Privacy Policy
Last updated: February 27, 2026
1. Who We Are
PaperworkAI is an AI-powered document and business operations management platform designed for cafes, restaurants, breweries, gas stations, and small businesses. We are committed to protecting your personal data in compliance with the EU General Data Protection Regulation (GDPR).
2. Data We Collect
We collect and process the following categories of personal data:
- Account Information: Name, email address, business name, business type, phone number, and address provided during registration.
- Business Documents: Invoices, receipts, delivery notes, contracts, and other documents you upload for AI processing.
- Staff Data: Employee names, roles, employment types, hourly rates, timesheets, and work schedules you enter.
- Meeting Recordings: Audio recordings you choose to upload for transcription. These are processed and then deleted from our servers.
- Usage Data: API usage metrics, document processing counts, and feature interaction data for service improvement.
- Communication Data: AI chat conversations, email drafts, and feedback you submit.
3. How We Use Your Data
- To provide AI-powered document extraction and analysis
- To generate business briefings, reports, and financial summaries
- To manage timesheets, overtime calculations, and staff scheduling
- To process meeting recordings with AI transcription
- To provide the AI chat assistant with business context
- To generate email drafts and supplier price tracking
- To send notifications about important business events
- To manage your subscription and billing
4. Third-Party Processors
We use the following third-party services to process your data:
- AI Processing: Document analysis, meeting transcription, chat assistant, email generation, and business briefings. Data is sent to our AI provider's API for processing and is not used for model training.
- PostgreSQL: Secure database storage hosted in the EU.
- Stripe: Payment processing for subscriptions (when applicable).
5. Data Retention
We retain your data for as long as your account is active. Uploaded meeting audio files are deleted immediately after transcription. You can request deletion of all your data at any time through Settings → Privacy → Delete Account.
6. Your GDPR Rights
Under the GDPR, you have the right to:
- Access: Export all your data as JSON via Settings → Privacy → Export Data.
- Rectification: Update your personal information through the Settings page.
- Erasure: Delete your entire account and all associated data via Settings → Privacy → Delete Account.
- Portability: Download your data in a machine-readable format (JSON).
- Object: Contact us to object to specific processing activities.
- Restriction: Request limitation of processing by contacting us.
7. Data Security
We implement appropriate technical and organizational measures including encrypted data transmission (TLS), secure session management, rate-limited API endpoints, and two-factor authentication (TOTP). All data is hosted within the European Union.
8. Contact
For any privacy-related inquiries, please contact us at hello@paperworkai.eu.