Privacy Policy

Our Core Privacy Promise

Your original documents never leave your device. All redaction happens locally in your browser using client-side processing. When you use optional AI features, only the redacted (safe) version is transmitted. We cannot see, access, or store your original documents or the sensitive data within them.

1. Information We Collect

1.1 Account Information

When you create an account, we collect:

• Email address
• Name (optional)
• Authentication data (managed by our authentication provider)
• Billing information (processed by our payment processor, if you subscribe)

1.2 Usage Data

We collect anonymised, aggregate usage metrics:

• Number of documents processed (count only)
• File types used (e.g., "PDF", not content)
• Feature usage (e.g., "custom patterns enabled")
• Error reports (without document content)

1.3 What We Do NOT Collect

2. How Your Data is Processed

3. How We Use Information

We use collected information to:

• Provide and maintain the service
• Process payments and manage subscriptions
• Send service updates and security alerts
• Improve our detection patterns and accuracy
• Respond to support requests

4. Data Sharing

We share data only with carefully selected third-party service providers that are necessary to operate Redactorr. These include:

• Our authentication provider, for identity verification and secure sign-in
• Our payment processor, for subscription billing and payment handling
• Our hosting provider, for application delivery and performance
• Our content delivery network, for global performance and security
• AI providers, when you explicitly use AI features (only redacted content is shared)
• Breach monitoring service, when you use breach checking features

We never sell your data. We never share your original document contents. Only redacted versions are shared with AI providers, and only when you explicitly use AI features.

For a full list of our current service providers and their roles, please contact us at privacy@redactorr.com.

5. Optional AI Features

When you use AI features, redacted content (not your original data) is transmitted to third-party AI providers. Your original sensitive information is never sent. Only the redacted version, with placeholders like [EMAIL_1] and [NAME_2], is transmitted.

AI Assistant

• What's sent: Your redacted text (e.g., "[EMAIL_1] sent a report to [NAME_2]")
• Where it goes: Third-party AI providers via our AI gateway
• What's NOT sent: Your original sensitive data, redaction mappings, or raw documents

Email Breach Checker

• What's sent: Full email address
• Where it goes: A third-party breach monitoring service
• Consent: Explicit consent required before first use

Password Breach Checker

• What's sent: First 5 characters of SHA-1 hash only (k-anonymity)
• Where it goes: A third-party breach monitoring service
• Privacy protection: Your actual password is never transmitted

6. Free Tier and Subscriptions

Redactorr offers a free tier that includes up to 5 documents/month and 1 AI session. No payment information is required for the free tier.

Paid subscriptions start at A$99/mo (or A$990/yr). Subscription billing and payment handling are managed by our payment processor. We do not store your full credit card details. Only a tokenized reference is retained for recurring billing purposes.

7. Data Retention

• Account data: Retained while your account is active. Deleted within 30 days of account closure, unless required by law.
• Usage metrics: Anonymized and retained for up to 2 years
• Local redaction mappings: Stored on your device. You control deletion at any time via your browser.
• Billing records: Retained as required by applicable law (typically 7 years for tax and audit purposes)
• AI query logs: Not retained by Redactorr. Refer to the respective AI provider's data retention policy for details.

8. Your Rights

Under the Australian Privacy Act 1988 and the Australian Privacy Principles (APPs), you have the right to:

• Access your personal information held by us
• Request correction of inaccurate or incomplete data
• Delete your account and associated data
• Export your data in a portable format
• Opt out of marketing communications
• Lodge a complaint with the Office of the Australian Information Commissioner (OAIC)

If you are located in the European Economic Area (EEA) or the United Kingdom, you may also have rights under the General Data Protection Regulation (GDPR), including the right to data portability, the right to restrict processing, and the right to erasure. We will honour these rights regardless of your location.

To exercise any of these rights, email us at privacy@redactorr.com. We will respond within 30 days.

9. Security

We implement industry-standard security measures:

• HTTPS encryption for all communications
• AES-256 encryption for local storage
• Egress guard to prevent unintended data exfiltration
• Regular security reviews
• Content Security Policy (CSP) headers
• Strict access controls for internal systems

10. Cookies

We use essential cookies for:

• Authentication session management
• Security tokens

We do not use tracking cookies or third-party analytics that track individual users.

11. International Data Transfers

Redactorr is operated from Australia. Some of our third-party service providers may process data outside of Australia. Where this occurs, we take reasonable steps to ensure your data is protected in accordance with the Australian Privacy Act 1988 and, where applicable, the GDPR.

Your core document data remains on your device and is never transferred internationally. Only account data and, when you opt in, redacted content may be processed by overseas service providers.

12. Children's Privacy

Redactorr is not intended for users under 16. We do not knowingly collect data from children. If you believe a child under 16 has provided us with personal information, please contact us and we will promptly delete it.

13. Legal Basis for Processing

We process personal information on the following legal bases:

• Contract performance: To provide the Redactorr service as agreed when you create an account
• Consent: For optional features such as AI queries and breach checking, where explicit consent is obtained before use
• Legitimate interest: For service improvement through anonymised usage analytics
• Legal obligation: For record-keeping required by Australian tax and financial regulations

14. Changes to This Policy

We may update this policy from time to time. Significant changes will be communicated via email or in-app notification at least 14 days before they take effect. Continued use of Redactorr after changes take effect constitutes acceptance of the updated policy.

15. Third-Party Service Providers

We use carefully selected third-party providers to operate Redactorr. For the current list of our service partners and their specific identities, please contact us at privacy@redactorr.com.

Categories of providers we use:

• Authentication provider. Identity verification and secure sign-in.
• Payment processor. Subscription billing and payment handling.
• Hosting provider. Application delivery and performance.
• Database provider. Account and configuration data storage.
• Content delivery network. Global performance and security.
• AI providers. Frontier AI model access for optional AI features (only redacted content is shared).
• Breach monitoring service. Credential breach checking (only with your explicit consent).
• Analytics provider. Anonymous usage analytics, if applicable.

Each provider is bound by contractual obligations to protect your data and use it only for the purposes described in this policy.

16. Contact Us

If you have questions about this policy, wish to exercise your privacy rights, or need to make a complaint, contact us at:

If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.