Privacy Policy
Last Updated: November 1, 2025
1. Information We Collect
We collect information you provide directly: account registration details (name, email, password), documents you upload for processing, payment information (processed securely via Stripe), and optional profile information. We also automatically collect usage data including device information, IP address, browser type, pages visited, features used, and processing statistics to improve our service.
2. How We Use Your Information
We use your information to: provide and maintain the Inkscribe AI service, process your documents using our OCR and AI engines, communicate with you about your account and service updates, improve our platform based on usage patterns, ensure the security and integrity of our systems, and comply with legal obligations. We never sell your personal data to third parties.
3. Data Storage & Security
All documents and personal data are encrypted at rest using AES-256 encryption and in transit using TLS 1.3. Our infrastructure is hosted on Supabase with enterprise-grade security controls. We conduct regular security audits and penetration testing. Access to production data is restricted to authorized personnel only, with full audit logging enabled.
4. AI Processing
Documents processed by our AI models (including ScribIQ powered by Claude AI) are not used to train any AI systems. Your data is yours. AI processing occurs in isolated, ephemeral environments — document content is not retained after processing is complete. We do not share document content with any third parties for model training or improvement purposes.
5. Data Retention
Active accounts retain all uploaded documents and processing history according to their subscription tier (7 days for Free, 30 days for Basic, 90 days for Pro, unlimited for Premium and Enterprise). When you delete your account, we initiate a 30-day grace period during which you can reactivate. After 30 days, all personal data and documents are permanently and irreversibly deleted from our systems, including backups.
6. Your Rights Under GDPR
If you are in the European Economic Area, you have the right to: access your personal data, rectify inaccurate data, erase your data ("right to be forgotten"), restrict processing, data portability (export your data in machine-readable format), and object to processing. To exercise any of these rights, contact us at privacy@inkscribeai.com. We will respond within 30 days.
7. Cookies
Inkscribe AI uses only functional cookies necessary for the operation of our service (authentication, session management, preferences). We do not use advertising or tracking cookies. No third-party advertising cookies are placed on our site. You can manage cookie preferences in your browser settings.
8. Third-Party Services
We use the following third-party services to operate Inkscribe AI: Stripe for payment processing (PCI DSS compliant), Supabase for database and authentication infrastructure, Anthropic for AI document processing (Claude AI), and PostHog for privacy-friendly product analytics. Each provider is contractually bound to protect your data and operates under their own privacy policies.
9. Children's Privacy
Inkscribe AI is not intended for users under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected data from a child under 13, we will promptly delete that information. If you believe a child has provided us with personal data, please contact us at privacy@inkscribeai.com.
10. Contact
For any privacy-related questions, concerns, or requests, please contact our privacy team at privacy@inkscribeai.com. We are committed to resolving any concerns promptly and transparently.