We collect your GitHub handle for authentication, workspace metadata, API usage logs, and uploaded documents. We do not collect payment card details; Stripe handles those.
Uploaded documents are processed to return extraction results. We retain files temporarily for debugging and replay. We do not use your documents to train models. We do not sell data.
Data is stored in Cloudflare D1 (structured state) and R2 (files). Both are encrypted at rest. Session tokens are hashed; API keys are hashed and never stored in plaintext.
Uploaded files are deleted automatically after 30 days. Ledger and job records are retained for billing and audit purposes. You can request deletion of your workspace by emailing hello@docex.dev.
We use Stripe for payments, GitHub for authentication, and upstream AI providers (OpenRouter, Mistral, Anthropic) for extraction. Data shared with providers is limited to the document and prompt required for the extraction call.
We use a session cookie for dashboard sign-in. No tracking cookies.
You can access, correct, or delete your data by contacting us. Because extraction jobs are tied to prepaid usage, deletion may be limited where required for financial record-keeping.
Privacy questions: hello@docex.dev