Last Updated: August 28, 2025
Your Data, Your Rules
At Docyt, we believe privacy should be simple:
- Your data belongs to you. We don’t own it.
- Delete it, and it’s gone. If you remove your data, we remove it from our servers.
- Private by default. Nothing you add is public unless you decide to share it.
We built Docyt to make accounting easier, not to snoop on your information.
What We Collect (and Why)
We only collect what’s needed to keep Docyt running smoothly and securely:
- Basic info: your name, email, phone number, profile picture.
- Device details: things like browser type, system version, crash logs — so we can fix problems fast.
- Location: approximate info (via IP or WiFi). GPS only if you give us permission.
- Contacts: if you allow it, we’ll use your contacts to make sharing simpler.
- Files you upload: documents, receipts, reports, images. We store the files, plus basics like file name and size, so you can organize and search them easily.
We also use cookies — the tiny digital reminders that help us remember your preferences and improve your experience.
How We Use Your Data
Here’s how we put your data to work:
- To log you in and deliver the reports and tools you use every day.
- To understand what features are most helpful (using anonymized usage data).
- To keep Docyt secure and block fraud or abuse.
- To send important updates, like product changes or account notices.
No hidden agenda. No surprise usage.
AI and Your Data
Docyt uses Google Cloud Vertex AI (Gemini models) to power certain accounting automations. And here’s the key part:
- Your data is never used to train AI models.
- We’ve set it up for zero retention — no storing your requests or responses.
- Everything is encrypted with customer-managed keys.
- All AI calls are encrypted, and enterprise customers can choose private, extra-secure routing.
In short: you get AI power without giving up control of your information.
How We Keep Things Secure
We take security seriously (without overcomplicating it):
- Sensitive documents and credentials are locked with AES-256 encryption.
- Every connection uses TLS 1.2+ encryption.
- Our team uses multi-factor authentication and role-based permissions.
- Every access to your data is logged and reviewed.
- We maintain SOC 2 Type II compliance — independent proof that our security practices meet strict standards.
Your data is encrypted on your device, in transit, and on our servers.
Your Choices
- Delete files anytime. They’ll be removed from Docyt servers.
- Deactivate your account. Stops new activity but keeps your past records accessible.
- Opt out of marketing emails. Click “unsubscribe” and you’re done.
You’re in control the whole way.
When We Share Data
We don’t sell your information. Ever. We may share limited data in these cases:
- If the law requires it.
- To stop fraud or security threats.
- With trusted vendors (like hosting or payment processors) who work under strict agreements.
- If Docyt merges with or is acquired by another company.
- In anonymized or aggregated form for research or product improvements.
Who Can Use Docyt
Right now, Docyt is available in the U.S. only. If you’re outside the U.S., your data may still be processed here under U.S. laws.
Children’s Information
This service is not intended for individuals under 18. We do not knowingly collect personal information from anyone under 16. Children under 16 should not submit personal information to our Service or Website. If you become aware that a minor has provided us with personal information without parental or guardian consent, please contact us immediately.
Policy Updates
If we make changes, we’ll update this page. Big updates? We’ll give you a heads-up.
Contact Us
Questions or concerns?
privacy@docyt.com
Docyt Inc.
5255 Stevens Creek Blvd, STE 220
Santa Clara, CA 95051, USA
Attention: Privacy
