1. Introduction This Privacy Policy explains how DOCKET SOFTWARE LTD (“we”, “us”, “our”) collects, uses, and protects personal data when you use our website and hosted services (the “Services”). DOCKET SOFTWARE LTD, registered in England and Wales, is the data controller responsible for your personal data. ⸻ 2. Eligibility The Services are not intended for use by individuals under the age of 18. We do not knowingly collect or maintain personal data from individuals under 18. If we become aware that we have collected such data, we will take steps to delete it. ⸻ 3. Hosted Infrastructure The Services are provided via infrastructure managed by or on behalf of DOCKET SOFTWARE LTD. Personal data and User Content are stored and processed on this infrastructure. ⸻ 4. Data We Collect We collect only the data necessary to operate the Services. a) Account Information • Email address (used for authentication and account identification) b) Authentication Data • Magic login tokens (temporary, securely generated) c) User Content • Content you upload, create, or store using the Services, including: • text (e.g. notes) • images • other materials (“User Content”) d) Usage Data • Basic technical information such as: • IP address • browser type • timestamps of access e) Payment Data (if applicable) • Payment information is processed by third-party payment providers • We do not store full payment details ⸻ 5. How We Use Your Data We use your data to: • Authenticate you and provide access to the Services • Store, process, and display User Content • Operate, maintain, and improve the Services • Manage subscriptions, plans, and licensing • Prevent abuse and ensure security ⸻ 6. User Content The Services allow you to upload and store User Content, including text and images. • User Content is stored on our servers or infrastructure operated by our service providers • We process User Content to provide, maintain, and improve the Services • We do not actively monitor User Content We may access User Content where necessary to: • operate the Services • maintain performance • ensure security • comply with legal obligations You are responsible for any personal data contained within User Content. ⸻ 7. AI Processing The Services may include features that utilize automated processing or artificial intelligence (such as summarization or search). • All AI processing is performed on infrastructure managed by DOCKET SOFTWARE LTD. • User Content is not transmitted to third-party AI service providers. • We process User Content via AI systems solely to provide the functionality requested by you. • We do not use User Content to train or improve the underlying machine learning models. ⸻ 8. Legal Basis for Processing (UK/EU Users) We process personal data under the following legal bases: • Contract: To provide and maintain the Services, where processing is necessary for authentication, storage of User Content, and the delivery of AI-powered features (such as search and summarization) requested by you. • Legitimate Interests: Where processing is necessary to operate, secure, and improve the Services, including monitoring usage, preventing abuse, and understanding usage patterns to enhance performance. • Legal Obligation: Where we are required to comply with applicable laws, regulatory requirements, or lawful requests. ⸻ 9. Data Sharing We do not sell your personal data. We may share data with: • Hosting providers • Email delivery providers (for login links) • Payment processors These providers process data on our behalf and act as data processors under our instructions. ⸻ 10. Data Residency and Transfers DOCKET SOFTWARE LTD is based in the United Kingdom. To provide the Services, User Content is stored on infrastructure located within the European Economic Area (EEA). We take appropriate measures to ensure that all such data residency and transfers comply with applicable UK and EU data protection laws. ⸻ 11. Data Retention We retain personal data only as long as necessary to provide the Services and for a reasonable period thereafter to comply with legal obligations, resolve disputes, and enforce our agreements. You may request deletion of your data at any time. ⸻ 12. Security We implement reasonable technical and organizational measures to protect your data, including: • Encryption in transit • Secure authentication mechanisms • Access controls ⸻ 13. Your Rights If you are in the UK or EU, you have the right to: • Access your data • Correct inaccurate data • Request deletion • Object to processing • Request data portability • Withdraw consent where processing is based on consent To exercise these rights, contact us at the email below. You also have the right to lodge a complaint with a supervisory authority, such as the UK Information Commissioner's Office (ICO). ⸻ 14. Cookies and Tracking We may use cookies or similar technologies for: • Authentication • Basic functionality We do not use cookies for advertising or third-party tracking purposes. ⸻ 15. Third-Party Services Our Services may integrate with third-party providers. Their use of your data is governed by their own privacy policies. ⸻ 16. Changes to This Policy We may update this Privacy Policy from time to time. You will be required to review and accept the updated Privacy Policy to continue using the Services. If you do not agree to the updated Privacy Policy, you must stop using the Services. ⸻ 17. Contact If you have any questions about this Privacy Policy, contact: DOCKET SOFTWARE LTD Email: [email protected]