Privacy Policy

1. Who We Are

Draftpe operates an AI-assisted legal document drafting platform focused primarily on users in India. We provide document wizards, downloadable drafts, AI explainers, optional lawyer review coordination, and related digital services.

Draftpe is not a law firm and does not provide legal advice. For privacy enquiries, contact us using the details in Section 12.

2. Information We Collect

Depending on how you use the Platform, we may collect the following categories of information:

• Identity and account information: name, email address, authentication identifiers, referral codes, and profile details you choose to provide (such as phone, city, state, or GST number).
• Document and form inputs: information you enter into document wizards to generate drafts (for example landlord and tenant names, addresses, rent amounts, contract dates, business details, clauses, and party descriptions).
• Uploaded files: contracts or PDFs you upload for AI Contract Explainer, AI Risk Explainer, Simple Signature, or optional lawyer review services, including file names and related metadata.
• Generated outputs and history: document titles, types, generation timestamps, export format, language selections, and stored copies of generated files where account history or storage features are enabled.
• Payment and billing information: plan selections, transaction references, Razorpay order and payment IDs, amounts, currency, payment status, invoices, and limited billing contact details. We do not store your full card number or UPI credentials on our servers.
• Communications: messages you send through our contact form, support emails, and service notifications we send to you.
• Usage and technical data: pages viewed, features used, referral activity, device type, browser, operating system, approximate location derived from IP address, timestamps, diagnostic logs, and security events.
• Legal acknowledgments: records of acceptance of terms, privacy notices, and one-time legal disclaimers where applicable, including timestamps.

You should avoid submitting sensitive personal data in free-text fields unless necessary for your document. Do not upload information you are not authorised to share.

3. How We Use Information

We use personal information to:

• Create, authenticate, and manage your account.
• Generate, store, display, and let you download requested documents and exports.
• Provide AI explainers, risk reports, signature tools, and optional lawyer review services.
• Process payments, subscriptions, prepaid credits, referrals, and billing support.
• Send service messages such as receipts, security alerts, and account notices.
• Operate dashboards, document history, and plan entitlements.
• Detect, investigate, and prevent fraud, abuse, and security incidents.
• Monitor performance, debug errors, and improve the Platform.
• Comply with legal obligations and respond to lawful requests.
• Enforce our Terms of Service and protect our rights and users.

We do not sell your personal information.

4. AI Processing Disclosure

A core function of Draftpe is generating and analysing legal-style content using artificial intelligence. When you use document generation, AI Contract Explainer, AI Risk Explainer, or related features, information you provide — such as wizard answers, uploaded contract text, and document metadata — may be transmitted to third-party AI providers for processing.

Our application uses OpenAI APIs to generate document drafts and AI analyses based on your inputs. We send only the information reasonably necessary to perform the service you request. We do not use your document content for public marketing without your consent.

AI providers process data under their own terms and security practices. Because AI systems operate on external infrastructure, your inputs may be processed outside India. See Section 9 on international processing.

Outputs are generated automatically and may contain errors. You are responsible for reviewing results before use. AI processing does not create an attorney-client relationship.

5. Third-Party Service Providers

We use trusted service providers to operate the Platform. They process information on our behalf only as needed to provide their services. Categories and providers currently used in the application include:

• AI providers: OpenAI (document generation, contract explanation, and risk analysis).
• Authentication, database, and storage: Supabase (user accounts, profiles, document history, file storage, and server-side data access).
• Payment processing: Razorpay (checkout, subscriptions, one-time payments, and payment verification webhooks).
• Analytics: Google Tag Manager, which may load Google Analytics or related measurement tags configured in our analytics container.
• Cloud hosting and infrastructure: hosting providers used to deploy and run the website and server functions (for example cloud platforms that host our production environment).
• Transactional email (where enabled): email delivery providers such as Resend for service notifications like explainer-ready emails.

These providers are authorised to use information only to perform services for us and must protect it in line with their agreements and applicable law. Their own privacy policies govern how they handle payment card data and certain technical processing.

6. Data Storage and Security

We implement reasonable technical and organisational safeguards designed to protect personal information, including encryption in transit (HTTPS/TLS), access controls, authenticated database policies, and monitoring for abuse.

Account and document data are stored using Supabase infrastructure. Generated documents may be stored in secure object storage associated with your account where the feature is enabled. Payment records and billing metadata are stored in our database with server-side protections on sensitive profile fields.

No method of transmission or storage is completely secure. You are responsible for using a strong password and keeping your credentials confidential. Please log out on shared devices.

7. Data Retention

We retain information for as long as necessary to provide the Services, comply with legal obligations, resolve disputes, and enforce our agreements. Typical retention practices include:

• Account and profile data: retained while your account is active and for a reasonable period afterwards.
• Billing and tax records: retained as required by applicable commercial and tax law in India.
• Document history and stored files: retained until you delete them, close your account, or we no longer need them for service delivery, subject to backup cycles and legal holds.
• Support and contact messages: retained as needed to respond and maintain records of enquiries.
• Logs and analytics: retained for a limited period for security, troubleshooting, and aggregated reporting.

We may anonymise or aggregate data so it no longer identifies you and retain it for analytics and product improvement.

8. Your Rights and Choices

Subject to applicable law, you may have the right to:

• Access personal information we hold about you.
• Request correction of inaccurate or incomplete information.
• Request deletion of your account and associated personal data, where permitted.
• Object to or restrict certain processing where the law provides such rights.
• Withdraw consent where processing is based on consent, without affecting prior lawful processing.
• Opt out of non-essential marketing communications where offered.

You can update certain profile fields in your account settings. For other requests, email contact@draftpe.com from your registered address. We may need to verify your identity before fulfilling a request. We will respond within a reasonable timeframe as required by applicable law.

If you are dissatisfied with our response, you may have the right to lodge a complaint with the relevant data protection authority in India, where applicable.

9. Cookies and Analytics

We use cookies, local storage, and similar technologies to keep you signed in, remember preferences, maintain session security, and understand how the Platform is used.

We use Google Tag Manager to manage analytics and measurement tags. Depending on your browser settings and our configuration, this may involve cookies or similar identifiers associated with services such as Google Analytics. Analytics data helps us understand traffic, feature usage, and conversion events (for example sign-ups and document generation).

You can control cookies through your browser settings. Blocking certain cookies may affect sign-in or checkout functionality.

10. International Processing

Draftpe is based in India and primarily serves Indian users. However, some of our service providers process data in other countries, including where OpenAI, Supabase, Razorpay, Google, or cloud hosting infrastructure operate data centres.

Where personal information is transferred outside India, we take steps designed to ensure appropriate safeguards consistent with applicable law, including contractual protections with service providers and limiting transfers to what is necessary to deliver the Services.

11. Children's Privacy

The Platform is not directed to children under eighteen (18) years of age, and we do not knowingly collect personal information from children. If you believe a child has provided us personal data, please contact us at contact@draftpe.com and we will take appropriate steps to delete it.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or services. The "Last updated" date at the top of this page will change when revisions are posted. Material changes may be communicated by email or an on-site notice. We encourage you to review this page periodically.

13. Contact Information

For privacy questions, data requests, or security concerns, contact:

• Email: contact@draftpe.com
• Phone: +91 50 1259 7680
• Address: Draftpe (Digital services), Bengaluru Urban District, Karnataka 560100, India
• Contact form: Contact Us

For terms governing use of the Platform, see our Terms of Service.