Privacy Policy

Last updated: March 27, 2026

docule.dev ("we", "us", "our") operates the docule.dev website and API service. This page describes how we collect, use, and protect your information.

1. Information we collect

Account information. When you sign up, we collect your email address. We use passwordless authentication via magic links — we do not store passwords.

Usage data. We log API requests including timestamps, document page counts, processing method, and credit consumption. We do not log the content of your documents.

Payment information. If you subscribe to a paid plan, payment is processed by Stripe. We do not store credit card numbers. We receive your Stripe customer ID and subscription status.

2. How we use your information

• To provide and maintain the service
• To authenticate you and manage your account
• To track usage and enforce rate limits
• To process payments via Stripe
• To send transactional emails (magic links, billing notifications)
• To improve the service based on aggregate usage patterns

3. Document processing

Your documents are not stored. PDF files uploaded via the API are processed in memory and discarded after parsing is complete. We do not retain, read, or use the content of your documents for any purpose other than returning the parsed output to you.

Parsed results are temporarily cached for retrieval and automatically deleted after 24 hours.

4. Data sharing

We do not sell, rent, or share your personal information with third parties, except:

• Stripe — for payment processing
• Resend — for transactional email delivery
• Law enforcement — if required by applicable law

5. Data retention

• Account data: retained while your account is active
• Usage logs: retained for 12 months for billing and analytics
• Uploaded documents: not retained (processed in memory only)
• Parsed results: cached for 24 hours, then deleted

6. Security

We use industry-standard security measures including:

• TLS encryption for all connections
• API keys stored as SHA-256 hashes (we cannot see your key)
• Passwordless authentication (no password database to breach)
• Session cookies with HttpOnly, Secure, and SameSite flags

7. Your rights

You may:

• Request a copy of your account data
• Request deletion of your account and associated data
• Revoke API keys at any time from the dashboard

To exercise these rights, contact us at support@docule.dev.

8. Cookies

We use cookies for two purposes only:

• Authentication — a session cookie that keeps you signed in.
• Analytics (optional) — if you click "Accept" on the cookie banner, we set docule_analytics to record how people use the site (page views, time on page, button clicks, whether the demo works) so we can improve it. The data stays on our own servers — no third-party trackers, no ads, no cross-site profiles. You can opt out at any time from the cookie preferences link.

If you do not consent, analytics events are dropped at the server — nothing about your visit is stored.

9. Changes to this policy

We may update this policy from time to time. Changes will be posted on this page with an updated date. Continued use of the service constitutes acceptance of the updated policy.

10. Contact

For questions about this privacy policy, contact us at support@docule.dev.