DocGen logoDocGen

Legal

Privacy Policy

Last Updated: 5 March 2026

At DocGen ("DocGen," "we," "our," or "us"), your privacy is critically important to us. This Privacy Policy explains how we collect, use, disclose, and protect personal information when you use our services.

1. Overview

DocGen Private Limited is a B2B artificial intelligence company that builds intelligent software platforms and scalable technology solutions for businesses worldwide. We are committed to protecting the privacy and security of individuals and organizations across all jurisdictions where we operate, including the EU, US, UK, India, the Middle East, and regions across South Asia and East Asia.

2. Information We Collect

2.1 Information You Provide to Us

When you interact with DocGen, we collect information you voluntarily provide:

  • Account Details: Full name, email address, password, phone number, and profile picture or avatar.
  • Professional Information: Job title, organization name, and industry segment.
  • Billing Details: Payment card information, billing address, and transaction history.
  • Content and Communications: Code snippets, documentation drafts, uploaded files, team messages, feedback, and support tickets.
  • Survey or Feedback Data: When you voluntarily participate in user surveys or beta programs.

2.2 Information We Collect Automatically

  • Device Information: IP address, browser type and version, screen resolution, operating system.
  • Usage Data: Timestamped logs of your visits, session durations, buttons clicked, pages viewed.
  • Authentication Metadata: Login history, IP-based geo-location, and session identifiers.
  • Cookies and Trackers: Session cookies, persistent cookies, and web beacons.

3. How We Use Your Information

DocGen processes your personal and project-related information to deliver services, fulfill contractual obligations, enhance platform functionality, maintain compliance, and support our legitimate business interests.

We only process data that is relevant, necessary, and proportionate to the intended purpose, and we do not use it in ways that are incompatible with those purposes.

3.1 Legal Bases for Processing

  • Performance of a Contract: When processing is necessary to deliver the DocGen services.
  • Legitimate Interests: For product improvement, fraud prevention, or internal analytics.
  • Legal Obligations: For compliance with tax laws, regulatory requests, or applicable data protection legislation.
  • Consent: When you explicitly consent to the processing of your data.

4. Third-Party Services and Integrations

DocGen leverages a range of third-party service providers to deliver our product reliably, securely, and at scale. All third parties who process personal data on our behalf are bound by contractual obligations complying with GDPR, UK GDPR, CCPA/CPRA, and DPDP.

5. Cookies and Tracking Technologies

We and our service providers utilize cookies and other tracking technologies to enhance user experience, enable core functionality, and gain insights into how the DocGen platform is used.

  • Strictly Necessary Cookies: Essential to enable core functionality such as user login, authentication, account security, and session management.
  • Performance and Analytics Cookies: Help us understand how users interact with the platform by collecting anonymized metrics.
  • Functional Cookies: Enable the platform to remember preferences such as language, time zone, UI settings.
  • Targeting and Marketing Cookies: May be used, with consent, to deliver tailored content.

6. Data Security and Protection

DocGen is committed to maintaining the confidentiality, integrity, and availability of your data. We implement a combination of technical, administrative, and organizational security measures including:

  • Encryption in Transit and at Rest using TLS 1.2+ and AES-256.
  • Role-Based Access Control (RBAC) restricting access to authorized personnel.
  • Audit Logs and Activity Monitoring for all administrative access and data exports.
  • Data Isolation using secure containers and database tenancy structures.
  • Secure Credential Storage using industry-standard salted hashing algorithms.

7. Data Retention and Deletion

DocGen follows a strict data retention and deletion policy. Key retention periods include:

  • Account credentials and profiles: Until user deletes account or 7 days after inactivity termination
  • Uploaded code, documents, and projects: Up to 7 days after inactivity or deletion request
  • Session metadata and device logs: 30 to 90 days
  • Customer support tickets: 1 year from resolution
  • Billing and transaction records: Minimum 7 years (regulatory compliance)

8. User Rights and Regional Compliance

As a user of DocGen, you have the right to: Access, Rectification, Erasure, Restriction of Processing, Data Portability, Objection to Processing, Withdraw Consent, and Lodge a Complaint with a local data protection authority.

9. International Data Transfers

Your data may be transferred across borders for legitimate purposes. When such transfers are made, DocGen ensures appropriate safeguards including Standard Contractual Clauses (SCCs), Data Processing Addenda (DPAs), and additional technical and organizational safeguards.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last Updated" date at the top. For significant changes, we will provide more prominent notice, such as by email or through an in-app notification.

11. Contact Us

For privacy-related questions or to exercise your rights:

  • Email: support@docgenai.org
  • Address: 3rd Floor, Orchid Center, Golf Course Road, Sector 53, Gurugram, Haryana 122002, IN