We respect your privacy and are committed to protecting your personal data. This privacy policy explains how we collect, use, and safeguard your information.

Data Controller

The data controller responsible for your personal information is:

TechOne CZ s.r.o.

Operating SmartDocto platform

Address: Dělnická 213/12, 170 00 Praha 7, Czech Republic

Company ID: 06010555

Email: privacy@smartdocto.com

What Data We Collect

Personal Information

Name, surname, email address, phone number (optional), and company information you provide when registering.

Usage Data

IP address, browser type, device information, pages visited, time spent on pages, and interaction with the platform.

Documents & Content

Files you upload for processing, extracted data, and any metadata associated with your documents.

Cookies & Analytics

We use cookies for authentication and analytics. You can manage cookie preferences in your browser settings.

How We Use Your Data

Service Provision

To provide AI document processing services, including extracting data, generating outputs, and delivering results via API.

Account Management

Managing your user account, authentication, billing, and subscription.

Communication

Sending service updates, notifications, support responses, and important account information.

Service Improvement

Analyzing usage patterns to improve platform performance, accuracy, and user experience.

Legal Compliance

Complying with legal obligations, preventing fraud, and protecting our rights.

Data Sharing & Third Parties

We do not sell your personal data. We may share data with third parties only in these cases:

AI Service Providers

We use OpenAI models via the Azure AI Foundry platform for document processing. Your data is transmitted securely through encrypted channels and the provider is contractually obligated to protect your information. Data is not stored or used for model training.

Infrastructure Providers

We use cloud infrastructure (Hetzner) hosted in EU data centers for data storage and processing.

Legal Requirements

When required by law, court order, or government regulation.

Your Rights Under GDPR

Right to Access

You can request a copy of all personal data we hold about you.

Right to Rectification

You can correct inaccurate or incomplete personal information.

Right to Erasure ("Right to be Forgotten")

You can request deletion of your personal data. We will permanently remove all your information within 30 days.

Right to Data Portability

You can export your data in machine-readable format (JSON, CSV).

Right to Object

You can object to processing of your data for marketing or analytics purposes.

Right to Lodge a Complaint

You can file a complaint with your local data protection authority if you believe your rights have been violated.

To exercise your rights, contact us at: dpo@smartdocto.com

Data Retention

Active Accounts

We retain your data as long as your account is active and you use our services.

After Account Deletion

Your data is retained for 90 days after account deletion, then permanently deleted. Some data may be retained longer for legal compliance (e.g., invoices for tax purposes).

Backup Data

Backup copies are automatically deleted after 30 days.

Data Security

We implement industry-standard security measures to protect your data:

256-bit SSL/TLS encryption in transit
AES-256 encryption at rest
Continuous security monitoring and audit logging
Role-based access control
Complete audit trail

Changes to This Policy

We may update this privacy policy from time to time. We will notify you of significant changes via email at least 30 days before they take effect. Continued use of our services after changes indicates acceptance of the updated policy.

Questions About Privacy?

If you have questions about this privacy policy or how we handle your data, please contact us: