Security, Privacy & Memory Boundaries

What DocPro stores

The memory that makes the team work.

To remember your project and pick up where you left off, DocPro stores the working material of your sessions. All of it lives in our database, scoped to your account:

Account basics — your email, name, and phone number. Your phone is used for sign-in verification and the team's voice calls.
Your sessions — the transcripts of your work with the team, and the documents, code, and audio produced in them.
Team memory & project context — what each team member learns about you and each project, so the knowledge carries forward instead of resetting every session.
Calls — metadata about team voice calls, and where applicable their transcripts and recordings.

How it's protected

Secrets encrypted. Accounts isolated.

Every secret is encrypted at rest. Your API keys, connected-service tokens (like GitHub), and any provisioning credentials are encrypted with Fernet (AES-based) symmetric encryption. The encryption key is held outside the database, and rotating it is a supported operation.
Passwords are hashed, never stored. We hash passwords with bcrypt and a per-password salt. We can't read your password, and we never store it in the clear.
Strict per-account isolation. Every request is scoped to your account. The system is built so one user can never reach another's memory, projects, or sessions — it won't even confirm whether another account's data exists.
Encrypted in transit. All traffic to DocPro is served over TLS (HTTPS).

Where the line is

Your conversation content and team memory are stored in our database so the team can recall them — isolated to your account and protected by access controls, but not individually field-encrypted. We encrypt the things that must never leak: keys, tokens, and credentials. We'd rather tell you exactly where that line sits than imply more than we do.

Connected accounts & infrastructure

Used for the moment, then put back encrypted.

When you connect a service like GitHub, that token is encrypted at rest and decrypted only for the moment an action runs — never cached between operations.

You can disconnect GitHub or disable your API key at any time.
Deleting your account removes every stored credential along with everything else.

Your cloud — today, and July 2026

Right now, the team provisions and runs your infrastructure under DocPro's AWS and Cloudflare accounts — the AWS line in your plan is paid to us, in good faith, for the pipes that run your work. You never hold the keys, and you never get a surprise cloud bill. In July 2026, bring-your-own AWS and Cloudflare API keys arrive: run it all under your own accounts and your own billing, whenever you choose to switch.

You're in control

It's your memory. Delete any of it, anytime.

Reset one team member. Delete an individual team member's memory of you and your work.
Delete a project. Remove a project you no longer need.
Erase everything. Delete your entire account behind a one-time code sent to your phone. It runs as a single transaction that removes your memories, sessions, projects, settings, and stored credentials together — all or nothing.

Honest about retention & export

We don't auto-expire your data — it stays until you remove it, because the memory is the whole point. A one-click data export isn't built yet; it's on the roadmap. Until then, deletion is fully in your hands through the controls above.

Sign-in & sessions

Verified, expiring, and revocable.

Multi-factor for sensitive actions. A one-time code sent to your phone gates the things that matter — deleting your account, changing your number.
Expiring sessions. Sign-in sessions expire, and logging out (or changing your password) immediately invalidates every active session everywhere.
Repeated bad logins lock the account to blunt brute-force attempts.

What we don't do

The other half of the promise.

We don't sell your data or hand it to advertisers.
We don't build location or device-fingerprint profiles of you.
We don't store your payment-card details — billing is handled by our payment processor; we keep only a customer reference.

The deal

The team remembers you. You decide what it keeps.

That the team knows your name, your project, and the decision you made last quarter is the product, not a side effect. The deal is simple: it's yours, it's isolated to your account, and you can wipe it whenever you want. If anything here raises a question, ask — a real person answers.

Ask us anything Meet the team

Last reviewed June 2026 · Reflects the platform as it runs today.