Privacy Policy

Last updated: July 10, 2026

This Privacy Policy explains how doclinth (“we,” “us”) handles information when you use our PDF generation API and dashboard (the “Service”). A defining property of this Service is that it processes yourcustomers’ data on your behalf, so we keep data handling deliberately minimal.

Information we collect

  • Account data: your email address and authentication details, and your plan and billing status.
  • Templates and sample data: the document templates you author and any sample data attached to them are stored in our database so you can edit and reuse them.
  • Generation metadata: for each PDF you generate we store metadata only (status, duration, output size, and error codes). We do not store the document contents or the rendered PDF in these logs.

How the render data payload is handled

For synchronous generation, the data payload you POST to /v1/generate is processed in memory and is not written to our database. When you request asynchronous webhook delivery, the payload is placed in Upstash QStash so a worker can process it. QStash retains the message according to its delivery and retry lifecycle; doclinth does not copy the render payload into its application database.

Generated PDFs are stored only when you request output: "url". In that case the PDF is written to object storage, served via a signed URL that expires after 24 hours, and the expired object is removed by an automated scheduled purge. In the default (binary) mode, the PDF is streamed back to you and never stored.

AI-assisted template authoring

When you use the AI authoring assistant, your prompt and any current template draft are sent directly to third-party AI providers (Google or Anthropic) to generate template HTML. The data you later render into PDFs is never sent to any AI provider.

PDF import

When you choose to import a PDF, we place the original in private object storage, send it to our AI provider only to create an editable template draft, and delete the original when the import finishes or fails (abandoned uploads are purged within 24 hours). We do not retain the source PDF in import logs. If processing is interrupted, a scheduled purge removes abandoned source uploads after their 24-hour cleanup threshold. The imported template and its sample data remain in your account until you delete them or your account.

How we use information

  • to provide, maintain, and secure the Service;
  • to enforce quotas, rate limits, and abuse protections;
  • to process billing through our merchant of record;
  • to communicate with you about your account and the Service.

Subprocessors

We rely on the following subprocessors to operate the Service:

  • Vercel: application hosting;
  • Supabase: database, authentication, and object storage;
  • Fly.io: the PDF rendering service;
  • Upstash: rate limiting and QStash asynchronous job delivery;
  • Dodo Payments: billing (merchant of record);
  • Google and Anthropic: template authoring and the optional PDF-import feature. A PDF import is sent only when you choose to upload one, then the source file is deleted after processing.

Data retention

We retain account data, templates, and generation metadata for as long as your account is active. Signed links for generated PDFs stored under output: "url" expire after 24 hours; an hourly purge removes objects after that retention threshold. Original PDFs uploaded for import are deleted when their import ends, with the scheduled purge as a backstop for interrupted jobs. You may delete templates or your full account from the dashboard; account deletion first confirms that owned private files were removed.

Security

API keys are random high-entropy secrets stored only as one-way SHA-256 hashes. Access to customer data is restricted, template content is sanitized before rendering, and the rendering environment is isolated. No system is perfectly secure, but we work to protect your data using industry-standard measures.

Your rights

Depending on your location, you may have rights to access, correct, export, or delete your personal data. To exercise these rights, contact us at the address below. As a processor of your customers’ data, we act on your instructions; requests from your end users should be directed to you as the data controller.

Changes to this policy

We may update this Policy from time to time. Material changes will be reflected by the “Last updated” date above.

Contact

Questions about privacy? Contact us at privacy@doclinth.com.