Privacy Policy

1. About This Policy

Docy AI. (“Docy”, “we”, “us”, or “our”) is committed to protecting your personal information. This Privacy Policy explains how we collect, hold, use, and disclose your personal information, and your rights in relation to that information.

This policy applies to all personal information collected through our website at docyai.com, our platform at app.docyai.com, our APIs, and any other services we provide (collectively, the “Services”).

We comply with the Australian Privacy Principles (“APPs”) contained in the Privacy Act 1988 (Cth) (“Privacy Act”). For users in the European Economic Area, we also comply with the General Data Protection Regulation (“GDPR”).

2. Personal Information We Collect

“Personal information” means information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether the information is true or not, and whether recorded in a material form or not.

The types of personal information we may collect include:

• Identity information: name, job title, company name
• Contact information: email address, phone number, mailing address
• Account information: username, password (encrypted), account preferences
• Usage information: how you interact with our Services, feature usage, session data
• Technical information: IP address, browser type, operating system, device identifiers
• Transaction information: billing details, subscription history, payment records
• Communication information: correspondence, support tickets, feedback

3. How We Collect Information

We collect personal information in the following ways:

• Directly from you: when you create an account, subscribe to our Services, contact us, or fill out forms on our website
• Automatically: through cookies, analytics tools, and server logs when you use our Services
• From third parties: from our business partners, payment processors, or publicly available sources

Where reasonable and practicable, we will collect your personal information directly from you. If we receive information about you from a third party, we will take reasonable steps to ensure you are aware of this policy.

4. Purpose of Collection

We collect and use your personal information for the following purposes:

• To provide, operate, and maintain our Services
• To process your transactions and manage your account
• To communicate with you about your account, updates, and promotional offers (with your consent)
• To improve our Services, including analytics and research
• To ensure security and prevent fraud
• To comply with our legal obligations, including regulatory requirements
• To respond to your inquiries, support requests, and feedback
• To enforce our Terms of Service and other agreements

We will not use your personal information for purposes other than those stated above without first obtaining your consent.

5. Disclosure of Information

We may disclose your personal information to the following categories of recipients:

• Service providers: cloud hosting, payment processing, analytics, customer support tools
• Business partners: where necessary to provide integrated services
• Legal and regulatory bodies: where required by law, regulation, or court order
• Professional advisors: lawyers, accountants, and auditors

We do not sell your personal information to third parties. We require all third parties to respect the security of your personal information and to treat it in accordance with applicable law.

6. Access and Correction

You have the right to access the personal information we hold about you. You may request access by contacting us using the details provided below.

If you believe that any information we hold about you is inaccurate, out of date, incomplete, irrelevant, or misleading, you may request that we correct it. We will take reasonable steps to correct the information.

We will respond to your request within 30 days. There is no charge for requesting access to your personal information or for requesting a correction.

7. Complaints

If you believe that we have breached the Australian Privacy Principles or your rights under applicable privacy law, you may lodge a complaint by contacting us using the details below. We will respond to your complaint within 30 days.

If you are not satisfied with our response, you may refer your complaint to the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.

8. Overseas Transfer of Data

Our Services use cloud infrastructure that may store and process data in locations outside Australia, including the United States. We take reasonable steps to ensure that overseas recipients of your personal information comply with the APPs and relevant privacy laws.

By using our Services, you consent to the transfer of your personal information to recipients outside Australia, subject to the protections described in this policy.

9. Additional Rights for EEA Users (GDPR)

If you are located in the European Economic Area, you have the following additional rights under the GDPR:

• Right to erasure: you may request that we delete your personal data
• Right to restrict processing: you may request that we limit how we use your data
• Right to data portability: you may request a copy of your data in a structured, machine-readable format
• Right to object: you may object to our processing of your data for direct marketing purposes
• Right to withdraw consent: where we rely on consent, you may withdraw it at any time

To exercise any of these rights, please contact us using the details below. We will respond to your request within 30 days.

10. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including to satisfy any legal, accounting, or reporting requirements.

When your personal information is no longer required, we will securely destroy or de-identify it.

11. Security

We take reasonable steps to protect your personal information from misuse, interference, loss, unauthorized access, modification, or disclosure. Our security measures include encryption, access controls, and regular security assessments.

However, no method of transmission over the Internet or method of electronic storage is completely secure. While we strive to protect your personal information, we cannot guarantee its absolute security.

12. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect information about your browsing activities. You can manage your cookie preferences through your browser settings.

We use the following types of cookies:

• Essential cookies: required for the operation of our Services
• Analytics cookies: help us understand how users interact with our Services
• Marketing cookies: used to deliver relevant advertising (with your consent)

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the updated policy on our website with a revised “Last updated” date.

Your continued use of our Services after the publication of changes constitutes your acceptance of the updated policy.

14. Contact Us

If you have any questions about this Privacy Policy, or if you wish to make a complaint or exercise your rights, please contact us: