Privacy Policy

We use information to:

• Provide, maintain, and improve the Service (including document viewing and annotation).
• Authenticate users, manage accounts/workspaces, and enforce permissions.
• Enable collaboration features (comments, activity history, notifications).
• Integrate with third-party services you enable (e.g., Google Drive).
• Monitor, prevent, and detect fraud, abuse, security incidents, and other harmful activity.
• Comply with legal obligations and respond to lawful requests.

We do not sell your personal information. We may share information in the following situations:

• Within your workspace: content and account details may be visible to other members as required by collaboration, permissions, and administrator settings.
• Service providers: hosting, database, analytics, and email providers that help us operate the Service (subject to confidentiality).
• Third-party integrations: when you connect the Service to Google Drive or other providers, we share data only as necessary to perform the integration.
• Legal and safety: to comply with law, enforce agreements, or protect rights, safety, and security.
• Business transactions: if we are involved in a merger, acquisition, or sale of assets, information may be transferred as part of that transaction.

If you enable Google Drive integration, the Service may access Google user data as authorized by you via Google OAuth (for example, to list folders/files, import documents, export annotated documents, or sync document metadata).

Doc360’s use of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

• We use Google user data only to provide or improve user-facing features that you request, such as importing/exporting documents between Doc360 and Google Drive.
• We do not use Google user data for advertising, profiling, or sale of data.
• We do not transfer Google user data to third parties except as necessary to provide or improve the user-facing features of the Service, to comply with law, or as part of a business transaction.
• You can revoke access at any time from your Google Account security settings. After revocation, the Service will no longer be able to access Google Drive unless you reconnect.

We retain information for as long as necessary to provide the Service, comply with legal obligations, resolve disputes, and enforce agreements.

Workspace administrators may be able to delete documents, users, and other content. Deletion may not immediately remove all copies from backups or logs, but we maintain controls to limit access and to purge data in accordance with our retention schedules.

We implement administrative, technical, and organizational measures designed to protect data, such as access controls, least-privilege practices, encryption in transit, and monitoring. No method of transmission or storage is 100% secure.

Depending on your location, you may have rights to access, correct, export, or delete your personal information, and to object to or restrict certain processing.

To exercise rights, contact us at support@doc360.app. If you are part of a workspace, we may direct you to your administrator where appropriate.