Privacy Policy

Last updated: January 3, 2025

Privacy Policy

This Privacy Policy describes how Cloakrr ("we", "us", or "our") collects, uses, and protects your information when you use our document redaction and anonymization service.

Our Commitment to Privacy

Cloakrr is designed with a Zero PII Storage architecture. We process your documents to detect and redact sensitive information, but we do not permanently store the content of your documents.

Information We Collect

Account Information

Email address
Name (optional)
Organization name (for team accounts)
Authentication credentials (securely hashed)

Document Processing

When you upload documents for processing:

Temporary Storage: Documents are stored temporarily during processing and are automatically deleted after completion or expiry (typically within 24-48 hours)
Metadata Only: We retain only processing metadata (file names, page counts, timestamps, items detected/redacted) for audit trail purposes
No Content Storage: The actual content of your documents is not permanently stored

Usage Data

Processing statistics (pages processed, frameworks used)
Feature usage for service improvement
Error logs for debugging (anonymized)

How We Use Your Information

We use collected information to:

Process and redact your documents according to selected compliance frameworks (HIPAA, GDPR, PCI-DSS, PII)
Provide audit trails for your compliance documentation
Manage your account and credit balance
Improve our detection algorithms and service quality
Communicate important service updates
Comply with legal obligations

Data Security

We implement robust security measures including:

Row-Level Security (RLS): Database-level access controls ensure users can only access their own data
Secure Authentication: Industry-standard authentication via OAuth providers or secure password hashing
Encrypted Transport: All data transmitted via HTTPS/TLS
Transient File Storage: Documents are automatically purged after processing

Compliance Framework Alignment

Cloakrr is designed to help you achieve compliance with various data protection regulations:

GDPR: Supports EU data protection requirements
HIPAA: Designed for healthcare data handling
PCI-DSS: Payment card data detection and redaction
Custom Policies: AI-powered custom redaction rules

Note: While Cloakrr assists with compliance workflows, users are responsible for ensuring their overall compliance with applicable regulations.

Data Retention

Data Type	Retention Period
Account information	Until account deletion
Processing metadata	12 months (configurable)
Processed documents	Auto-deleted within 48 hours
Audit logs	As required by your plan

Your Rights

You have the right to:

Access: Request a copy of your account data
Correction: Update inaccurate account information
Deletion: Request deletion of your account and associated data
Portability: Export your processing history
Objection: Opt out of non-essential data processing

To exercise these rights, contact us at support@cloakrr.com.

Third-Party Services

We use select third-party services:

Cloud Infrastructure: For secure document processing and storage
Payment Processing: Secure payment handling (we do not store payment card details)
Authentication Providers: OAuth services (Google, GitHub) for secure login

Each service maintains their own privacy practices in compliance with applicable regulations.

Cookies and Tracking

We use essential cookies for:

Authentication and session management
Security (CSRF protection)
User preferences

We do not use advertising or tracking cookies.

Children's Privacy

Cloakrr is not intended for use by individuals under 16 years of age. We do not knowingly collect information from children.

International Data Transfers

If you access Cloakrr from outside the United Kingdom, your data may be transferred to and processed in the UK or other jurisdictions with appropriate safeguards in place.

Changes to This Policy

We may update this Privacy Policy periodically. Significant changes will be communicated via email or in-app notification. Continued use of the service after changes constitutes acceptance.

Contact Us

For questions about this Privacy Policy or our data practices:

Email: support@cloakrr.com
Location: London, United Kingdom

Last updated: January 3, 2025

Privacy Policy

Last updated: January 3, 2025

Privacy Policy

This Privacy Policy describes how Cloakrr ("we", "us", or "our") collects, uses, and protects your information when you use our document redaction and anonymization service.

Our Commitment to Privacy

Cloakrr is designed with a Zero PII Storage architecture. We process your documents to detect and redact sensitive information, but we do not permanently store the content of your documents.

Information We Collect

Account Information

Email address
Name (optional)
Organization name (for team accounts)
Authentication credentials (securely hashed)

Document Processing

When you upload documents for processing:

Temporary Storage: Documents are stored temporarily during processing and are automatically deleted after completion or expiry (typically within 24-48 hours)
Metadata Only: We retain only processing metadata (file names, page counts, timestamps, items detected/redacted) for audit trail purposes
No Content Storage: The actual content of your documents is not permanently stored

Usage Data

Processing statistics (pages processed, frameworks used)
Feature usage for service improvement
Error logs for debugging (anonymized)

How We Use Your Information

We use collected information to:

Process and redact your documents according to selected compliance frameworks (HIPAA, GDPR, PCI-DSS, PII)
Provide audit trails for your compliance documentation
Manage your account and credit balance
Improve our detection algorithms and service quality
Communicate important service updates
Comply with legal obligations

Data Security

We implement robust security measures including:

Row-Level Security (RLS): Database-level access controls ensure users can only access their own data
Secure Authentication: Industry-standard authentication via OAuth providers or secure password hashing
Encrypted Transport: All data transmitted via HTTPS/TLS
Transient File Storage: Documents are automatically purged after processing

Compliance Framework Alignment

Cloakrr is designed to help you achieve compliance with various data protection regulations:

GDPR: Supports EU data protection requirements
HIPAA: Designed for healthcare data handling
PCI-DSS: Payment card data detection and redaction
Custom Policies: AI-powered custom redaction rules

Note: While Cloakrr assists with compliance workflows, users are responsible for ensuring their overall compliance with applicable regulations.

Data Retention

Data Type	Retention Period
Account information	Until account deletion
Processing metadata	12 months (configurable)
Processed documents	Auto-deleted within 48 hours
Audit logs	As required by your plan

Your Rights

You have the right to:

Access: Request a copy of your account data
Correction: Update inaccurate account information
Deletion: Request deletion of your account and associated data
Portability: Export your processing history
Objection: Opt out of non-essential data processing

To exercise these rights, contact us at support@cloakrr.com.

Third-Party Services

We use select third-party services:

Cloud Infrastructure: For secure document processing and storage
Payment Processing: Secure payment handling (we do not store payment card details)
Authentication Providers: OAuth services (Google, GitHub) for secure login

Each service maintains their own privacy practices in compliance with applicable regulations.

Cookies and Tracking

We use essential cookies for:

Authentication and session management
Security (CSRF protection)
User preferences

We do not use advertising or tracking cookies.

Children's Privacy

Cloakrr is not intended for use by individuals under 16 years of age. We do not knowingly collect information from children.

International Data Transfers

If you access Cloakrr from outside the United Kingdom, your data may be transferred to and processed in the UK or other jurisdictions with appropriate safeguards in place.

Changes to This Policy

We may update this Privacy Policy periodically. Significant changes will be communicated via email or in-app notification. Continued use of the service after changes constitutes acceptance.

Contact Us

For questions about this Privacy Policy or our data practices:

Email: support@cloakrr.com
Location: London, United Kingdom

Last updated: January 3, 2025