Company logoDoculent
Book demo

Legal

Privacy Policy

Last updated: March 6, 2026

1. Introduction

Doculent Ltd. ("Doculent," "we," "us," or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website at doculent.io, use our platform, or interact with our services (collectively, the "Services").

This policy applies to all users worldwide and has been drafted to comply with the EU General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable data protection laws.

By accessing or using our Services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our practices, please do not use our Services.

2. Data Controller

For the purposes of the GDPR, Doculent, Inc. is the data controller responsible for your personal data. You can contact us at:

  • Email: [email protected]
  • Address: Doculent Ltd., Sofia Center, ulitsa „Georgi S. Rakovski“ 108, G. C, 1000 Sofia, Bulgaria

3. Information We Collect

3.1 Information You Provide Directly

  • Account Information: Name, email address, company name, job title, and password when you create an account.
  • Payment Information: Billing address and payment details processed through our third-party payment processors. We do not store full credit card numbers.
  • Communications: Information you provide when you contact us for support, submit feedback, or participate in surveys.
  • Content Data: Documents, files, and other content you upload to or process through our Services.

3.2 Information Collected Automatically

  • Usage Data: Pages visited, features used, actions taken, time and duration of visits, and referring URLs.
  • Device Information: IP address, browser type and version, operating system, device type, and unique device identifiers.
  • Cookies and Similar Technologies: We use cookies, pixels, and similar technologies to collect information about your browsing activity. See Section 9 for more details.

3.3 Information from Third Parties

  • Integration Partners: If you connect third-party services to your Doculent account, we may receive information from those services as authorized by you.
  • Publicly Available Sources: We may collect information from publicly available sources to supplement your account information.

4. How We Use Your Information

We use your personal data for the following purposes:

  • Service Delivery: To provide, maintain, and improve our Services, including document processing, automation, and AI-assisted workflows.
  • Account Management: To create and manage your account, authenticate your identity, and provide customer support.
  • Communication: To send you service-related notices, updates, security alerts, and administrative messages.
  • Analytics and Improvement: To understand how our Services are used, diagnose technical issues, and develop new features.
  • Security: To detect, prevent, and respond to fraud, abuse, security incidents, and other harmful activity.
  • Legal Compliance: To comply with applicable laws, regulations, legal processes, or governmental requests.
  • Marketing: With your consent, to send promotional communications. You can opt out at any time.

5. Legal Bases for Processing (GDPR)

If you are in the European Economic Area (EEA), UK, or Switzerland, we process your personal data based on the following legal grounds:

  • Performance of Contract: Processing necessary to fulfill our contractual obligations to you.
  • Legitimate Interests: Processing necessary for our legitimate business interests, such as improving our Services, provided these do not override your rights.
  • Consent: Where you have given us explicit consent to process your data for a specific purpose.
  • Legal Obligation: Processing necessary to comply with a legal obligation to which we are subject.

6. Data Sharing and Disclosure

We do not sell your personal data. We may share your information in the following circumstances:

  • Service Providers: With trusted third-party vendors who perform services on our behalf (hosting, analytics, payment processing, customer support), subject to confidentiality obligations.
  • Business Transfers: In connection with a merger, acquisition, reorganization, or sale of assets, your data may be transferred as part of that transaction.
  • Legal Requirements: When required by law, regulation, legal process, or governmental request.
  • Protection of Rights: To enforce our agreements, protect our rights, privacy, safety, or property, and that of our users or the public.
  • With Your Consent: For any other purpose with your explicit consent.

7. International Data Transfers

Your personal data may be transferred to and processed in countries outside of your country of residence. When we transfer data outside the EEA, UK, or Switzerland, we ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses (SCCs) approved by the European Commission.
  • Adequacy decisions by the European Commission for the destination country.
  • Other lawful transfer mechanisms as permitted by applicable data protection laws.

8. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law. Factors we consider include:

  • The nature and sensitivity of the data.
  • The purposes for which we process the data.
  • Applicable legal, regulatory, tax, accounting, or reporting requirements.
  • Whether we need to retain data for the establishment, exercise, or defense of legal claims.

When your data is no longer needed, we will securely delete or anonymize it in accordance with our data retention and destruction policies.

9. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect and track information and to improve our Services. Types of cookies we use include:

  • Strictly Necessary Cookies: Required for the operation of our Services. These cannot be disabled.
  • Analytics Cookies: Help us understand how visitors interact with our Services by collecting and reporting information anonymously.
  • Functional Cookies: Enable enhanced functionality and personalization.
  • Marketing Cookies: Used to track visitors across websites to display relevant advertisements (only with your consent).

You can manage your cookie preferences through your browser settings. Note that disabling certain cookies may affect the functionality of our Services.

10. Your Rights

10.1 Rights Under GDPR (EEA, UK, Switzerland)

If you are located in the EEA, UK, or Switzerland, you have the following rights:

  • Right of Access: Request a copy of the personal data we hold about you.
  • Right to Rectification: Request correction of inaccurate or incomplete data.
  • Right to Erasure: Request deletion of your personal data, subject to certain exceptions.
  • Right to Restrict Processing: Request that we limit the processing of your data.
  • Right to Data Portability: Receive your data in a structured, machine-readable format.
  • Right to Object: Object to processing based on legitimate interests or for direct marketing.
  • Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent.
  • Right to Lodge a Complaint: File a complaint with your local data protection authority.

10.2 Rights Under CCPA (California Residents)

If you are a California resident, you have the following rights under the CCPA:

  • Right to Know: Request information about the categories and specific pieces of personal information we have collected, the sources, the business purposes, and the categories of third parties with whom we share it.
  • Right to Delete: Request deletion of your personal information, subject to certain exceptions.
  • Right to Opt-Out of Sale: We do not sell personal information. If this changes, you will have the right to opt out.
  • Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights.
  • Right to Correct: Request correction of inaccurate personal information.
  • Right to Limit Use of Sensitive Personal Information: Direct us to limit the use and disclosure of your sensitive personal information.

To exercise any of these rights, please contact us at [email protected]. We will respond to verifiable requests within 45 days (or 30 days under GDPR).

11. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit (TLS 1.2+) and at rest (AES-256).
  • Regular security assessments, penetration testing, and vulnerability scanning.
  • Access controls based on the principle of least privilege.
  • SOC 2 Type II certified infrastructure and processes.
  • Employee security awareness training and background checks.
  • Incident response and breach notification procedures in compliance with GDPR, CCPA, and ETSI standards.

While we strive to protect your personal data, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security.

12. Children's Privacy

Our Services are not directed to individuals under the age of 16 (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personal data from children. If we become aware that we have collected personal data from a child without parental consent, we will take steps to delete that information promptly.

13. Third-Party Links

Our Services may contain links to third-party websites, applications, or services. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party sites you visit.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website and updating the "Last updated" date. Your continued use of our Services after any changes constitutes your acceptance of the updated Privacy Policy.

15. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

  • Email: [email protected]
  • Address: Doculent Ltd., Sofia Center, ulitsa „Georgi S. Rakovski“ 108, G. C, 1000 Sofia, Bulgaria

For GDPR-related inquiries, you may also contact our Data Protection Officer at [email protected].

Related Legal Documents

Terms of ServiceData Processing Agreement