1. Introduction
dokk.ai ("we", "our", "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our PDF editor and viewer service at dokk.ai.
2. Data We Collect
2.1 Account Information
When you create an account, we collect your name, email address, and profile picture (if signing in via OAuth).
2.2 Uploaded Documents
Files you upload are stored temporarily for processing. Temporary files are automatically deleted within 2 hours. Documents saved to your account are stored securely until you delete them.
2.3 Usage Data
We track daily operation counts and storage usage to enforce plan limits. We do not sell this data to third parties.
2.4 Payment Data
Payments are processed by Stripe. We do not store credit card numbers. Stripe’s privacy policy governs payment data handling.
3. How We Use Your Data
We use your data to provide and maintain our PDF processing services, manage your account and subscription, send transactional emails, enforce usage limits, and improve our services through aggregated, anonymized analytics.
4. Data Storage and Security
Your data is stored on servers located in the European Union. All data is encrypted in transit (TLS 1.2+) and at rest. We use industry-standard security measures including firewalls, access controls, and regular security audits.
5. Data Retention
Temporary files are deleted within 2 hours. Saved documents are retained until you delete them or close your account. Account data is retained while active and deleted within 30 days of closure. Audit logs are kept for 12 months.
6. Your Rights (GDPR)
Under the General Data Protection Regulation, you have the right to access, rectify, erase ("right to be forgotten"), port, restrict, and object to processing of your personal data. To exercise these rights, contact [email protected].
7. California Privacy Rights (CCPA)
If you are a California resident, you have the right to know what personal information we collect, request deletion, and opt out of the sale of personal information. We do not sell your personal data. To submit a request, contact [email protected]. We will respond within 45 days.
8. Brazil Privacy Rights (LGPD)
If you are a Brazilian resident, you have the right to access, correct, anonymize, port, and delete your personal data. Our Data Protection Officer can be reached at [email protected].
9. Cookies
We use essential cookies for authentication and session management. Analytics cookies (PostHog) are loaded only after you accept cookies via our consent banner. We also use Plausible, a privacy-respecting, cookie-free analytics tool. See our Cookie Policy for details.
10. Do Not Track
We respect the Do Not Track (DNT) browser signal. When DNT is enabled, we do not load analytics cookies or tracking scripts.
11. Third-Party Services
We use Stripe for payment processing, Anthropic (Claude) for AI document analysis on Premium plans, Resend for transactional email, PostHog for product analytics (with consent), and Plausible for privacy-friendly analytics.
12. Children’s Privacy
Our service is not directed at children under 16. We do not knowingly collect data from children.
13. Changes to This Policy
We may update this policy from time to time. We will notify you of material changes via email or in-app notification.
14. Contact
For privacy-related inquiries: Email [email protected]. Data Protection Officer: [email protected].