Privacy Policy

Last updated: March 2, 2026

DocuDevs.ai ("DocuDevs", "we", "us", or "our") is operated by Gabria Oy, a company registered in Finland. This Privacy Policy explains how we collect, use, and protect your information when you use our website at docudevs.ai and our document processing API (collectively, the "Service").

1. Information We Collect

Account Information

When you create an account, we collect your email address, name, and authentication credentials. If you sign up via a third-party provider (e.g., Google, GitHub), we receive the profile information you authorize.

Payment Information

Payments are processed by Stripe. We do not store your credit card numbers. Stripe provides us with a token, your billing email, and transaction details. See Stripe's Privacy Policy.

Documents You Upload

When you use the API, you upload documents for processing. Documents and processing results are stored for up to 2 weeks and then automatically deleted. You can explicitly delete your documents at any time. Documents stored in a case or knowledge base are retained until you delete them.

Usage Data

We collect API usage metrics (endpoints called, token consumption, response times, error rates) to operate the Service, enforce billing, and improve performance.

API Keys

We store hashed API keys in our database. We cannot retrieve your full API key after creation — you must store it securely.

2. How We Use Your Information

  • To provide and operate the document processing Service
  • To authenticate your identity and manage your account
  • To process payments and maintain billing records
  • To send transactional emails (account confirmation, billing receipts)
  • To monitor and improve Service reliability and performance
  • To enforce our Terms of Service and prevent abuse

We do not use the content of your uploaded documents to train AI models. Your documents are processed using third-party AI providers solely to fulfill your extraction request.

3. Third-Party Services

We use the following third-party services to operate DocuDevs:

  • Microsoft Azure — Cloud infrastructure and AI processing
  • Stripe — Payment processing
  • Supabase — Authentication

Each provider processes data according to their own privacy policies and data processing agreements. Your document data is not used to train AI models.

4. Data Retention

  • Documents and results: Stored for up to 2 weeks, then automatically deleted. You can delete them at any time. Documents in cases or knowledge bases are retained until you delete them.
  • Account data: Retained while your account is active. Upon deletion request, we remove your data within 30 days.
  • Billing records: Retained as required by Finnish law (typically 6 years for accounting records).

5. Data Security

We use industry-standard measures to protect your data, including encryption in transit (TLS 1.2+), encryption at rest, row-level security in our database, and organization-scoped access controls. API keys are hashed before storage.

6. Your Rights (GDPR)

As a Finland-based company, we comply with the EU General Data Protection Regulation (GDPR). You have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate personal data
  • Request deletion of your personal data
  • Export your data in a portable format
  • Object to or restrict processing of your data
  • Withdraw consent at any time

To exercise any of these rights, contact us at privacy@docudevs.ai.

7. Cookies

We use essential cookies for authentication and session management. We do not use third-party advertising or tracking cookies.

8. Children

DocuDevs is not directed at children under 16. We do not knowingly collect personal data from children.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or by posting a notice on our website.

10. Contact Us

Gabria Oy
Finland
privacy@docudevs.ai
gabria.fi/contact