Docz.me

Privacy Policy

Last updated: April 11, 2026

Docz.me is a tool for freelancers to organize contracts, invoices, time entries, and client records. This policy explains what information we collect, why we collect it, how we use it, and the choices you have. We keep it plain-language on purpose.

The short version

We collect the minimum information needed to run your account and store the work you put into Docz.me. We do not sell your data, we do not use it to train advertising models, and we do not share it with third parties except to run the service you pay for.

Docz.me is not a payment processor. We help you record that a client paid you, but we do not move money, hold funds, or touch credit card networks on your behalf.

Who we are

“Docz.me,” “we,” “us,” or “our” refers to the small team that operates docz.me and provides the document and invoicing tools described in this policy. The project started in 2016 as a tool our founder built for their own freelance work and has been in continuous, if sometimes quiet, use ever since.

If you are using a self-hosted installation of Docz.me on your own infrastructure, the operator of that installation is the data controller, not us.

What we collect

Account information

When you create a Docz.me account we store your email address, a display name, and a password stored as a one-way cryptographic hash (argon2id). We never store your plain-text password.

Content you create

Anything you put into Docz.me — contracts, invoices, client records, time entries, notes, and uploaded documents — is stored so you can come back to it. This is your content; we hold it on your behalf.

Usage and log data

We keep basic logs (IP address, user agent, timestamps, and which routes you hit) so we can keep the service running and investigate abuse. Logs are retained for a limited period and then deleted.

What we don't collect

We do not collect payment card information from you or from your clients. We do not receive, store, or transmit credit card numbers. We are not in the path of any payment your clients make to you.

How we use your information

We use what we collect to:

  • Run your account and authenticate you when you sign in.
  • Store and retrieve the contracts, invoices, and documents you create.
  • Send important operational emails (password resets, security alerts, account notices).
  • Detect abuse and enforce our Terms.
  • Improve the product based on aggregated, non-personal usage patterns.

We do not use your content to train machine learning models, serve ads, or build profiles about you.

When we share information

We share information only with service providers we need to run Docz.me — for example, a hosting provider, an email delivery service, or an error-tracking service. These providers are bound by contract to handle your information only as we instruct them.

We may also disclose information if we're legally required to (for example, in response to a valid subpoena), or to protect the rights and safety of our users and the public.

We do not sell your personal information to anyone.

How long we keep your data

We keep your account data for as long as your account is active. If you delete your account, we delete your personal information and the content you created within 30 days, except for information we are legally required to retain.

Encrypted backups may persist for a short period after deletion, but are automatically rotated out and are not used for day-to-day access.

Your rights and choices

Depending on where you live, you may have the right to access, correct, export, or delete the personal information we hold about you. You can export your content from within Docz.me at any time, and you can delete your account from your settings or by contacting us.

If you have questions about your rights under GDPR, CCPA, or any other privacy law, email us and we'll respond within a reasonable time.

Security

Security is covered in detail on our Security page. In short: we encrypt data in transit, we hash passwords with argon2id, we rate-limit sign-in attempts, and we run regular backups. No system is perfectly secure, but we take this seriously.

Cookies

Docz.me uses a small number of cookies, almost all of them strictly necessary to keep you signed in. See our Cookie Policy for details.

Changes to this policy

We may update this policy as the product evolves. When we make material changes, we'll let you know in-app or by email. The “last updated” date at the top always reflects the most recent revision.

Contact

Questions about this policy, or about the data we hold on you? Email privacy@docz.me.