At Docsora, we prioritize your privacy. This Privacy Policy explains how we collect, use, and protect your information when you use our services. We comply with international data protection standards to ensure your data is safe with us.
Last Updated: 15th September 2025
Your privacy is important to us. At Docsora Technologies LLC Fz ("Docsora," "we," "us," or "our"), protecting your privacy, personal data, and the integrity of your documents is our top priority. This Privacy and Data Privacy Policy applies to all users of our enterprise-grade document management and workflow platform, including websites, applications, APIs, and related services (collectively, the "Services").
This Policy explains in detail how we collect, process, store, secure, and transfer personal and usage data, including data processed through AI-powered features. It also informs you of your rights and how Docsora complies with global privacy obligations, including the European Union's General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable international laws. By using Docsora, you consent to the practices described in this Policy. If you do not agree, you must cease using the Services and delete any related software or data.
This Policy applies to all users, customers, visitors, and other individuals whose data we collect in connection with the Services. It governs all personal data collected directly or indirectly and complements other service-specific agreements, terms of use, and policies. The Policy ensures that you are fully informed about how we manage and protect your personal information when interacting with Docsora.
For clarity, the following definitions apply throughout this Policy. "Personal Data" refers to any information that identifies or can identify an individual, directly or indirectly, including names, contact details, payment information, IP addresses, device identifiers, and uploaded file metadata. "Processing" encompasses any operation performed on Personal Data, such as collection, storage, use, disclosure, or deletion. "Data Controller" is Docsora, which determines the purposes and means of processing, while "Data Processor" is a third party engaged to process data on our behalf under strict contractual obligations. "Data Subject" refers to the individual whose personal data is being processed.
Docsora collects only the personal data necessary to provide, secure, and improve our Services. This includes account and identity information, such as your full name, username, contact details, authentication credentials, and billing information. We also collect usage and technical data, including IP addresses, device and browser information, operating system versions, and logs of interactions with the Services.
When you upload files to Docsora, we collect metadata including file names, size, type, timestamps, and language metadata when relevant for translations or AI-powered features. Additionally, we record communications with our support team, your marketing preferences, and opt-in/opt-out choices. Aggregated or anonymized data may also be collected to improve the platform and support analytics or product development.
Docsora does not claim ownership over the content of files you upload. The contents of your documents remain your sole property. We only process them to provide the Services you request (e.g., storage, transfer, signing, translation, or AI-powered checks) and never use them for advertising, resale, or unrelated purposes.
The data we process comes primarily from three sources. First, data you provide directly when registering an account, subscribing to Services, contacting support, or uploading content. Second, data collected automatically through your interactions with the platform, including logs, device identifiers, and cookies. Third, information obtained from trusted third-party sources for identity verification, payment processing, or other legitimate purposes, always under strict contractual confidentiality and security commitments.
We process personal data solely for legitimate purposes necessary to deliver and improve our Services. These purposes include creating and managing your account, processing payments, preventing fraud, delivering requested Services, improving platform security and functionality, communicating important announcements, and complying with legal and regulatory obligations.
Under GDPR, lawful processing is based on consent, contract performance, legitimate interests, and compliance with legal obligations. For CCPA and similar laws, processing is based on business necessity and your rights to opt out where applicable. All processing is conducted with transparency, fairness, and accountability.
To operate the Services efficiently and securely, Docsora engages only trusted third-party service providers. These include cloud storage and infrastructure providers, payment processors, email and notification delivery systems, AI and machine learning service providers, and security monitoring partners. All processors are contractually obligated to handle data only as necessary and to maintain security standards consistent with industry best practices.
Docsora employs only essential cookies and minimal tracking mechanisms necessary for authentication, session management, and secure operation of the platform. Anonymous analytics tools may be used to improve performance and user experience, but we do not use cookies or tracking for advertising, behavioral profiling, or marketing purposes. Users may disable cookies via browser settings; however, some Services may be affected if cookies are turned off.
We retain personal data only as long as necessary to fulfill the purposes outlined in this Policy, comply with legal obligations, or protect our legitimate business interests. Account data and payment records are retained in line with financial and tax regulations. Uploaded file metadata is stored to support platform functionality, and communication records are retained for a reasonable period to assist with support inquiries and compliance audits. Requests for account closure or data deletion are carefully reviewed and verified, and may be retained when legally required or to protect against fraud and disputes.
Depending on your jurisdiction, you have comprehensive rights regarding your personal data. These include the right to access, correct, or delete your data, restrict or object to processing, request data portability, withdraw consent, and lodge complaints with supervisory authorities. All requests should be submitted via contact@docsora.com, and identity verification may be required to protect your data. We commit to handling all requests promptly, transparently, and securely.
Docsora implements robust technical and organizational measures to protect your data from unauthorized access, alteration, disclosure, or destruction. These measures include strong encryption for data at rest and in transit, multi-factor authentication, strict access controls, continuous monitoring, regular penetration testing, and independent security audits. Staff are trained on confidentiality and data protection practices, and data is anonymized or pseudonymized wherever possible. While we take extensive precautions, no system can guarantee absolute security, and residual risk remains.
Personal data may be transferred and processed outside your country of residence, including in the United Arab Emirates, the United States, and other jurisdictions. All transfers comply with applicable legal safeguards such as Standard Contractual Clauses, Binding Corporate Rules, or adequacy decisions to ensure consistent protection of your privacy rights.
Docsora strictly prohibits the use of our Services by individuals under the age of 16. Users who are 16 years of age or older may access and use our platform independently. Individuals under 16 in jurisdictions where parental consent is required must obtain verifiable parental or guardian consent prior to using our Services. We do not knowingly collect personal data from children under 16, and if we become aware that such data has been collected without proper consent, we will promptly delete it. If you believe that we have unknowingly collected any Personal Information from someone under the age of sixteen (16), please contact us immediately at contact@docsora.com and the information will be deleted.
In the unlikely event of a data breach affecting your personal data, Docsora has a comprehensive incident response plan to contain, remediate, and notify affected users and regulators promptly. Notifications will provide details about the breach, potential risks, and mitigation steps.
Docsora may update this Policy to reflect changes in legal requirements, industry standards, technological advances, or business practices. Material changes will be communicated via email or platform notifications. Continued use of the Services following updates constitutes acceptance of the revised Policy.
To further protect our users and business, Docsora conducts regular compliance audits, ensures AI and machine learning features are transparent and privacy-safe, uses anonymized data for analytics whenever possible, documents and reviews retention schedules, and requires binding obligations for successor entities in the event of a merger or acquisition. Logging and monitoring procedures support rapid fraud detection and security incident investigation.
For privacy inquiries, data deletion requests, or concerns about data processing practices, please contact our Data Protection Officer:
Email: contact@docsora.com
Address: Meydan Grandstand, 6th floor, Meydan Road, Nad Al Sheba, Dubai, U.A.E.