Legal

Privacy Policy

Last updated: 2026-07-06. The defaults below are what we enforce today.

1. What we collect

  • Account email, optional company name, optional use-case description.
  • HTTP request metadata: timestamp, status, byte counts, request ID.
  • Documents you submit to /v1/merge and /v1/blob/:hash.

2. Documents and cache retention

DOCX files often contain personally identifiable information — names, account numbers, dates of birth, contract terms. We treat them accordingly:

  • Inline-uploaded blobs are cached by content hash for 24 hours, then auto-deleted.
  • Hash-first uploads persist until evicted by LRU (cache size cap per tenant).
  • Per-tenant cache isolation is enforced — your hashes are namespaced to your account.
  • Merged outputs are streamed back in the response and never persisted.
  • On account deletion, all your cached blobs are purged within 7 days.

3. Logs and PII scrubbing

Server logs include request ID, status, duration, and byte counts. They do not include placeholder values or document contents. Structured logs are retained for 30 days, then deleted.

4. Sub-processors

  • Hosting: Railway (API engine) and Vercel (web app).
  • Email: transactional sign-in emails are sent only when you use email login; we do not send marketing email.
  • Analytics: privacy-respecting (no third-party trackers).
  • Payment: Lemon Squeezy (Merchant of Record), for paid plans.

5. Your rights

You can request deletion of your account at any time by emailing [email protected]. We respond within 30 days.

6. DPA and compliance

A standard Data Processing Agreement is available to Business and Enterprise customers on request. SOC 2 Type 2 attestation is on the post-GA roadmap.