Privacy Policy
Last update: Jul 6, 2024
Our guiding principles for protecting your data:
1. We only collect the minimum necessary to run DocsAutomator’s service.
2. We don’t store the data you’re adding into generated documents and are not able to read that data either.
3. You are always in control of how your data is processed and stored.
4. There is no mechanism for reading or modifying the data stored in any integrated platform / data storage.
5. We never have and never will sell your data.
2. We don’t store the data you’re adding into generated documents and are not able to read that data either.
3. You are always in control of how your data is processed and stored.
4. There is no mechanism for reading or modifying the data stored in any integrated platform / data storage.
5. We never have and never will sell your data.
The following policy lays out:
- a. Identity and accessb. Billing informationc. Access and refresh tokensd. Google Drive / Google Docs access scopee. Product interactions / contentf. Advertising and Cookiesg. List of third-party services (sub-processors)
- How we secure your data
- What your rights are with respect to your data
- Contact
The policy applies to DocsAutomator (docsautomator.co) and all its subdomains and web applications, which are owned and operated by Rupert Arnold Hoffschmidt-McDonnell.
What data we collect and why
DocsAutomator only collects what’s necessary to operate its services and provide a great customer experience. Specifically, we are collecting the following data:
Identity and access
In order to sign up for DocsAutomator, you are providing your email address, your first and last name as well as a password. This is necessary to identify you and grant you access to the system. In addition, the email is used to send transactional emails and, with your permission, marketing emails.
Billing information
If you are signing up for a paid subscription, you are asked for payment details and a billing address to evaluate applicable tax on the invoice. None of these details are stored in DocsAutomator, but are handled by our payment processor Stripe (see below under sub-processors).
Access and refresh tokens
DocsAutomator stores access and refresh tokens on behalf of the user in order to access certain integrations. There is no mechanism in DocsAutomator to use these tokens for anything other than generating documents specified by the user.
Google Drive / Google Docs access scope
DocsAutomator requests access to your Google Drive account to access Google Doc document templates and create and/or add documents to folders in your Google Drive.
Product interactions / application data
DocsAutomator stores your automation configurations such as the automation title, a link to the Google Doc template, mapped fields, etc. Where possible, fields are stored by id and not by name.
Advertising and Cookies
DocsAutomator uses three types of cookies:
1. Tracking of click activity on our websites (Google Analytics)
2. Remembering login information (session cookie)
3. Remembering support chat information (support tool Crisp)
When visiting the site, you have the option to opt out of activity tracking. Please note that two and three are necessary for DocsAutomator to run smoothly. To learn more, please head over to our cookie policy.
1. Tracking of click activity on our websites (Google Analytics)
2. Remembering login information (session cookie)
3. Remembering support chat information (support tool Crisp)
When visiting the site, you have the option to opt out of activity tracking. Please note that two and three are necessary for DocsAutomator to run smoothly. To learn more, please head over to our cookie policy.
List of third-party services (sub-processors)
In order to run DocsAutomator’s services, we are using the following products / services, of which some may be considered “sub-processors” under GDPR.
Product
Company
Purpose
Information collected from DocsAutomator’s users
Render.com
Render Services, Inc.
Server infrastructure (server location is Frankfurt, Germany)
/
MongoDB
MongoDB Limited
Database infrastructure (data stored in the EU in Ireland)
Product interactions / application data
Firebase Storage
Google LLC
File storage(files stored in the EU on Google’s servers)
/
SendGrid
Twilio, Inc.
Sending of transactional and marketing emails
/
Stripe
Stripe, Inc.
Payment infrastructure
/
Crisp
Crisp IM SAS
Support communications
Email address, first name, last name, ip address
Cloudinary
Cloudinary Ltd.
Image processing
/
Google Analytics
Google LLC
Image processing
IP address
Airtable
Formagrid, Inc.
CRM
Email, first name, last name, billing country
How we secure your data
We make sure that the little amount of data that is shared with DocsAutomator is kept safe.
DocsAutomator works exclusively with industry-leading infrastructure, all listed above under “List of third-party services (sub-processors)”. Your application data is backed up every 6 hours and daily backups are retained for 35 days.
We limit access to personal information to our employees, contractors, and agents who require this information to operate, develop, or enhance our service. These individuals are obligated to maintain confidentiality and may face disciplinary actions, including termination and criminal prosecution, if they do not comply with these obligations. For any inquiries regarding the security of your personal information, please contact us using the information provided below.
What your rights are with respect to your data
You have the right to withhold personal information from us, but please note that this may affect your experience on our website. We will not discriminate against you for exercising your rights regarding your personal information. If you do choose to provide us with personal information, you agree that we will collect, store, use, and disclose it in line with this privacy policy. You also have the right to request access to any personal information we hold about you.
In the event that we receive personal information about you from a third party, we will protect it as outlined in this privacy policy. If you are a third party providing personal information about someone else, you must have that person's consent to share their information with us.
If you previously consented to us using your personal information for direct marketing, you can change your decision at any time. We provide the option to unsubscribe from our email list or opt-out of communications. Be aware that we might need specific information from you to verify your identity.
If you think that any information we hold about you is incorrect, outdated, incomplete, irrelevant, or misleading, please contact us using the information provided in this privacy policy. We will take reasonable steps to correct any inaccuracies.
If you believe we have breached data protection laws and wish to file a complaint, please contact us with full details of the alleged breach. We will promptly investigate and respond in writing with the outcome and the steps we will take to address your complaint. You also have the right to contact a regulatory body or data protection authority about your complaint.
Your rights
Right to be informed: You have the right to know which personal information we hold about you. We have laid this out in this privacy policy and will communicate any changes to it.
Right of access: You have the right to access any information we store about you including obtaining the information about how this information is stored, shared and processed.
Right to rectification: You have the right to request a correction / change of personal information.
Right to object to processing: You have the right, in certain situations, to object to how or why your personal information is processed.
Right to restrict processing: You have the right to request restriction on how your data is processed.
Right to data portability: You have the right to request the personal data we store about you in order to transfer it to another service (where applicable). This only includes transferring application data from one account to another.
Right to be forgotten: You have the right to request a complete deletion of your data including from sub-processors / services DocsAutomator works with. Please note that requesting deleting some of the data may only be enforced by deleting your entire account.
Right to not be subject to automated Decision-Making: You have the right to not be subject to decisions made solely based on automated processing, including profiling, which produce legal effects or similarly significant effects concerning you.
Contact
If you have any questions or concerns about our privacy policy, please do not hesitate to contact us at support@docsautomator.co.
