Contents
1. Controller 2. What We Collect 3. Your Documents 4. Lawful Basis 5. Cookies 6. Data Sharing 7. Retention 8. Your Rights 9. UK & EU GDPR 10. CCPA / CPRA 11. Security 12. Contact 13. Changes
Legal

Privacy Policy

Last updated: 25 May 2026  ·  Effective: 25 May 2026  ·  Version 1.0

The short version: Your PDF files never leave your device. Ever. All processing happens in your browser. We only collect what's strictly necessary to run accounts and billing — and only if you sign up.

1. Data Controller

DocShift Ltd ("DocShift", "we", "us", "our") is the data controller for personal data processed under this policy.

  • Company: DocShift Ltd
  • Registered in: England & Wales
  • Contact: [email protected]
  • Supervisory Authority: Information Commissioner's Office (ICO), ico.org.uk

2. What We Collect

We only collect personal data when you create an account or contact us. We do not collect data from users who use DocShift without an account.

  • Account data: Email address, encrypted password (if email/password sign-in), name (optional)
  • Billing data: Subscription tier, payment reference (Stripe handles card data — we never see it)
  • Usage data: Tool usage counts (for tier enforcement only, stored locally in your browser)
  • Contact data: Name, email, message content — only when you submit our contact form
  • Analytics: Page views, referrer, country (via Plausible Analytics — anonymised, no cookies, no fingerprinting)

3. Your Documents — We Never See Them

DocShift processes all documents entirely within your browser. Your files are not uploaded to our servers. They are not transmitted over the internet. They are not stored anywhere other than your own device. We are architecturally incapable of accessing your document content.

This means DocShift's document processing cannot constitute a GDPR data processing activity on our part — there is no personal data transferred to us. Users processing documents containing personal data remain the controller of that data at all times.

4. Lawful Basis for Processing

  • Account & billing data — Article 6(1)(b): Processing necessary for performance of a contract
  • Contact form data — Article 6(1)(a): Consent (given at submission)
  • Analytics — Article 6(1)(f): Legitimate interests (improving the service; Plausible is privacy-preserving)
  • Legal compliance — Article 6(1)(c): Processing necessary for compliance with legal obligations

5. Cookies & Local Storage

We use minimal, privacy-respecting cookies. See our full Cookie Policy for the complete inventory. In summary:

  • Essential cookies: Your cookie preference choice, session state. Always active.
  • Analytics (Plausible): Cookieless analytics. Loaded only with your consent. No fingerprinting.
  • Local Storage: Tool usage counts and job history are stored in your own browser's local storage. We cannot access this data.

6. Data Sharing & Third Parties

We do not sell, rent, or trade personal data. We share data only with service providers necessary to operate DocShift:

All providers are bound by data processing agreements. International transfers use Standard Contractual Clauses (SCCs) and, where applicable, the UK International Data Transfer Addendum (IDTA).

7. Data Retention

  • Account data: Retained for the lifetime of your account, plus 30 days after deletion request
  • Billing records: 7 years (UK Companies Act / tax law requirement)
  • Contact form submissions: 12 months from receipt
  • Analytics: Aggregated and anonymised — no personal data retained
  • Document data: Not retained (see section 3)

8. Your Rights

Depending on your location, you may have the following rights over your personal data:

Access
Request a copy of data we hold about you
Rectification
Correct inaccurate or incomplete data
Erasure
Request deletion of your personal data
Portability
Receive your data in a machine-readable format
Restriction
Restrict how we process your data
Objection
Object to processing based on legitimate interests
Withdraw Consent
Withdraw consent at any time without affecting prior lawful processing
Complain
Lodge a complaint with the ICO at ico.org.uk

To exercise any right, email [email protected]. We respond within 30 days as required by UK GDPR.

9. UK & EU GDPR

DocShift complies with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the EU General Data Protection Regulation (EU GDPR 2016/679). If you are located in the EU/EEA and have a complaint that cannot be resolved directly with us, you may lodge it with your local data protection authority.

10. California Privacy Rights (CCPA / CPRA)

California residents have the right to: know what personal information is collected; know whether it is sold or disclosed; opt out of sale; access their information; and non-discrimination for exercising these rights. DocShift does not sell personal information. To submit a California rights request, email [email protected]. We respond within 45 days as required by CCPA.

11. Security

We implement appropriate technical and organisational measures to protect personal data. These include: TLS encryption in transit, encrypted environment variables for all secrets, minimal data collection by design, and access controls on all backend systems.

In the event of a personal data breach affecting your rights and freedoms, we will notify the ICO within 72 hours and affected individuals without undue delay, as required by UK GDPR Article 33.

12. Privacy Contact

For all privacy and data protection enquiries:

13. Changes to This Policy

We will notify you of material changes by email (if you have an account) and by updating the "Last updated" date above at least 14 days before changes take effect. Continued use of DocShift after the effective date constitutes acceptance of the updated policy.

UK GDPR Compliant EU GDPR Compliant CCPA / CPRA Compliant PECR Compliant HIPAA-Safe Architecture