Privacy Policy

1. Information We Collect

Account Information

When you create an account, we collect information through our authentication provider, Clerk. This may include:

• Your name and email address
• Profile picture (if provided)
• Authentication identifiers (e.g., your Clerk user ID)

Project and Content Data

When you use our service to create and manage documentation, we store:

• Project names, descriptions, and configuration settings
• Documentation content, including text, images, and other media files
• Pending changes and draft content
• Custom domain configurations

GitHub Integration Data

If you connect your GitHub account, we may collect:

• Your GitHub username and OAuth access token
• Repository information for projects linked to your account
• Webhook event data related to your documentation repositories

Payment Information

Payment processing is handled entirely by Stripe. We store:

• Your Stripe customer ID
• Subscription status and plan details
• We do not store credit card numbers or full payment details on our servers

Usage and Technical Data

We may collect technical information such as your browser type, device information, and general usage patterns to improve our service.

2. How We Use Your Information

We use the information we collect to:

• Provide, operate, and maintain the Doccupine platform
• Create and manage GitHub repositories for your documentation projects
• Deploy your documentation sites, including file-upload deployments and custom domain configuration
• Process payments and manage your subscription through Stripe
• Authenticate your identity and secure your account
• Provide AI-powered features (such as content generation and suggestions) when enabled for your project
• Send service-related notifications and updates
• Improve, personalize, and expand our service
• Monitor and analyze usage trends and performance

3. Third-Party Services

We integrate with the following third-party services to provide our platform. Each service has its own privacy policy governing the data they process:

Clerk (Authentication)

We use Clerk authentication to handle user authentication. Clerk processes your login credentials and provides us with verified identity tokens. Clerk may set authentication-related cookies in your browser.

Stripe (Payments)

Stripe handles all payment processing for subscriptions. When you subscribe, your payment information is sent directly to Stripe and is subject to Stripe's privacy policy. We only receive and store your Stripe customer ID and subscription status.

GitHub (Repository Management)

We use the GitHub API to create and manage repositories for your documentation projects. If you connect your GitHub account, we store your OAuth token to perform repository operations on your behalf. For managed repositories, we use a collective platform account.

AI Providers (Content Features)

When AI features are enabled for a project, we may send content to AI providers (such as OpenAI, Anthropic, or Google) to power features like content generation, summaries, and suggestions. Only content you explicitly submit for AI processing is shared with these providers.

4. Data Storage and Security

Your data is stored using Convex, a real-time backend-as-a-service platform. We implement industry-standard security measures to protect your data, including:

• JWT-based authentication verified on every request
• Ownership checks ensuring you can only access your own projects and data
• Encrypted connections (HTTPS/TLS) for all data in transit
• Secure token storage for GitHub and payment integrations

While we strive to protect your information, no method of transmission over the Internet or method of electronic storage is 100% secure. We cannot guarantee absolute security.

5. Cookies and Tracking

We use a minimal set of cookies:

• Theme preference cookie: Stores your light/dark mode preference for a consistent visual experience across visits
• Authentication cookies: Set by Clerk to manage your login session and keep you authenticated

We do not use advertising cookies or third-party tracking pixels. We do not sell your data to advertisers or data brokers.

6. Data Retention

We retain your personal information and project data for as long as your account is active or as needed to provide you with our services. If you delete your account, we will delete or anonymize your personal information within 30 days, except where we are required to retain certain information for legal or compliance purposes.

Documentation content stored in GitHub repositories will remain in those repositories unless you or we explicitly delete them.

7. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

• Access: Request a copy of the personal data we hold about you
• Correction: Request that we correct inaccurate or incomplete personal data
• Deletion: Request deletion of your personal data and account
• Export: Request an export of your data in a portable format
• Restriction: Request that we limit the processing of your personal data
• Objection: Object to the processing of your personal data for certain purposes

To exercise any of these rights, please contact us using the information provided below.

8. Children's Privacy

Doccupine is not intended for use by individuals under the age of 16. We do not knowingly collect personal information from children. If we become aware that we have collected personal data from a child without parental consent, we will take steps to delete that information promptly.

9. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any material changes by posting the updated policy on this page with a revised "Last updated" date.

10. Contact Us

If you have questions about this Privacy Policy or wish to exercise your data rights, please contact us at:

Email: [email protected]