Privacy Policy

This Privacy Policy explains what data DocForge collects, how we use it, who we share it with, and the choices you have. It applies to everyone who uses trydocforge.com.

What we collect

• Account information — your name, email address, password hash (we never see the plaintext password), and profile image if you provide one.
• Content — templates, uploaded CSV/data files, and generated documents. We store these to deliver the service.
• Usage data — authentication events, API calls, and metering (documents generated, AI edits used).
• Billing data — last four digits of the card, billing address, and subscription state. Full card details are held by Stripe; we never see or store them.

How we use data

• Operate the service (render PDFs, enforce plan quotas).
• Send transactional email (account verification, password reset, receipts).
• Improve reliability via error monitoring and performance metrics.
• Send product updates — only if you opt in.

Who we share data with

DocForge is built on a handful of trusted sub-processors:

• Supabase (Supabase Inc., USA) — database, authentication, file storage.
• Vercel (Vercel Inc., USA) — hosting + edge delivery.
• PDFMonkey (PDFMonkey SAS, France) — converts your templates and row data into finished PDFs. Documents are processed transiently and not retained beyond the render.
• Stripe (Stripe Inc., USA) — subscription billing + one-off purchases.
• OpenAI / Anthropic (via Vercel AI Gateway, USA) — template generation and editing.
• Resend (Resend Inc., USA) — transactional email delivery (org invitations, account verification).
• Sentry (Functional Software Inc., USA) — error monitoring (if enabled).
• Google (Google LLC, USA) — if you connect a Google account for Sheets import, we exchange OAuth tokens with Google and read only the spreadsheet data you explicitly select.

We do not sell your personal data or your content. We only share data with the above sub-processors strictly as needed to run the service.

AI processing

When you use an AI feature (template generation, field mapping, sample data), the relevant input is sent to our model provider through Vercel AI Gateway. We pass payloads with prompt-caching disabled by default. We do not send your CSV data rows to models during normal operation; only template text and column headers.

Data protection

We take the protection of your content — and any data you connect from third-party services (including Google Workspace) — seriously. We apply the following controls:

• Encryption in transit: all traffic to and from DocForge is served over HTTPS (TLS 1.2 or later). Requests to our sub-processors (Supabase, Vercel, Stripe, Google, model providers) are made over TLS.
• Encryption at rest: database rows, file storage (templates, uploaded CSVs, generated PDFs), and backups are encrypted at rest via our infrastructure providers (Supabase on AWS-backed storage, Vercel blob storage).
• Access controls: every request to DocForge is authenticated against the signed-in user. Row-Level Security policies at the database layer enforce that one customer cannot read or modify another customer's templates, data sources, runs, or generated documents. Admin access to production systems is limited to named employees and protected by SSO with MFA.
• Google account data: if you connect a Google account, we store only the OAuth access token + refresh token and your Google email address. Tokens are stored encrypted at rest, used only to call the Google APIs required by the features you invoke (read the specific Google Sheets you pick through the Google Picker), and deleted when you disconnect the integration or delete your DocForge account. We do not use Google user data for advertising, profiling, or ML-model training.
• Minimum-necessary scopes: DocForge requests only non-sensitive Google scopes (identity + per-file Drive access via the Google Picker). We do not request broad Drive or Sheets access.
• Passwords: plaintext passwords are never stored. Authentication is handled by Supabase Auth, which hashes credentials using bcrypt-family algorithms.
• Vulnerability and incident response: we monitor runtime errors via Sentry and platform alerts via Vercel. If we become aware of a security incident affecting your data, we will notify affected customers by email within 72 hours of confirmation.
• Sub-processor diligence: every third-party sub-processor listed above is SOC 2 (or equivalent) certified. We review their security posture before onboarding and revisit at least annually.

You can report a suspected security issue at any time to security@trydocforge.com.

Data retention

• Active accounts: we keep your data for as long as you use DocForge.
• Closed accounts: we delete templates, data sources, and PDFs within 30 days of account deletion.
• Invoices and tax records: kept for 7 years to comply with accounting regulations.

Your rights

You can access, export, or delete your data at any time from the Settings page. For other requests — including a copy of all personal data we hold — email privacy@trydocforge.com. We respond within 30 days.

International transfers

Your data may be stored and processed in any country where we or our sub-processors operate. We rely on standard contractual clauses for transfers from regions that require them.

Cookies

We use a small number of strictly-necessary cookies for authentication. We do not run third-party advertising or tracking cookies on the app.

Changes

Material changes to this Policy will be announced by email. The "Last updated" date at the top reflects the most recent revision.

Contact

Privacy questions, complaints, or data requests: privacy@trydocforge.com.