDs, payment status, and billing-related details for record and support purposes.

2. How We Use Your Information

We use your information to:

1. Provide and operate the Service, including document generation, storage, and export.
2. Maintain and improve the Service, user experience, and features.
3. Communicate with you, including:
   • Account-related updates
   • Support responses
   • Important notices about changes to the Service or policies
4. Process payments, subscriptions, and billing.
5. Monitor and prevent abuse, fraud, and security incidents.
6. Comply with legal obligations and enforce our Terms of Service.

3. AI Processing & Third-Party Providers

Certain features of the Service (e.g. Terms & Conditions, Return/Refund policies, and simple agreements) use AI models provided by third-party vendors (such as OpenAI).

When you use these features:

• Your input text may be sent to these third-party providers for processing;
• The provider returns generated text, which we display as output to you.

We take reasonable steps to:

• Use reputable providers;
• Configure them to not use your data for training their public models where such settings are available.

Use of third-party AI providers is also subject to their own terms and privacy policies.

4. Legal Basis for Processing

Where required by law, we rely on the following legal bases for processing your personal data:

• Contract: To provide the Service you requested (e.g. account creation, document generation).
• Legitimate Interests: To improve the Service, protect security, and prevent abuse.
• Consent: For certain communications or processing, where we explicitly request it.

5. Data Retention

We retain your personal data and document data for as long as:

• Your account remains active; or
• It is necessary to provide you with the Service; or
• Required by law or legitimate business purposes (e.g. accounting, security logs).

If you delete your account, we will:

• Delete or anonymise personal data that is no longer needed;
• Retain limited data where required for legal, tax, or security reasons.

6. Data Security

We implement reasonable technical and organisational measures to protect your data, including:

• HTTPS encryption for data in transit;
• Encryption at rest provided by our hosting/database providers;
• Access controls and authentication to limit internal access to production systems.

To help protect your account:

• Use a strong, unique password;
• Do not share your login credentials;
• Notify us immediately if you suspect unauthorised access.

7. Data Sharing & Transfers

We may share your data with:

1. Service providers and vendors, such as:
   • Hosting providers
   • Database providers
   • Payment processors
   • AI model providers

   These third parties are only permitted to process your data as needed to perform services on our behalf and are expected to protect your data.

2. Legal and regulatory authorities, where required by law, regulation, court order, or to protect our rights and the rights of others.
3. Business transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred as part of the transaction, subject to confidentiality obligations.

We may transfer and store data on servers located outside of your country. By using the Service, you consent to such transfers, subject to appropriate safeguards.

8. Your Rights

Depending on your jurisdiction, you may have rights regarding your personal data, including:

• The right to access the personal data we hold about you.
• The right to correct inaccurate or incomplete data.
• The right to request deletion of your data, subject to legal retention obligations.
• The right to object to or restrict certain processing.
• The right to withdraw consent (where processing is based on consent).

To exercise any of these rights, please contact us using the details in the Contact Us section. We may need to verify your identity before responding to certain requests.

9. Cookies & Tracking Technologies

We may use cookies and similar technologies to:

• Maintain your login session;
• Remember your preferences;
• Analyse usage patterns to improve the Service.

Where required by law, we will seek your consent for non-essential cookies.

You can manage cookies via your browser settings, but disabling certain cookies may affect the functionality of the Service.

10. Third-Party Links

The Service may contain links to third-party websites or services.

We are not responsible for the privacy practices, content, or policies of these third parties. You should review their privacy policies before providing any personal information.

11. Children's Privacy

If you believe a child has provided us with personal data, please contact us and we will take steps to delete such information where appropriate.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time.

When we make material changes, we will:

• Update the "Last updated" date at the top; and
• Take reasonable steps to notify you (e.g. via email or in-app notice).

Your continued use of the Service after changes take effect signifies your acceptance of the updated Privacy Policy.

13. Contact Us