Privacy Policy

Last updated: January 2026

1. Introduction

Welcome to DocFlow. We respect your privacy and are committed to protecting your personal data. This privacy policy will inform you as to how we look after your personal data when you visit our website or use our SaaS platform, and tell you about your privacy rights and how the law protects you.

2. Data We Collect

We collect information that you provide directly to us when creating an account, setting up your organization, uploading CSV/Excel sheets, or generating certificates and offer letters. This data includes:

  • Account Data: Names, email addresses, password hashes, and company profile info.
  • Recipient Data: Names, emails, phone numbers, roles, and start dates uploaded for document generation.
  • Transactional Data: Payment order details (via Razorpay) and credit usage metrics.

3. How We Use Your Data

We use your data to provide, maintain, and improve our services, including:

  • Processing bulk offer letters and certificates.
  • Providing QR-code verification checks on issued credentials.
  • Managing billing, subscriptions, and transaction logs.
  • Sending system alerts, notifications, and customer support communications.

4. Data Sharing and Retention

We do not sell, rent, or trade your data. We only share information with trusted third-party services essential for operating our SaaS, such as database providers (Supabase), authentication platforms (Clerk), and payment processors (Razorpay). We retain data only as long as necessary to provide active workspace features or satisfy compliance obligations.

5. Your Security & Rights

Under privacy regulations like GDPR, you have the right to access, correct, delete, or restrict the processing of your personal information. We employ industry-standard secure socket layers (SSL), data encryption at rest, and strict access controls to safeguard your data.

6. Contact Us

If you have any questions about this Privacy Policy, please contact us at support@docflow.app.