Privacy Policy

1. Who We Are

DecodifAI (“we”, “us”, “our”) is an AI-powered document analysis service operated at decodifai.site. We help individuals and businesses understand legal documents, contracts, and leases by providing plain-language summaries, risk assessments, and actionable insights.

2. Information We Collect

We collect the following types of information:

• Account information: Your name, email address, and hashed password when you sign up, or your Google profile information if you use Google Sign-In.
• Documents you upload: Files you submit for analysis are stored securely in encrypted cloud storage. We process these documents solely to provide you with our analysis service.
• Payment information: Payments are processed entirely by Stripe. We never see, store, or have access to your full card details. We only store transaction references and plan information.
• Usage data: We use Google Analytics to collect anonymised browsing data (pages visited, time on site) to improve our service.

3. How We Use Your Information

• To provide and improve our document analysis service.
• To manage your account and process payments.
• To send you essential service communications (e.g., email verification, payment confirmations).
• To maintain the security and integrity of our platform.

We will never sell, rent, or share your personal information or documents with third parties for marketing purposes.

4. Document Privacy

Your documents are private. They are stored in encrypted cloud storage and are only accessible to your account. Documents are processed by our AI analysis system to generate your results. We do not read, review, or share your documents with any human or third party. You can delete your documents at any time.

5. Third-Party Services

We use the following trusted third-party services:

• Stripe — for secure payment processing. Stripe Privacy Policy
• Google — for optional Google Sign-In authentication and Google Analytics. Google Privacy Policy
• Abacus.AI — for hosting and AI processing infrastructure. Abacus.AI Privacy Policy

6. Data Security

We take the security of your data seriously. All data is transmitted over HTTPS. Passwords are hashed using bcrypt. Documents are stored in encrypted cloud storage with private access controls. Payment data is handled entirely by Stripe’s PCI-DSS Level 1 certified infrastructure.

7. Data Retention

We retain your account data and documents for as long as your account is active. If you delete your account, we will remove your personal data and documents within 30 days. Payment records may be retained longer as required for tax and legal compliance.

8. Your Rights

Under UK GDPR, you have the right to:

• Access the personal data we hold about you.
• Request correction of inaccurate data.
• Request deletion of your data.
• Withdraw consent for data processing.
• Lodge a complaint with the Information Commissioner’s Office (ICO).

9. Cookies

We use essential cookies for authentication and session management. We also use Google Analytics cookies to understand how visitors use our site. You can disable non-essential cookies in your browser settings.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any significant changes by posting a notice on our website. Continued use of the service after changes constitutes acceptance of the updated policy.

11. Contact Us

If you have any questions about this Privacy Policy or how we handle your data, please contact us at [email protected].