Legal & Compliance

Our commitment to privacy, security, and compliance

Last updated: November 14, 2025

Core Principles

Zero document retention - your documents are never stored on our servers
Customer-specific encryption - your data protected with your unique keys
Automatic key rotation - fresh encryption after every processing run
No AI training - your documents are never used for model training

Legal Documents

Privacy Policy

How we collect, use, and protect your personal information

Zero document retention architecture
Minimal data collection (email, payment only)
All data encrypted in your Google Drive
We never sell or share your data

Terms of Service

The agreement governing your use of our service

Clear service scope and limitations
Transparent pricing and billing terms
Important disclaimers about data accuracy
Acceptable use and compliance requirements

Security Policy

Technical and organizational security measures we implement

Zero-knowledge architecture explained
AES-256-GCM encryption with key rotation
GDPR, CCPA, FCRA, ECOA compliance
24/7 security monitoring and incident response

Data Processing Agreement

GDPR-compliant terms for EU/EEA customers

Clear Controller/Processor responsibilities
Transparent sub-processor disclosure
Data subject rights assistance procedures
Standard Contractual Clauses for data transfers

Core Principles

1Zero document retention - your documents are never stored on our servers

2Customer-specific encryption - your data protected with your unique keys

3Automatic key rotation - fresh encryption after every processing run

4No AI training - your documents are never used for model training

5Full GDPR & CCPA compliance - built for international privacy regulations

6Complete transparency - detailed documentation of all data handling

7Informational use only - data accuracy analysis, not financial advice

8You control your data - stored in your Google Drive, revocable access

Regulatory Compliance

GDPR (European Union)

Full compliance with EU General Data Protection Regulation, including Standard Contractual Clauses for international transfers and comprehensive data subject rights procedures.

CCPA (California)

California Consumer Privacy Act compliance with transparent data practices, consumer rights support, and 'Do Not Sell' commitment (we never sell data).

FCRA Considerations

Designed with Fair Credit Reporting Act considerations for lending industry compliance. Our 'informational purposes only' model helps customers maintain FCRA compliance.

ECOA & Fair Lending

Equal Credit Opportunity Act considerations built into our architecture. Zero retention model supports fair lending documentation requirements.

Need help?

Questions About Our Legal Policies?

Email [email protected] for any legal, privacy, security, or compliance questions.

[email protected]

We respond within one business day.