Data Protection Policy
Last updated: February 16, 2026
At Doc Custodian, protecting your data is fundamental to our Service. This Data Protection Policy describes how we safeguard, process, and manage the documents and information you entrust to us.
1. Data Classification
We classify data processed by our Service into the following categories:
- User Content: Documents, images, and files you upload, along with extracted text and AI-generated analysis. This is your data — you own it.
- Account Data: Your name, email address, workspace configuration, subscription details, and role assignments.
- Operational Data: Activity logs, usage metrics, and system performance data generated through your use of the Service.
2. Data Storage and Encryption
2.1 Encryption at Rest
All User Content stored in our cloud infrastructure is encrypted at rest using AES-256 encryption, the industry standard for data protection. This includes documents, extracted data, and database records.
2.2 Encryption in Transit
All data transmitted between your browser and our servers is encrypted using TLS 1.2 or higher. API communications and internal service-to-service traffic are also encrypted.
2.3 Storage Infrastructure
User Content is stored on Microsoft Azure infrastructure in the United States. Azure maintains comprehensive compliance certifications including SOC 1, SOC 2, ISO 27001, and ISO 27018.
3. Data Isolation
Doc Custodian uses a workspace-based multi-tenant architecture with strict data isolation:
- Workspace Separation: Each workspace's data is logically isolated using row-level security. Users can only access data within workspaces they are members of.
- Role-Based Access: Within a workspace, access is controlled by role assignments (admin or member), with different permission levels for each role.
- API-Level Enforcement: All API requests are authenticated and authorized against the user's workspace membership and role before any data access occurs.
4. Access Controls
4.1 User Authentication
We support authentication through established identity providers (Google, Microsoft Entra ID, Auth0) using industry-standard OAuth 2.0 and OpenID Connect protocols. We do not store passwords.
4.2 Session Management
User sessions are managed using signed JSON Web Tokens (JWT) with secure, HTTP-only cookies. Sessions expire automatically and are refreshed transparently during active use.
4.3 Administrative Access
Access to production systems is restricted to authorized personnel only, requires multi-factor authentication, and is logged for audit purposes. We follow the principle of least privilege for all system access.
5. Data Processing
5.1 Document Extraction
When you use our extraction features, your documents are sent to secure AI processing services for conversion. Documents are processed in real-time and are not retained by processing services beyond the active session.
5.2 AI Analysis
AI-powered features (summarization, analysis) process your documents on-demand. Your documents are not used to train AI models and are not shared with other users or third parties.
6. Data Retention and Deletion
- Active Subscriptions: Your data is retained for the duration of your active subscription.
- Post-Cancellation: After subscription cancellation, your data is retained for 90 days to allow for reactivation or export, then permanently deleted.
- Deletion Requests: You may request deletion of your data at any time. We will process deletion requests within 30 days.
- Backup Retention: Encrypted backups may be retained for up to 30 days after data deletion for disaster recovery purposes, after which they are purged.
7. Data Portability
You have the right to export your data at any time. The Service provides the ability to download your original uploaded documents. For extracted data and other processed content, you may contact us to request a full data export.
8. Sub-Processors
We engage the following categories of sub-processors to deliver the Service:
| Provider | Purpose | Data Processed |
|---|---|---|
| Microsoft Azure | Cloud infrastructure and storage | All User Content and Account Data |
| Stripe | Payment processing | Billing and payment information |
| Google / Microsoft / Auth0 | User authentication | Authentication credentials |
| AI Service Providers | Document extraction and analysis | Document content (transient processing only) |
9. Breach Notification
In the event of a data breach that affects your personal information or User Content:
- We will investigate and contain the breach promptly.
- Affected users will be notified by email within 72 hours of confirming a breach.
- We will notify applicable regulatory authorities as required by law (including the Office of the Privacy Commissioner of Canada for Canadian users).
- Notification will include the nature of the breach, affected data, steps taken, and recommended protective actions.
10. Compliance
Our data protection practices are designed to comply with:
- United States: State consumer privacy laws including the California Consumer Privacy Act (CCPA/CPRA), and applicable federal regulations.
- Canada: Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy legislation.
- Industry Standards: We follow industry best practices aligned with SOC 2 Type II, ISO 27001, and NIST Cybersecurity Framework guidelines.
11. Contact Us
For questions about our data protection practices, to request data export or deletion, or to report a security concern:
- Email: customerservice@doccustodian.com
- Website: doccustodian.com