Privacy Policy

Last updated: March 31, 2026

1. Data Controller

Aime Yonkeu
Contact: support@doc-pilot.app

2. What data is processed?

Account data: Email address and password (stored encrypted via Supabase Auth).

Documents: Documents you upload or scan (PDFs, photos). These are stored locally on your device by default.

Analysis results: Extracted text, classification, summary, reply draft. Stored locally.

Cloud backup (optional): When enabled, documents and metadata are backed up client-side encrypted to Supabase Storage.

3. How is data processed?

• Text recognition (OCR): Photos are sent to Google Cloud Vision API for text extraction.
• AI analysis: Extracted text (max 6000 characters) is sent to OpenAI API for analysis. OpenAI does not use API data for model training.
• Local storage: Original documents and analysis results are stored in a local SQLite database on your device.
• Cloud backup: Optional and client-side encrypted. The cloud provider cannot read the contents.

4. Camera Access

The app uses the camera exclusively for scanning documents. Photos are not shared or uploaded without your consent.

5. Third-party Services

• Supabase (Auth, Database, Storage) - GDPR compliant
• Google Cloud Vision (OCR) - for text extraction from photos
• OpenAI (AI analysis) - for document analysis
• RevenueCat (In-app purchases) - for subscription management

6. Data Security

• Encrypted data transmission (TLS/HTTPS)
• Client-side encryption for cloud backups
• Biometric authentication (optional)
• API keys are stored server-side

7. Your Rights (GDPR)

• Access: You can request information about your stored data at any time.
• Deletion: You can delete your account and all data at any time in the app settings.
• Data export: Your documents can be exported at any time via the share function.
• Withdrawal: You can withdraw your consent to data processing at any time.

8. Contact

For privacy questions: support@doc-pilot.app