Doqlo Privacy Policy
Last updated: 2026-03-29
This Privacy Policy explains how Doqlo (“Doqlo”, “we”, “us”, or “our”) collects, uses, and protects information when you use our websites, applications, and services (collectively, the “Service”).
Contact: For privacy questions or requests, submit them via the Support page on our website.
If you do not agree with this Privacy Policy, do not use the Service.
1. Privacy-First Summary
Doqlo is designed to minimize data collection.
- We do not permanently store your PDF files.
- We do not store your signatures as a retained dataset or signature library.
- We do not retain the contents of your documents.
- Editing actions (placing signatures, dates, and text overlays) occur in your browser.
- During export, your document may be temporarily transmitted to our servers solely to generate the final output. We do not retain your documents as a long-term stored dataset after processing. Short-lived technical buffers and operational logs may exist as part of normal service operation. Where implemented, temporary retrieval artifacts used to complete requested downloads are access-limited and automatically deleted under our retention controls.
This summary is provided for convenience. The rest of this Policy controls.
2. Definitions
- “Account Data” means information associated with your account (e.g., email, authentication identifiers, subscription status).
- “Document Data” means the PDF content, signatures, and overlays you apply to a document.
- “Usage Data” means service operation signals (e.g., export counters, timestamps, security signals, and diagnostic events) used for plan enforcement, security, and reliability.
- “Service Providers” means vendors we use to operate the Service (e.g., authentication and payment processors, infrastructure providers).
3. Information We Collect
3.1 Account Data (Sign-In)
If you sign in using Google, we receive basic account information such as:
- Name (as provided by Google)
- Email address
- Google account identifier and authentication data necessary to sign you in (for example, tokens)
The exact fields we receive depend on your Google account settings and the sign-in method. We use this information to authenticate you and manage your account.
3.2 Usage Data
We collect limited usage information necessary to operate the Service, including:
- Export counts and plan usage counters
- Subscription status and plan tier
- Basic service telemetry used to keep the Service reliable and secure (e.g., error logs, rate limiting and anti-abuse signals)
This may include technical data such as IP address, device/browser information, and timestamps as part of security and reliability logging.
We do not store document contents or file names as a retained dataset.
3.3 Support Communications
If you submit a support request, we may collect the information you provide (e.g., email, message content, and any attachments you choose to include) to respond and maintain support records. Please avoid sending sensitive personal information or confidential documents unless it is necessary for your support request.
3.4 Information We Do Not Intentionally Collect
We do not intentionally collect sensitive personal information (for example, government identifiers, health data, or payment card numbers). Please do not submit sensitive personal information through the Service.
4. How We Use Information
We use information to:
- Provide and operate the Service
- Authenticate users and manage accounts
- Enforce plan limits and prevent abuse
- Process payments and manage subscriptions
- Maintain security, prevent fraud, and debug issues
- Communicate with you about the Service (e.g., billing notices, support responses)
- Comply with legal obligations
5. Document Processing and File Handling
5.1 Editing in Your Browser
Document editing (placing signatures, dates, and text overlays) occurs in your browser.
5.2 Export Processing on Our Servers
When you export a PDF, your document may be temporarily transmitted to our servers solely to generate the final output.
Application-layer handling:
- We process document data only to generate requested output.
- We do not review your document contents for content analysis purposes.
- We do not retain document contents as a long-term stored dataset after processing.
Infrastructure-layer handling:
- Short-lived technical buffers or transient delivery artifacts may occur during processing and transfer.
- Where implemented, generated export files may be held temporarily for download retrieval (for example, via a time-limited signed link). These temporary retrieval artifacts are access-limited and automatically deleted under our retention controls.
After processing, the generated file is returned to you for download.
5.3 No Sale, No Training Use
We do not sell Document Data. We do not use Document Data to train advertising systems.
6. Payments
Payments are processed by Stripe. We do not store your full payment card details. Stripe may collect and process billing information in accordance with Stripe’s privacy policy.
We may receive limited payment-related information from Stripe (for example, billing status, Stripe customer/subscription identifiers, and the last four digits and brand of a card) to manage subscriptions and support billing.
Billing descriptor: Charges may appear on your statement as “doqlo.com” (or a similar descriptor).
7. Cookies and Similar Technologies
We use cookies and similar technologies (such as local storage or browser storage) to operate the Service. These technologies help us provide core functionality, keep the Service secure, and remember certain preferences.
7.1 What we use them for
We may use cookies or browser storage for purposes such as:
- Essential functionality (e.g., maintaining sign-in sessions, routing requests, and enabling core features)
- Security and abuse prevention (e.g., protecting against fraud, rate limiting, and detecting automated misuse)
- Preferences and UI state (e.g., remembering basic settings or interface choices)
- Reliability and debugging (e.g., short-lived identifiers or flags used to diagnose errors and improve stability)
Some of these technologies are required for the Service to function. If you disable them, sign-in and other core features may not work.
7.2 Advertising and cross-site tracking
Doqlo does not use cookies for targeted advertising, and we do not use our own cookies to track you across other companies’ websites.
If we introduce analytics or advertising-related technologies in the future, we will update this Privacy Policy and, where required, provide appropriate notice and choices.
7.3 Third-party cookies (Google sign-in, payments, infrastructure)
When you choose to sign in with Google, Google may set cookies on its own domains (for example, google.com or accounts.google.com). If you use Stripe-powered checkout or payment pages, Stripe may set cookies on its own domains. These third-party cookies are controlled by the respective providers and are governed by their policies, not ours.
7.4 Your choices
You can control cookies through your browser settings and tools. You can also delete existing cookies at any time. Note that blocking essential cookies may prevent parts of the Service from functioning properly.
8. Data Retention
We retain information only as long as reasonably necessary for the purposes described in this Policy.
- Account Data: retained while your account is active and as needed for billing, compliance, and dispute resolution.
- Usage Data: retained as needed for plan enforcement, fraud prevention, and service reliability.
- Document Data: not retained as a long-term stored dataset. Processing and delivery artifacts are short-lived and automatically deleted under operational retention controls, including technical buffers, operational logs, and, where implemented, temporary retrieval artifacts used only to complete download delivery.
If you request account deletion, we will delete or de-identify Account Data subject to legal, accounting, tax, or fraud-prevention requirements.
9. Sharing and Disclosure
We may share information:
- With Service Providers (e.g., Stripe, authentication providers, hosting/infrastructure providers) to operate the Service
- If required by law, legal process, or government request
- To protect the rights, safety, and security of Doqlo, our users, or the public
- In connection with a corporate transaction (e.g., merger, acquisition), subject to appropriate protections
We do not share Document Data for advertising.
10. Security
We implement reasonable technical and organizational measures designed to protect Account Data and the integrity of our systems. No method of transmission or storage is 100% secure.
Because we do not retain Document Data as a long-term stored dataset, exposure risk is reduced by design, even though limited short-lived processing buffers or temporary download artifacts may exist in the ordinary operation of the Service.
11. International Transfers
Your information may be processed in countries other than your own depending on where our infrastructure and Service Providers operate. We take steps intended to ensure appropriate protections for such transfers.
12. Your Choices and Rights
Depending on your location, you may have rights to:
- Access and correct your Account Data
- Request deletion of your Account Data
- Object to or restrict certain processing
To make a request, submit it via the Support page on our website. We may verify your identity before fulfilling requests.
13. Children’s Privacy
The Service is not directed to children under 13 (or the age required by local law). We do not knowingly collect personal information from children.
14. Changes to This Policy
We may update this Privacy Policy from time to time. The “Last updated” date indicates when the Policy was last revised.
If a change is material, we may provide additional notice (for example, through the Service or by email if associated with your account). Your continued use of the Service after changes become effective constitutes acceptance of the updated Policy.
15. Support
For privacy questions or requests, submit them via the Support page on our website.