Privacy Policy

1. What we collect

We collect your GitHub handle for authentication, workspace metadata, API usage logs, and uploaded files. We do not collect payment card details; Stripe handles those.

2. How we use data

Uploaded files are processed to return structured analysis results. We retain files temporarily for debugging and replay. We do not use your files to train models. We do not sell data.

3. Storage

Data is stored in Cloudflare D1 (structured state) and R2 (files). Both are encrypted at rest. Session tokens are hashed; API keys are hashed and never stored in plaintext.

4. Retention

Uploaded files are deleted automatically after 30 days. Ledger and job records are retained for billing and audit purposes. You can request deletion of your workspace by emailing hello@docex.dev.

5. Third parties

We use Stripe for payments, GitHub for authentication, OpenRouter for multimodal model routing, and Mistral for OCR. Data shared with providers is limited to the file and prompt required for the analysis call.

6. Cookies

We use a session cookie for dashboard sign-in. No tracking cookies.

7. Your rights

You can access, correct, or delete your data by contacting us. Because analysis runs are tied to prepaid usage, deletion may be limited where required for financial record-keeping.

8. Contact

Privacy questions: hello@docex.dev