1. Collection of Your Information
We collect information from and about you to provide, improve, and protect our services.
Personal Data:
- Email address, name, and profile picture (from Google OAuth or other logins)
- Authentication tokens to keep your session secure
- Support contact information
Derivative Data:
- Usage analytics (features used, session duration, etc.)
- Technical data (device, IP, browser)
- Saved link metadata (title, tags, notes)
- Anonymized error logs
2. Data We Access
We only access your data when you request it, such as:
- URLs you save to DoryAI
- Notes or tags you add to links
- Metadata from saved pages (title, description, images)
Data Use Restrictions:
- No AI/ML training on your personal content
- No advertising
- No third-party sharing
- No human review (unless required for support/security with consent)
Your Control:
- Revoke access anytime via your account settings
- Data accessed only when you actively use DoryAI
- Permanent deletion available at your request
3. Use of Your Information
We use your data to:
- Deliver services: save links, generate AI summaries, organize tags and categories
- Manage accounts: authenticate and secure your sessions
- Improve product: fix bugs, refine features, optimize AI performance
- Communicate: send support updates or important product notices
Legal Basis:
- Consent (e.g., OAuth login)
- Contract performance
- Legitimate interest
- Legal obligations
4. Data Sharing and Disclosure
We do not sell or trade your data. We may share with:
Service Providers:
- Cloud infrastructure (AWS, Google Cloud, or similar)
- AI processing (OpenAI or similar, used in real time without storing your personal link data)
Legal Disclosures:
- As required by law
- To protect safety or property
- In legal investigations (with notice if allowed)
Business Transfers:
- In a merger/acquisition, with notice and data control options
We Never:
- Sell your data
- Share with ad networks
- Use your links or notes beyond delivering the service
5. Data Protection and Security
Technical Security:
- TLS 1.3, AES-256 encryption
- End-to-end encryption for sensitive operations
- Role-based access, MFA, least privilege
- Regular audits and penetration tests
Organizational Security:
- Employee training and background checks
- 24/7 security monitoring
- Incident response plans
- 72-hour breach notification window
Security Commitments:
- No long-term storage of deleted links
- AI processing is done in real-time without retaining your private data
- Regular third-party audits
- Secure deletion protocols
6. Data Retention
What We Retain:
- Account data (while account is active)
- Link metadata and summaries (until you delete them)
- Anonymized analytics (90 days)
- Support emails (up to 2 years)
What We Don’t Store:
- Deleted links or notes
- Any data after permanent account deletion
Data Deletion:
- Account deletion: all data removed in 30 days
- Selective deletion: immediate upon request
- Request via email: nmamanipantoja@gmail.com
7. User Rights and Controls
Your Rights:
- Access, correct, delete, restrict processing
- Withdraw consent anytime
- Receive portable copies of your data
- Know who your data is shared with
To exercise your rights, contact: nmamanipantoja@gmail.com. We’ll respond within 30 days.
8. International Data Transfers
DoryAI operates from [Your Country]. Data may be transferred to other countries for processing. Safeguards include:
- Encryption in transit and at rest
- Access controls
- GDPR/UK GDPR compliance for EU and UK users
9. Policy Changes
We may update this policy based on:
- Practice changes
- Feature updates
- Regulatory shifts
- User feedback
When we update: we update the “Last Revised” date and notify users by email (if significant).
10. Contact Information
General Inquiries & Privacy Requests:
- Email: nmamanipantoja@gmail.com
- Response Time: Within 2 business days
Legal Entity:
- Company: Misfit Labs
- Product Name: DoryAI
- Website: doryai.app