Privacy Policy

ScribeTools (“ScribeTools,” “we,” “us,” or “our”) provides agentic optical character recognition, document translation, and document processing services through scribetools.com and related applications (collectively, the “Service”). This Privacy Policy describes the categories of information we collect, how we use and protect that information, and the rights you have with respect to it. We are committed to safeguarding the confidentiality of the documents you entrust to us.

This Policy is issued by ScribeTools, a company organized under the laws of the State of Delaware, United States. By accessing or using the Service, you acknowledge that you have read and understood this Policy.

1. Information We Collect

We collect only the information necessary to operate, secure, and improve the Service. The categories of information we collect are described below.

1.1 Account Information

When you create an account, we collect your email address, authentication credentials (which are stored in hashed form by our authentication provider), and any optional profile information you choose to supply. Account records are managed by Supabase on our behalf.

1.2 Customer Content

“Customer Content” means any documents, images, files, prompts, instructions, intermediate processing artifacts, and output files that you upload to or generate through the Service. We treat Customer Content as confidential and process it solely to deliver the Service you have requested.

1.3 Billing Information

Subscriptions, credit purchases, and invoices are processed by Stripe. We do not collect, store, or have access to your full payment card details. We receive only the subscription tier, status, customer identifier, and other limited metadata necessary to provision and bill the Service.

1.4 Usage and Product Analytics

We use PostHog to capture pseudonymous product analytics events — such as sign-ups, job submissions, downloads, and pricing interactions — together with associated technical metadata including IP address, device type, browser, and referring URL. Analytics data is used to operate, secure, and improve the Service.

1.5 Communications

When you contact us through the contact form or otherwise communicate with us, we retain those communications and any information you provide in them so that we can respond to you and maintain support records.

2. How We Use Information

We use the information we collect to:

• provide, maintain, and operate the Service;
• process, store, and deliver Customer Content as you direct;
• authenticate users and protect account security;
• process payments and manage subscriptions;
• respond to your inquiries and provide customer support;
• monitor performance, debug errors, and improve the Service using aggregate or de-identified analytics;
• detect, prevent, and respond to fraud, abuse, and security incidents;
• comply with applicable law, regulation, court order, or other valid legal process.

4. Data Retention

We retain information for as long as is necessary to provide the Service and to comply with our legal obligations.

4.1 Free and Standard Plans

Customer Content uploaded under our Free and Standard subscription plans is retained until you delete the relevant document, output, or your account. We do not impose an automatic time-based deletion on Customer Content for these plans; you remain in control of when your data is removed.

4.2 Enterprise Plans

Customers on Enterprise plans may configure custom data retention windows — including shorter retention periods, automatic deletion schedules, and customer-managed encryption arrangements — pursuant to the terms of their applicable Enterprise agreement.

4.3 Account and Billing Records

Account metadata is retained for the life of your account. Following account closure, account metadata and any remaining Customer Content are deleted within thirty (30) days, except for records we are required to retain to comply with tax, accounting, audit, dispute resolution, or other legal obligations.

6. International Data Transfers

ScribeTools is based in the United States and the Service is primarily operated from infrastructure located in the United States. If you access the Service from outside the United States, your information will be transferred to, stored, and processed in the United States. Where required by law, such transfers are conducted pursuant to appropriate safeguards, including the European Commission’s Standard Contractual Clauses and the United Kingdom’s International Data Transfer Addendum, as applicable.

7. Your Rights

7.1 Rights of Users in the European Economic Area and the United Kingdom

If you are located in the European Economic Area, the United Kingdom, or Switzerland, you have the following rights under applicable data protection law: the right of access, the right to rectification, the right to erasure (“right to be forgotten”), the right to restrict processing, the right to object to processing, the right to data portability, and, where processing is based on consent, the right to withdraw that consent at any time. You also have the right to lodge a complaint with your local supervisory authority.

7.2 Rights of California Residents

If you are a California resident, the California Consumer Privacy Act, as amended by the California Privacy Rights Act (collectively, the “CCPA”), provides you with the right to know what personal information we collect, the right to request deletion or correction of that information, the right to limit the use of sensitive personal information, and the right to non-discrimination for exercising your rights.

We do not sell or share personal information. We do not disclose personal information to third parties for monetary or other valuable consideration, and we do not engage in cross-context behavioral advertising.

7.3 Exercising Your Rights

You may exercise the rights described above by submitting a request through our contact form. We will respond within the timeframes required by applicable law. To protect your information, we may take reasonable steps to verify your identity before honoring a request. You may also designate an authorized agent to act on your behalf, subject to verification.

8. Security

We maintain administrative, technical, and physical safeguards designed to protect personal information and Customer Content against unauthorized access, disclosure, alteration, and destruction. These safeguards include encryption in transit using TLS, encryption at rest, role-based access controls, audit logging, and routine security review. No method of transmission or storage, however, is completely secure, and we cannot guarantee absolute security.

9. Cookies and Similar Technologies

We use a small number of cookies and similar technologies that are strictly necessary to operate the Service — including authentication session cookies set by our authentication provider — together with first-party analytics cookies that help us understand how the Service is used. Where required by law, analytics cookies are set only with your consent. You can control cookies through your browser settings; disabling strictly necessary cookies may prevent the Service from functioning correctly.

10. Children’s Privacy

The Service is not directed to children under the age of sixteen (16), and we do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child without appropriate consent, we will take steps to delete that information.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, our Service, or applicable law. When we make material changes, we will revise the “Last updated” date above and, where appropriate, provide additional notice through the Service or by email. Your continued use of the Service after the effective date of any update constitutes your acceptance of the revised Policy.

12. Contact Us

If you have any questions about this Privacy Policy, our data practices, or your rights, please reach out to us through our contact form. We will respond to legitimate inquiries promptly.

ScribeTools · Delaware, United States