Privacy Policy

This Privacy Policy explains what personal data Dokaz collects, how we use it, and the rights you have. It covers the Dokaz application and website.

1. Data we collect

Account data — names, email addresses, and organisation details for you and the users you invite. Service data — the database targets you register, drill results, signed evidence, webhook delivery records, and an immutable audit log. Billing data — a billing contact and subscription status; card details are handled by Stripe and never reach our servers. Technical data — IP address, user agent, and request logs, used for security and diagnostics.

2. Customer database content

The database dumps you register may contain personal data. We process that content only to perform the verification you request, in an isolated sandbox, and we delete the transient working copy as soon as a drill finishes. For this content we act as a processor on your behalf — see our Data Processing Addendum.

3. How we use data

We use personal data to provide and secure the Service, authenticate users, process billing, send transactional email (verification, invitations, drill notifications), prevent abuse, meet legal obligations, and improve the product. We do not sell personal data and we do not use it for advertising.

4. Legal bases

Where the GDPR applies, we rely on: performance of a contract (to provide the Service), legitimate interests (security, abuse prevention, product improvement), legal obligation (tax and accounting records), and consent where specifically requested.

5. Sharing and sub-processors

We share data only with the sub-processors needed to run the Service — listed on our Sub-processors page — and where required by law. We do not otherwise disclose personal data to third parties.

6. International transfers

Where personal data is transferred outside its country of origin, we rely on appropriate safeguards such as the Standard Contractual Clauses with our sub-processors.

7. Retention

Drill evidence and audit logs are retained for seven years to meet auditor requirements. Login-attempt records are kept for 30 days. Transient working copies of your dumps are destroyed as soon as a drill finishes. Account and user records are retained while your account is active and deleted after closure as described below.

8. Security

Passwords are hashed with Argon2id, sessions are protected with secure cookies and CSRF defences, evidence is encrypted at rest with per-account keys, and drills run in isolated ephemeral sandboxes. Access to production data is restricted and audited.

9. Your rights

Depending on your location you may have rights to access, correct, export, or delete your personal data, and to object to or restrict certain processing. You can export everything we hold for your account as JSON from Account → Export, and close your account from Account → Danger zone. Closure is a soft delete followed by a permanent hard delete after a 30-day grace period, which crypto-shreds your evidence encryption keys. To exercise any other right, contact us.

10. Cookies

The application sets only strictly-necessary cookies — see our Cookie Policy.

11. Changes

We may update this Policy; material changes will be notified by email or in the application before they take effect.

12. Contact

Privacy questions or requests: privacy@dokaz.io.