1. Scope & roles
This policy applies to personal data we process as a data controller for our website visitors, prospects, account administrators, and end users of the Services. When our customers upload documents or configure workspaces containing personal data about their own users or third parties, TempoDocs acts as a data processor; that processing is governed by our Data Processing Addendum and the customer's own privacy notice.
2. Data we collect
We collect the following categories of personal data:
- Account data: name, email, password hash, organization membership, role, profile photo.
- Customer content: documents, extractions, tasks, comments, attachments, and metadata you submit to the Services.
- Usage data: pages viewed, features used, device type, browser, IP address, approximate location, timestamps.
- Authentication & security logs: sign-in events, MFA challenges, password resets, audit events.
- Billing data: company name, billing address, tax ID, invoices. Card numbers are handled by our PCI-DSS Level 1 payment processor and never stored on our systems.
- Support correspondence: messages you send to our team and associated metadata.
3. How we use data
- Provide, operate, secure, and improve the Services.
- Authenticate users, prevent abuse, and detect fraud or unauthorized access.
- Provide customer support and respond to inquiries.
- Send transactional communications (receipts, security alerts, service updates).
- Send marketing communications where permitted; you may unsubscribe at any time.
- Comply with legal obligations and enforce our terms.
We do not sell personal data and we do not use customer content to train third-party AI models.
4. Legal bases (GDPR)
Where the GDPR applies, our legal bases are:
- Contract: to provide the Services you or your organization requested.
- Legitimate interests: to secure, improve, and market our Services in a balanced way.
- Consent: for non-essential cookies and certain marketing where required.
- Legal obligation: to comply with tax, accounting, and law-enforcement requirements.
6. International transfers
Our primary infrastructure is hosted in the United States. Where we transfer personal data out of the EEA, UK, or Switzerland, we rely on the European Commission's Standard Contractual Clauses (2021), the UK IDTA or UK Addendum, and supplemental measures (encryption in transit and at rest, access controls, transparency reporting). EU data residency is available on Business and Enterprise plans.
7. Data retention
We retain personal data only as long as needed for the purposes described above, then delete or de-identify it.
| Category | Retention |
|---|---|
| Customer content (documents, tasks, comments) | Life of account + 7 days grace, then permanently purged |
| Account & profile data | Life of account + 7 days |
| Authentication logs | 12 months |
| Application audit trail | 24 months |
| System & security logs | 12 months |
| Encrypted point-in-time backups | 35 days rolling |
| Billing & tax records | 7 years (statutory) |
| Support tickets | 24 months after resolution |
| Website / product analytics (aggregated) | 14 months |
| Marketing contacts | Until unsubscribe; suppression list retained indefinitely |
| Verified erasure requests | Completed within 30 days |
Enterprise customers may configure shorter retention windows in their DPA.
8. Security
We maintain an information security program aligned to SOC 2 Type II including, without limitation:
- AES-256 encryption at rest, TLS 1.3 in transit.
- Least-privilege access, MFA on all production systems, quarterly access reviews.
- Continuous vulnerability scanning, annual third-party penetration testing.
- Centralized logging, anomaly alerting, and 24×7 on-call response.
- Documented incident-response plan with breach notification within 72 hours where required.
- Annual security training for all personnel.
9. Your rights
Depending on your jurisdiction you may have the right to:
- Access, correct, or delete your personal data.
- Port your data to another service.
- Object to or restrict certain processing.
- Withdraw consent.
- Lodge a complaint with your supervisory authority.
To exercise these rights, email privacy@tempodocs.com. We verify requests against your account and respond within 30 days. End users whose data is processed at the direction of a TempoDocs customer should contact that customer first.
10. CCPA / CPRA disclosures
California residents have the right to know, delete, correct, and limit the use of sensitive personal information, and to opt out of "sale" or "sharing" of personal information. TempoDocs does not sell personal information and does not share personal information for cross-context behavioral advertising. We honor Global Privacy Control signals. To exercise CCPA rights, email privacy@tempodocs.com or use our contact form. You may designate an authorized agent.
11. Children
The Services are intended for use by businesses and individuals 16 years of age or older. We do not knowingly collect personal data from children under 16.
13. Changes to this policy
We will post material changes to this policy here with an updated "Last updated" date and, where required, notify account administrators by email at least 30 days before changes take effect.
14. Contact & Data Protection Officer
TempoDocs, Inc., 548 Market Street, PMB 70210, San Francisco, CA 94104, USA.
Email: privacy@tempodocs.com
EU representative (Art. 27 GDPR): available on request at the address above.
Questions about this document?
Reach our privacy and compliance team at privacy@tempodocs.com.
Contact us