Last updated: July 2, 2026

Privacy Policy

This Privacy Policy explains how okdoc (“we”, “us”), operator of okdocai.com, collects, uses and protects personal information when you use the Service. We act as the data controller for account data, and as a processor for the documents you send through the Service.

1. Information we collect

Account data: your name, email and organization details. Document data: the documents you create or upload, recipient names and emails, and signature images. Signing metadata: timestamps, IP addresses and device/user-agent information collected for the audit trail. Payment data: processed by Sumit; we receive confirmation and limited metadata, not full card numbers. Usage data: logs and analytics needed to run and improve the Service.

2. How we use information

We use information to provide the Service, generate and deliver documents, send signing and reminder emails, process payments, maintain the audit trail and legal validity of signatures, prevent abuse, and comply with legal obligations.

3. Legal bases

Where applicable law requires it, we rely on the performance of our contract with you, your consent, our legitimate interests in operating and securing the Service, and compliance with legal obligations.

4. Sharing and sub-processors

We share data with service providers that help us run the Service: Supabase (database and storage), Vercel (hosting), Resend (email delivery), Green API (WhatsApp message delivery, where you enable it), Anthropic (AI document generation) and Sumit (payments). We do not sell your personal information.

5. Data retention

We retain documents and audit records for as long as your account is active and as needed to preserve the legal validity of signed documents, then for the period required by law, after which they are deleted or anonymized.

6. Security

We use encryption in transit, access controls and reputable infrastructure providers to protect your data. Signed documents are sealed with a cryptographic fingerprint. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

7. Your rights

Subject to applicable law, you may access, correct, export or delete your personal data, and object to or restrict certain processing. To exercise these rights, contact hello@okdocai.com. Signers may request information about a document they were asked to sign.

8. International transfers

Our providers may process data outside your country, including in the EU and the US. Where required, we rely on appropriate safeguards for such transfers.

9. Cookies

We use essential cookies needed to sign in and operate the Service, and limited analytics. We do not use advertising cookies.

10. Children

The Service is not directed to children under 18, and we do not knowingly collect their personal data.

11. AI assistants and connected apps (MCP)

You can connect okdoc to AI assistants (such as Claude or ChatGPT) through the Model Context Protocol (MCP). A connection is created only after you explicitly authorize it — by signing in with OAuth or by generating an API key in your dashboard — and it is scoped to your organization only: a connected assistant can access and act on your organization's documents, templates, contacts, business profile, automations and statistics, and can never access data of any other okdoc organization. Read-only API keys limit the assistant to viewing data without making changes.

Your conversations with the assistant are processed by that assistant's provider under its own privacy policy; okdoc only receives the specific tool requests the assistant makes on your behalf and handles them like any other API activity. You can revoke a connection at any time by deleting the API key or disconnecting the connector in Settings, which immediately stops all further access.

12. Contact and changes

For privacy questions or requests, contact hello@okdocai.com. We may update this Policy; material changes will be notified through the Service.

TermsPrivacyHomePrivacy Policy