The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data is any data that can be used to personally identify you.
Data processing on this website is carried out by the website operator. You can find the contact details in the legal notice of this website.
Your data is collected when you provide it to us (e.g., during registration or when uploading documents). Other data is automatically collected by our IT systems when you visit the website, with your consent.
The controller responsible for data processing on this website is:
Kubilay Top Dallgower Straße 10 14612 Falkensee Germany
Email: support@docusplit.ai
The controller is the natural or legal person who alone or jointly with others determines the purposes and means of processing personal data.
We host our website content with Railway. The provider is Railway Corporation, 548 Market St #36879, San Francisco, California 94104-5401, USA.
For details, please refer to Railway's privacy policy: https://railway.app/legal/privacy. Railway is used based on Art. 6(1)(f) GDPR. We have a legitimate interest in reliable presentation of our website.
The operators of this website take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with statutory data protection regulations and this privacy policy.
We use tools from companies based in the USA or other third countries that are not secure under data protection law. When these tools are active, your personal data may be transferred to and processed in these third countries. We point out that a level of data protection comparable to the EU cannot be guaranteed in these countries. We have agreed Standard Contractual Clauses (SCCs) pursuant to Art. 46(2) GDPR with the providers or they are certified under the EU-US Data Privacy Framework.
Our website uses cookies. Cookies are small data packets that do not cause any damage to your device. They are stored either temporarily for the duration of a session (session cookies) or permanently (persistent cookies). Technically necessary cookies are stored based on Art. 6(1)(f) GDPR. For other cookies (analytics, marketing), we obtain your consent (Art. 6(1)(a) GDPR).
The website provider automatically collects and stores information in server log files that your browser automatically transmits to us. These are: browser type and version, operating system used, referrer URL, hostname of the accessing computer, time of server request, IP address. This data is not merged with other data sources. Collection is based on Art. 6(1)(f) GDPR.
For the anonymous PDF preview feature (without registration), we temporarily store your IP address for a maximum of 24 hours for rate limiting purposes. This protects our servers from abuse. Legal basis: Legitimate interest pursuant to Art. 6(1)(f) GDPR. The IP address is automatically deleted after 24 hours and is not used for any other purposes or merged with other data.
We use CookieHub as our consent management platform. Provider: CookieHub ApS, Ryesgade 7, 2200 Copenhagen N, Denmark.
CookieHub stores your cookie consents and allows you to manage them at any time. The following data is processed: your consent decisions, timestamp of consent, browser information.
Processing is carried out to fulfill legal obligations (Art. 6(1)(c) GDPR) and based on our legitimate interest (Art. 6(1)(f) GDPR). More information: https://www.cookiehub.com/privacy-policy
We use Google Analytics 4 to analyze user behavior on our website – only with your consent.
Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Pseudonymized usage data, IP addresses (automatically anonymized in GA4), device information, browser data, website interactions.
Consent pursuant to Art. 6(1)(a) GDPR and § 25(1) TDDDG. You can revoke your consent at any time via our cookie settings.
Google is certified under the EU-US Data Privacy Framework. Standard Contractual Clauses have also been agreed.
You can prevent tracking by Google Analytics by adjusting your cookie settings or using Google's browser add-on: https://tools.google.com/dlpage/gaoptout
https://policies.google.com/privacy
We use Clerk for user authentication and account management.
Clerk, Inc., 660 King St Unit 345, San Francisco, CA 94107, USA.
The following data is processed during registration and login: email address, password (encrypted), profile information (if provided), login metadata.
Contract performance pursuant to Art. 6(1)(b) GDPR (authentication is necessary to provide our services).
Clerk is certified under the EU-US Data Privacy Framework.
https://clerk.com/legal/privacy
We use the payment service provider Stripe for payment processing.
Stripe Payments Europe, Ltd., 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland. Parent company: Stripe, Inc., 354 Oyster Point Boulevard, South San Francisco, CA 94080, USA.
The following data is transmitted to Stripe during payments: cardholder name, email address, billing address, payment information (credit card data), transaction data.
Contract performance pursuant to Art. 6(1)(b) GDPR.
Stripe is certified under the EU-US Data Privacy Framework and also uses Standard Contractual Clauses.
https://stripe.com/privacy
We use third-party AI services for automatic processing of your PDF documents.
Provider: OpenAI Ireland Limited, 1st Floor, The Liffey Trust Centre, 117-126 Sheriff Street Upper, Dublin 1, D01 YC43, Ireland. The contracting partner for EU customers is OpenAI Ireland Ltd. Data Processing: Your PDF documents are temporarily transmitted to OpenAI for extraction of metadata (invoice numbers, company names, document types). OpenAI stores API data for a maximum of 30 days for abuse detection. Important: Your data is NOT used for training AI models. Legal basis: Contract performance (Art. 6(1)(b) GDPR). Data Processing Agreement: We have concluded a Data Processing Agreement (DPA) pursuant to Art. 28 GDPR with OpenAI Ireland Ltd. Third country transfer: Data transfer to the USA is based on Standard Contractual Clauses (SCCs) pursuant to Art. 46(2)(c) GDPR. OpenAI is also certified under the EU-US Data Privacy Framework. More information: https://openai.com/policies/privacy-policy
We optionally use Anthropic Claude as an alternative AI. Provider: Anthropic PBC, 548 Market St, San Francisco, CA 94104, USA. Your data is NOT used for training. Third country transfer: Standard Contractual Clauses (SCCs), Data Processing Addendum. More information: https://www.anthropic.com/legal/privacy
When using our service, your PDF documents are processed as follows: Documents are only held in memory for the duration of processing (a few seconds), all original files and temporary data are immediately deleted on our servers after processing, extracted metadata (invoice numbers, company names) is only used to create the ZIP file and is not permanently stored, processing takes place via encrypted API connections (TLS 1.2+/HTTPS).
Some of our service providers are based in the USA. We use the following safeguards for transferring personal data to the USA:
Google, Stripe, Clerk, and OpenAI are certified under the EU-US Data Privacy Framework, which ensures adequate protection of personal data.
Additionally, we have agreed Standard Contractual Clauses pursuant to Art. 46(2)(c) GDPR with all US providers.
We have concluded data processing agreements pursuant to Art. 28 GDPR with all service providers who process personal data on our behalf. These agreements govern the obligations of processors to protect your data.
We store your personal data only for as long as necessary for the respective purposes:
Stored for the duration of the contractual relationship and deleted within 30 days after termination, unless statutory retention obligations exist.
Stored for 10 years in accordance with commercial and tax law retention requirements.
Stored only for the duration of processing (a few minutes) and immediately deleted afterwards.
Aggregated for statistical purposes and stored anonymized for 12 months.
You have the following rights regarding your personal data:
You have the right to receive information about your stored personal data.
You have the right to request correction of inaccurate data.
You have the right to request deletion of your data, provided no statutory retention obligations apply.
You have the right to request restriction of the processing of your data.
You have the right to receive your data in a structured, commonly used, and machine-readable format.
You have the right to object to processing at any time for reasons arising from your particular situation.
You have the right to withdraw consent given at any time with effect for the future.
You have the right to lodge a complaint with a data protection supervisory authority regarding the processing of your personal data.
For inquiries regarding your data, please contact:
Email: support@docusplit.ai
We will process your inquiry as quickly as possible, but no later than within one month.
We reserve the right to adapt this privacy policy to ensure it always complies with current legal requirements or to implement changes to our services in the privacy policy. The new privacy policy will apply to your next visit.