Skip to content
Mezdoc
Start free
Legal

Privacy Policy.

Last updated 16 May 2026 · Version 4.1

This Privacy Policy describes how Mezdoc, Inc. ("Mezdoc", "we", "us") collects, uses, discloses, and safeguards personal data. It applies to mezdoc.com, our API, and our admin product (collectively, "the Service").

1. Data we collect

  • Account data: name, work email, organization, role, IP at sign-in.
  • Template data: uploaded PDFs, field definitions, dynamic editor content.
  • Submission data: the JSON payloads you POST to render PDFs.
  • Usage data: API request counts, render durations, error rates.
  • Cookies: session cookie (essential), preferences cookie, optional analytics with consent.

2. How we use it

  • Provide and operate the Service.
  • Generate and deliver PDFs you requested.
  • Authenticate, secure, and audit access.
  • Bill, support, and notify you about service changes.
  • Improve the platform - never to train third-party LLMs on your data.

3. Legal basis (GDPR / DPDP)

Performance of contract, legitimate interest (security & product analytics), legal obligation (tax, regulatory), and consent (marketing emails, optional analytics).

4. Data residency

You choose your region at org setup: ap-south-1 (Mumbai) or us-east-1 (Virginia). Customer content does not leave that region without explicit configuration.

5. Retention

Generated PDFs retained per your plan (default 365 days, configurable). Audit logs retained 7 / 90 / unlimited days depending on plan. You can request export or deletion at any time.

6. Sub-processors

We use a short, audited list of sub-processors (cloud infrastructure, transactional email, analytics, support). The current list is published in our Trust Center and updated 30 days before any change.

7. Your rights

Access, rectification, erasure, portability, restriction, objection, withdrawal of consent. Indian users have equivalent rights under the DPDP Act. To exercise, email privacy@mezdoc.com.

8. Children

The Service is not directed to children under 16. We do not knowingly collect data from minors.

9. Contact & DPO

Data Protection Officer: dpo@mezdoc.com · Mezdoc, Inc., SoMa, San Francisco, CA 94103. Indian Grievance Officer: grievance@mezdoc.com · Indiranagar, Bengaluru 560038.

This summary is provided for clarity and is not a substitute for the full policy. Materially-significant changes are emailed to administrators with at least 30 days notice.