Privacy Policy

1. Overview

This Privacy Policy describes how undocsend, operated by Easy Labs (“undocsend,” “we,” “us”), handles personal information when you use the Service.

Undocsend has two distinct data relationships you should understand:

• Platform metadata (Operator accounts, workspace configuration, billing, audit logs) — here we act as the data controller.
• Document content and Visitor data(uploaded documents, Visitor emails, Visitor analytics, Q&A submissions) — here we act as a data processorfor the workspace owner (the “Operator”), who is the data controller.

The legal framework for the processor relationship is set out in our Data Processing Addendum.

2. Data We Collect From Operators

When you sign up and operate an undocsend workspace, we collect:

• Account information — email address, name, company name (optional), trial track or invite code used during signup.
• Workspace configuration — workspace slug, branding (logo, colors), plan tier, billing details.
• Audit log — every staff or admin action performed against your workspace (who did what, when), retained for security and compliance.
• Support communications — messages you send us, including their content.
• Usage telemetry — how you use the Service (pages visited, features used), used to improve the product.

3. Data We Collect From Visitors

When a Visitor accesses a dealroom shared with them by an Operator, we collect on the Operator’s behalf:

• Email address — used for magic-link authentication and to identify the Visitor to the Operator.
• IP address and approximate geolocation — derived from the IP, used for security and analytics.
• User agent and device type — browser, operating system, device class.
• View analytics — page-by-page view events, dwell time, document-open events, downloads (if enabled).
• Q&A submissions — any questions a Visitor submits to the workspace agent, plus the agent’s responses.
• Electronic-signature data (where the Operator uses signatures) — signer name and email, the fields the signer completes, signature image, IP address, timestamps, consent record, and the completion audit trail / certificate.

Visitor data belongs to the Operator. Undocsend processes it on the Operator’s documented instructions. For data-protection purposes the Operator is the controller of Visitor data and undocsend is the processor. The Operator is responsible for providing any notice to, and obtaining any consent or lawful basis from, Visitors that applicable law requires before sharing a dealroom or collecting signatures. Visitors seeking access, correction, or deletion should contact the Operator that shared the dealroom; we will assist Operators in responding as described in our DPA.

4. How We Use Data

We use the data described above to:

• Provide the Service — render documents, send share links, compute analytics, authenticate users, deliver e-signature and AI features that you have enabled.
• Secure the Service — detect and prevent fraud, abuse, unauthorized access, and other harmful activity.
• Process AI requests when AI features are enabled for your workspace, subject to the BYOK rules in section 6.
• Improve the Service — analyze usage, debug, and prioritize features, and create and use de-identified and aggregated data as described below. We surface product analytics on Operator-facing surfaces and do not expose identifiable document content to staff for product work (see section 5).
• Communicate with you — service announcements, security notifications, billing notices, and (with your consent or where permitted) product news.
• Comply with law and enforce our Terms.

De-identified and aggregated data; machine learning. We may create de-identified and aggregated data from use of the Service and may use it for any business purpose, including to train and improve our machine-learning models and features, and for analytics, security, and fraud prevention. De-identified data is processed so that it cannot reasonably be used to identify any individual, Operator, or Visitor, and we do not attempt to re-identify it.

5. Document Storage and Encryption

Documents you upload are stored with reputable cloud infrastructure providers and are encrypted at rest; data in transit is protected with TLS 1.2 or higher. Our current storage sub-processors are listed at /subprocessors (see section 7).

No human at undocsend reads document content as a matter of routine.Limited break-glass access exists for incident response and abuse investigations; any such access is logged in our internal audit system and is subject to the DPA’s audit rights.

6. AI Processing

When AI features are enabled for your workspace, documents may be sent to third-party AI providers for OCR, summarization, and Q&A.

Default providers. Unless you configure your own keys (see BYOK), documents may be processed by third-party AI providers, which are named in the current sub-processor list at /subprocessors; we give Operators advance notice of additions per our sub-processor commitment (section 7).

BYOK.Operators may configure their workspace to use their own AI-provider API keys. When BYOK is configured, AI requests route directly to the Operator’s provider account and are governed by the Operator’s agreement with that provider.

AI provider data-retention is governed by each provider’s own terms (linked at /subprocessors).

7. Sub-processors

We rely on a small set of vendors (sub-processors) to deliver the Service — for hosting, storage, email delivery, product analytics, error monitoring, AI processing, and billing. We do not name individual vendors in this Policy; the current, canonical list of named sub-processors (with each vendor’s role) is published and kept current at /subprocessors.

We let Operators subscribe to change notifications. We may engage new sub-processors as the Service evolves and will update the list and notify subscribed Operators at least 15 days before the new sub-processor begins processing Operator or Visitor data. Engaging a sub-processor is not subject to Operator approval: your continued use of the Service after a change constitutes acceptance, and if you do not agree to a new sub-processor, your sole and exclusive remedy is to stop using and terminate the affected portion of the Service. Termination on this basis does not entitle you to any refund, including of any prepaid fees. Any formal objection mechanics required for business / DPA customers are governed by the DPA.

8. Cookies and Tracking

Undocsend uses:

• Session cookie — strictly necessary to keep you signed in (set by our authentication provider); cannot be disabled while using the Service.
• Room-session / password cookie — set when a Visitor unlocks a password-protected room; bound to that room.
• Impersonation cookie — set only when authorized undocsend staff impersonate an Operator for support; every impersonation is audit-logged.
• Product analytics — first-party analytics used to understand and improve the Service; we do not sell analytics data.
• Marketing-site analytics — first-party analytics on our public marketing pages, subject to the minimization described below.

The specific providers behind these cookies are identified in our sub-processor list at /subprocessors.

Viewer-side tracking.When a Visitor opens a shared dealroom link, we collect the analytics described in section 3 on the Operator’s behalf so the Operator can see engagement. We honor Global Privacy Control (GPC) signals where required.

EEA / UK / Swiss visitors — analytics minimization. On our marketing and other anonymous, non-dealroom surfaces, we detect EEA / UK / Swiss origin from the network (IP) at the edge and do not run behavioral analytics on those visitors — no per-page tracking, dwell-time measurement, or third-party marketing / analytics tags. We retain only a coarse, aggregate, non-identifying count of such visits and do not store the IP for this purpose. This minimization does not apply inside a dealroom: a dealroom Visitor authenticates with their email and the Operator, as data controller, directs undocsend to record engagement analytics; that processing is governed by section 3, the DPA, and the international-transfer safeguards in section 11.

9. Data Retention

• Workspaces. When an Operator deletes a workspace, data enters a 30-day soft-retention window to allow recovery from accidental deletion. After 30 days, the workspace and its documents are permanently purged from our primary storage; residual copies in backups are purged in line with backup-rotation cycles.
• Visitor data. Visitor records are deleted when the parent workspace is purged, or sooner on a Visitor request honored by the Operator.
• Signature records.Completed signature records and their audit certificates are retained as required by applicable law and the Operator’s own retention duties, and remain available for signers to download.
• Audit logs. Retained for two years for security and compliance purposes.
• Billing records. Retained for the periods required by applicable tax and accounting law.

10. Your Rights (GDPR / CCPA / Other)

If you are in the EEA, UK, or Switzerland (GDPR / UK GDPR), you may have the right to: access your personal data; correct inaccuracies; request erasure; restrict or object to processing; data portability; withdraw consent where processing relies on consent; and lodge a complaint with your local supervisory authority. Our legal bases for processing are performance of a contract, our legitimate interests (analytics and security), consent (marketing), and compliance with legal obligations.

If you are a California resident (CCPA / CPRA), you may have the right to: know / access; delete; correct; opt out of the “sale” or “sharing” of personal information; limit the use of sensitive personal information; and not be discriminated against for exercising these rights. Undocsend may sell or share certain personal information; you can opt out at any time via our “Do Not Sell or Share My Personal Information” link and we honor Global Privacy Control (GPC) signals. You may use an authorized agent (proof of authority required).

To exercise rights, email privacy@undocsend.com. We verify identity before completing certain requests and respond within the time required by law (for example, 45 days under CCPA, one month under GDPR). Visitors should generally contact the Operator that shared the dealroom; we assist Operators in responding.

11. International Data Transfers

Undocsend processes personal data on infrastructure located in the United States; we do not offer EU / EEA data residency. Where we or our sub-processors transfer personal data out of the EEA, UK, or Switzerland to a country without an adequacy decision, we rely on appropriate safeguards — the EU Standard Contractual Clauses (SCCs), the UK International Data Transfer Addendum (IDTA), the Swiss addendum, and/or the EU-U.S. Data Privacy Framework (and its UK / Swiss extensions) where the recipient is certified — together with supplementary technical measures (encryption in transit and at rest, access controls). You may request a copy of the relevant safeguards by emailing privacy@undocsend.com.

12. Children

The Service is not intended for, and we do not knowingly collect personal information from, individuals under 16. If you believe we have inadvertently collected such information, contact privacy@undocsend.com and we will promptly delete it.

13. Changes to This Policy

We may revise this Policy from time to time. The “Last updated” date at the top reflects the latest revision. If we make material changes, we will provide notice (for example, by email or by posting on the Service).

14. Contact

Privacy questions, requests, or complaints: privacy@undocsend.com.