Legal

Privacy Policy

What PolDex collects, how operational data is handled, and how customer content is separated from the extraction request.

Effective date: 1 February 2024 - Last updated: 24 April 2026

1. Scope

This Privacy Policy covers (a) PolDex Inc. ("PolDex", "we") as a company operating the PolDex extraction API infrastructure, and (b) personal data collected in connection with operating that service.

This policy does not cover data that customer organisations submit through the API for processing. That data is governed by our Data Processing Agreement.

2. Data Collection

We collect:

  • Contact email address provided at API key initialisation
  • Organisation name
  • API key metadata (issuance timestamp, prefix hash, rotation history)
  • Job metadata (job ID, status, schema, processing timestamps)
  • Credit and billing transaction records
  • Webhook delivery attempt logs (endpoint URL, delivery status, retry count)
  • Standard server logs (IP address, user agent, request path, HTTP status)

3. Customer Content vs Operational Data

Customer content means the documents and document URLs submitted for extraction, and the structured extraction output produced from them.

Operational data means the rest: job metadata, billing records, log entries, and API key metadata.

Customer content is not used to operate, improve, or train PolDex systems beyond the specific extraction request it was submitted for. Customer content is subject to the data retention terms in section 5.

4. How Data Is Used

Operational data is used to:

  • Authenticate API requests
  • Enforce credit balance and billing rules
  • Deliver and retry webhook payloads
  • Monitor service reliability and job status
  • Comply with legal obligations
  • We do not sell personal data. We do not share personal data with third parties for their own marketing purposes.

5. Retention & Deletion

  • Job metadata and structured extraction output: retained 90 days by default
  • Raw document content, worker disk, and processor temporary source text: cleared after successful extraction (typically minutes)
  • API key metadata: retained for the lifetime of the key plus 90 days after rotation or deletion
  • Server logs: retained 30 days
  • Explicit deletion requests for structured output can be submitted via POST /v1/jobs/{id}/delete. Operational metadata may be retained for audit and billing reconciliation.

6. Subprocessors

PolDex production processing runs on Cloudflare services for web hosting, Worker compute, D1 storage, Queues, and email routing, plus approved model inference providers behind the FastScript engine.

Legacy AWS/FastAPI artifacts in the repository are non-production. The full current subprocessor list is available on request and will be updated before any material infrastructure change.

7. Security

Data is encrypted in transit (TLS 1.2+) and at rest through the production platform's managed encryption controls. Access to production systems follows least-privilege principles. API keys are stored as hashed values only - the raw key is shown once and is not recoverable by PolDex.

8. Your Rights

Depending on your jurisdiction, you may have rights to access, correct, delete, or port your personal data. To exercise these rights, email privacy@poldex.ai.

We will respond within 30 days. Identity verification may be required before fulfilling data subject requests.

9. International Processing

PolDex is planned as a U.S. company. Data may be processed in the United States and other regions used by the production subprocessors. If you are located in the European Economic Area or United Kingdom, transfers to the US are governed by Standard Contractual Clauses where applicable.

10. Policy Updates

We will notify API key holders of material changes to this policy by email at least 14 days in advance of the effective date. Continued use of the API after the effective date constitutes acceptance.

11. Contact

Privacy questions: privacy@poldex.ai

Data subject requests: privacy@poldex.ai

PolDex Inc.