Skip to policy
DOCPRO
  • Platform
  • The Proof
  • Security
  • The Team
  • The Story
  • Audio
  • Get Started
Login
Platform The Proof Security The Team The Story Audio Get Started Login

Privacy Policy

Your data, in plain language.

Last updated: July 13, 2026

DocPro is built on memory — the team remembers your work so it can pick up where you left off. That only earns trust if you can see exactly what we collect, how it's protected, who processes it, and how you remove it. This policy is the plain version. For the line-by-line technical detail — what's encrypted, what stays queryable, and why — see the Security page, which this policy summarizes.

No trackers. This website makes no third-party requests, sets no cookies, and runs no analytics. Fonts and scripts are served from our own servers — nothing you do here is reported to anyone else.

On this page

  1. Who we are
  2. What we collect
  3. How we use it
  4. How it's protected
  5. Service providers & sub-processors
  6. How long we keep it
  7. Your choices & rights
  8. Where your data lives
  9. Children
  10. Changes to this policy
  11. Contact us

1. Who we are

DocPro Cloud (“DocPro,” “we,” “us”) is an independent AI development platform. Our team of persistent AI specialists keeps memory across sessions, ships real code, and can provision cloud infrastructure on your behalf. DocPro is built on Anthropic's Claude and is not affiliated with Anthropic. This policy covers docpro.cloud and the DocPro VS Code extension.


2. What we collect

To remember your project and pick up where you left off, DocPro stores the working material of your sessions. All of it lives in our database, scoped to your account:

  • Account basics — your email, name, and phone number. Your phone is used for sign-in verification and for the team's voice calls.
  • Session content — the transcripts of your work with the team, and the documents, code, and audio produced in those sessions.
  • Team memory & project context — the preferences, decisions, and project details the team records so it can recall them later.
  • Calls — conversation transcripts (stored for memory synthesis), and, for calls that connect, audio recordings where fetched. Call logs are visible to your account's administrators.
  • Credentials you connect — API keys, connected-service tokens (such as GitHub), and any cloud-provisioning credentials you provide. These are encrypted (see below).
  • Payment information — handled by our third-party payment processor. We keep only a customer reference, not your card details.
  • Technical logs — standard web-server and security logs (such as IP address and request metadata) used to operate and protect the service.

We do not sell your data, use it for advertising, or use your content to train DocPro-owned models.

By default, DocPro does not scan or upload your source code. Your code is only read when you paste it, attach it, start a workflow that needs it, or turn on Workspace Indexing (which is off by default).


3. How we use it

  • To provide the service — run your sessions, remember your work across them, produce code and documents, and (when you ask) provision infrastructure.
  • To reach you — the team's voice calls, meeting invites, and follow-ups, and sign-in verification codes, all sent to the phone or email on your account.
  • To bill you — process subscriptions through our payment processor.
  • To keep it secure — detect and prevent abuse, debug problems, and protect the platform and your account.

4. How it's protected

  • Encrypted at rest. Your credentials, conversation content, team memory, and project context are field-encrypted at rest with Fernet (AES-based) symmetric encryption. The encryption key is held outside the database, and rotating it is a supported operation.
  • Passwords hashed, never stored. Passwords are hashed with bcrypt and a per-password salt. We cannot read your password and never store it in the clear.
  • Encrypted in transit. All traffic to DocPro is served over TLS (HTTPS).
  • Isolated per account. Your data is scoped to your account with strict per-account isolation.

Where the line sits, honestly. Two categories are kept in plaintext, and we'd rather tell you exactly where than imply more than we do:

  • Recall metadata — display names, the phone number we match a return call against, and the keyword tags and short summaries the memory index searches. Encrypting these would break search and recall, so they stay queryable behind strict per-account isolation.
  • Call transcripts — stored as plaintext (not field-encrypted like session content) so the team can synthesize them into memory.

The Security page carries the full data table — each data type, whether it's stored, whether it's encrypted at rest, whether it stays searchable, and how you delete it.


5. Service providers & sub-processors

DocPro relies on a small set of service providers to operate. When a task needs model reasoning, your content is sent to the AI provider that performs it — it is not sold, used for ads, or used to train DocPro-owned models.

  • Anthropic (Claude) — performs the core AI work.
  • Google (Gemini) — performs certain AI tasks.
  • Amazon Web Services — hosts the platform and stores media assets.
  • Payment processor — handles billing; receives only what's needed to process payment.
  • Communications providers — Twilio (telephony), ElevenLabs (voice synthesis), and Mailjet (email delivery), which carry the team's phone calls, meeting invites, and notifications.

A current, itemized sub-processor list is available to enterprise customers on request via Contact.


6. How long we keep it

  • Session content, team memory, and project context — kept until you delete them or delete your account.
  • Call audio recordings — cleared automatically about 30 days after the call; the status becomes “expired.”
  • Full call records (including transcripts) — deleted at 90 days, or when you delete your account.
  • Produced audio (such as Morning Read and Studio audio) — retained until you delete your account.
  • Backups. Deletion removes data from our live systems immediately, but disaster-recovery snapshots may still contain deleted data until those snapshots expire. Current backup retention window: 7 days.

7. Your choices & rights

Deletion is in your hands. From your account you can delete a single team member's memory, an individual project, or your entire account — each confirmed behind a phone code (multi-factor). Account deletion runs as one all-or-nothing transaction across your memories, sessions, projects, settings, and credentials. It is permanent — there is no recovery (subject only to the short backup window above).

Honest limits. A one-click data export isn't built yet. If you need a copy of your data, contact us and we'll help.

Depending on where you live, you may have additional rights — to access, correct, port, or delete your personal data, or to object to certain processing. To make a request, contact us using the details in the Contact section below; we'll verify your identity and respond within the timeframe the applicable law requires.


8. Where your data lives

DocPro is hosted on Amazon Web Services in the United States. If you access DocPro from outside the United States, your information will be processed in the U.S. and in the regions where our service providers operate.


9. Children

DocPro is a professional development tool and is not directed to children. We do not knowingly collect personal information from anyone under 16. If you believe a child has provided us information, contact us and we'll delete it.


10. Changes to this policy

If we change how we handle your data, we'll update this page and the “Last updated” date above. Material changes will be communicated through the platform.


11. Contact us

Questions about this policy, or a request about your data? Email info@docpro.cloud or reach us through the Contact page. For the technical detail behind everything here, see Security.

DOCPRO

© 2024–2026 DocPro Cloud. All rights reserved.

Contact Privacy Terms Security Releases For IT Glossary

Independent platform, not affiliated with Anthropic. Built on the Claude API.