Back to Home

Privacy Policy

Last updated: January 7, 2026

1. Introduction

documint ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our compliance documentation platform.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Name, email address, company name, job title
  • Questionnaire Responses: Information about your organization's security practices, policies, and infrastructure that you provide through our questionnaires
  • Payment Information: Billing address and payment details (processed securely by our payment provider)
  • Communications: Any messages or feedback you send to us

2.2 Automatically Collected Information

  • Usage Data: Pages visited, features used, time spent on the platform
  • Device Information: Browser type, operating system, IP address
  • Cookies: See our Cookie Policy for details

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our Service
  • Generate compliance documentation based on your questionnaire responses
  • Process your transactions and manage your subscription
  • Send you service-related communications
  • Respond to your inquiries and provide customer support
  • Detect, prevent, and address technical issues and security threats
  • Comply with legal obligations

4. Data Processing for AI Generation

Your questionnaire responses are processed by our AI systems to generate customized compliance documentation. Important notes:

  • Your data is processed in real-time and used solely for document generation
  • We do not use your specific questionnaire responses to train our AI models
  • Generated documents are stored in your account and accessible only to you
  • We use Google's Gemini AI service for document generation, subject to Google's enterprise privacy terms

5. Data Sharing and Disclosure

We do not sell your personal information. We may share information with:

  • Service Providers: Third parties who perform services on our behalf (hosting, payment processing, analytics)
  • Legal Requirements: When required by law or to protect our rights
  • Business Transfers: In connection with a merger, acquisition, or sale of assets

6. Data Security

We implement industry-standard security measures to protect your information:

  • Encryption in transit (TLS) and at rest
  • Secure authentication with password hashing
  • Regular security assessments and monitoring
  • Access controls and audit logging
  • Data hosted on SOC 2 compliant infrastructure (Supabase/AWS)

7. Data Retention

We retain your data for as long as your account is active or as needed to provide services. After account deletion, we may retain certain information for up to 90 days for backup purposes and as required by law. You can request deletion of your data at any time.

8. Your Rights

Depending on your location, you may have the following rights:

  • Access: Request a copy of your personal data
  • Rectification: Request correction of inaccurate data
  • Erasure: Request deletion of your data
  • Portability: Request your data in a machine-readable format
  • Objection: Object to certain processing of your data
  • Restriction: Request limitation of processing

To exercise these rights, contact us at privacy@documint.io

9. International Transfers

Your data may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for such transfers in compliance with applicable data protection laws.

10. GDPR Compliance (EU Users)

For users in the European Economic Area:

  • Our legal basis for processing is contract performance and legitimate interests
  • You have the right to lodge a complaint with your local supervisory authority
  • We process data in accordance with GDPR requirements

11. CCPA Compliance (California Users)

California residents have additional rights under CCPA:

  • Right to know what personal information is collected
  • Right to delete personal information
  • Right to opt-out of sale (we do not sell personal information)
  • Right to non-discrimination for exercising privacy rights

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by email or through a notice on our platform. Your continued use of the Service after changes constitutes acceptance of the updated policy.

13. Contact Us

For privacy-related questions or to exercise your rights, contact us at: privacy@documint.io