RedactProof RedactProof
Get started

Privacy Policy

Last updated: Feb 20, 2026

1. Introduction

This Privacy Policy explains how RedactProof (operated by Popsall Ltd) ("we", "us", or "our") collects, uses, and protects your personal data when you use RedactProof ("the Service").

2. Our Privacy-First Approach

RedactProof is designed with privacy at its core. Our standard AI detection runs entirely within your browser - your documents and text never leave your device. Pro and Team subscribers can optionally enable the Pro Detection Engine, which sends extracted text (not your files) to Cloudflare for enhanced detection. Your files never leave your device. See Pro Detection Engine processing details below.

What this means for you:

  • Your documents never leave your device
  • Standard Engine processes everything in your browser's volatile memory - nothing is written to disk, local storage, or cache. Data exists only for the duration of your browser session.
  • Pro Detection Engine sends only extracted text (not files) to Cloudflare for inference - it is not stored as document content and is not used for training
  • Tamper-evident certificates store a cryptographic hash of your redacted document on our servers - this hash cannot reveal document content but can verify the document has not been altered

Pro Detection Engine processing details: When Pro Detection Engine is enabled, extracted text from your document is transmitted over TLS to Cloudflare Workers AI, which acts as a service provider on our behalf for the purpose of inference processing. To the best of our knowledge and based on Cloudflare's published commitments, the text is processed in memory for inference only, with no persistent storage of your content by Cloudflare. Inference inputs are not retained after the response is returned and are not used for model training. We do not log, cache, or store the text content transmitted for inference on our infrastructure. Cloudflare's handling of inference data is governed by their Workers AI data handling commitments.

We reserve the right to change the provider used for AI inference processing. Any such change will be reflected in this Privacy Policy, and we will notify you of material changes via the email address associated with your account and, where practicable, by notice within the Service.

3. Data We Collect

3.1 Account Information

When you create an account, we collect:

  • Email address: For account authentication and communication
  • Display name: If provided, for personalisation
  • Authentication provider data: Google account identifier if using Google sign-in

3.2 Subscription and Payment Data

If you subscribe to a paid plan, our payment processor (Stripe) collects:

  • Payment method details (card number, expiry, CVC)
  • Billing address and email
  • Transaction history and subscription status

We do not store payment card details on our servers. Payment processing is handled entirely by Stripe under their PCI DSS certification.

3.3 Service Usage Data

  • Certificate verification requests (document hash, timestamp - no document content)
  • Feature usage statistics (anonymised)
  • Error logs and performance metrics

3.4 What We Do NOT Collect

  • Document content: Your files are never uploaded to our servers
  • Document metadata: File names, page counts, and other metadata remain on your device
  • Redaction selections: Your redaction choices are processed locally
  • AI detection results: Our detection model identifies potentially sensitive information (PII). No customer documents are ever used for model training or improvement. All detection happens in your browser.

4. How We Use Your Data

We use your personal data for:

  • Service delivery: Account management, authentication, and subscription management
  • Communication: Service updates, security notices, and billing communications
  • Security: Fraud prevention, abuse detection, and protecting our infrastructure
  • Legal compliance: Responding to legal requests and fulfilling regulatory obligations
  • Service improvement: Analysing anonymised usage patterns to improve the Service (no document data is used)

5. Data Sharing

We do not sell your personal data. We share data only with:

  • Stripe: Payment processing (as a service provider under contract)
  • Cloudflare: Infrastructure provider for hosting, security, and CDN services (as a service provider under contract)
  • Resend: Transactional email delivery (as a service provider under contract)
  • Law enforcement: Only when required by valid legal process (court order, subpoena, or equivalent)

All service providers are bound by contracts that restrict their use of your data to the services they provide to us.

6. Data Retention

  • Account data: Retained while your account is active and for 30 days after deletion request
  • Payment records: Retained for 7 years as required by tax and financial regulations
  • Certificate data: Cryptographic hashes retained for the duration of your subscription plus 1 year
  • Usage analytics: Anonymised data retained for up to 2 years
  • Email communications: Delivery logs retained for 30 days

After the retention period, data is permanently deleted or irreversibly anonymised.

7. Your Rights

You have the right to:

  • Access: Request a copy of your personal data
  • Correction: Request correction of inaccurate data
  • Deletion: Request deletion of your account and personal data
  • Portability: Receive your data in a structured, machine-readable format
  • Opt-out: Unsubscribe from non-essential communications

To exercise these rights, contact us at privacy@redactproof.com. We will respond within 30 days.

8. US State Privacy Rights

8.1 California (CCPA/CPRA)

If you are a California resident, you have additional rights:

  • Right to know: What personal information we collect, use, and disclose
  • Right to delete: Request deletion of your personal information
  • Right to opt-out of sale: We do not sell personal information
  • Right to non-discrimination: We will not discriminate against you for exercising your rights
  • Right to correct: Request correction of inaccurate personal information
  • Right to limit use of sensitive personal information: We do not use sensitive personal information for purposes beyond what is needed to provide the Service

To submit a verifiable consumer request, contact privacy@redactproof.com. You may also designate an authorised agent to submit requests on your behalf.

8.2 Other US States

Residents of Virginia, Colorado, Connecticut, Utah, and other states with consumer privacy laws may have similar rights. Contact us to exercise your rights under applicable state law.

8.3 Do Not Track / Global Privacy Control

We honour the Global Privacy Control (GPC) signal. If your browser sends a GPC signal, we treat it as a valid opt-out request.

We do not currently respond to Do Not Track (DNT) browser signals as there is no industry-standard interpretation.

9. Canadian Privacy Rights (PIPEDA)

If you are a Canadian resident:

  • You have the right to access your personal information and challenge its accuracy
  • We will obtain meaningful consent before collecting, using, or disclosing your personal data
  • You may withdraw consent at any time, subject to legal or contractual restrictions
  • To make an access request or file a complaint, contact privacy@redactproof.com
  • You may also file a complaint with the Office of the Privacy Commissioner of Canada at priv.gc.ca

10. International Data Transfers

Your data may be processed in:

  • United Kingdom: Where Popsall Ltd is incorporated
  • European Union/EEA: Via Cloudflare's European infrastructure
  • United States: Via Cloudflare's global CDN and Stripe's payment processing

For transfers from the UK/EEA, we rely on Standard Contractual Clauses (SCCs) and adequacy decisions where applicable. For transfers from Canada, we ensure an equivalent level of protection as required by PIPEDA.

11. Cookies and Tracking

The Service uses minimal cookies:

  • Session cookies: Maintain your authenticated session
  • Preferences: Your settings and UI preferences

All cookies we use are strictly necessary for the Service to function. We do not use advertising cookies, analytics cookies, or third-party tracking pixels. No cookie consent banner is required because all our cookies fall under the "strictly necessary" exemption.

12. Security Measures

We implement appropriate technical and organisational measures to protect your personal data:

  • Client-side architecture: Documents are processed entirely in your browser and never transmitted to our servers
  • Encryption in transit: All communications between your browser and our services are encrypted using TLS 1.2 or higher
  • Infrastructure security: Our backend is hosted on Cloudflare Workers, which provides built-in DDoS protection, network-level isolation, and automatic security patches
  • Authentication security: User passwords are never stored. We use magic link and OAuth authentication. JWT access tokens expire after 15 minutes with 7-day refresh tokens
  • Payment security: All payment processing is handled by Stripe, which is PCI DSS Level 1 certified. We never store or process payment card details on our servers
  • Backup and non-content data: Account data, billing records, and system logs stored outside of your browser are protected by encryption and access controls consistent with the measures described above
  • Incident response: We maintain procedures for identifying, assessing, and responding to security incidents affecting personal data
  • Vulnerability management: We monitor for known vulnerabilities in our dependencies and infrastructure and apply patches and updates on an ongoing basis

We review our infrastructure and application security on an ongoing basis. While no system can guarantee absolute security, our client-side processing architecture significantly reduces risk by ensuring your document content does not transit or reside on our servers.

13. Data Breach Notification

In the event of a security breach involving your personal information, we will notify affected individuals and relevant authorities within the timeframes required by applicable state law.

Notification will be sent to the email address associated with your account and will include: the nature of the breach, the categories of data affected, and the steps you can take to protect yourself.

If you are a California resident, we will comply with the notification requirements of the California Consumer Privacy Act and California Civil Code section 1798.82.

14. UK/EU Users

If you are located in the UK or EU, you have additional rights under UK GDPR and EU GDPR including the right to restriction, objection, and the right to lodge a complaint with the ICO (ico.org.uk) or your local EU supervisory authority. Please see our UK Privacy Policy for full details.

15. Children's Privacy

The Service is not intended for users under 18 years of age. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.

16. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email or through the Service. Your continued use of the Service after changes take effect constitutes acceptance of the updated policy.

17. Contact Us

For privacy-related questions or to exercise your data rights:

Email: privacy@redactproof.com

Operator: RedactProof (operated by Popsall Ltd) 3rd Floor, 86-90 Paul Street, London, England, EC2A 4NE Company No. 16953262, registered in England and Wales