ProofDock logo ProofDock
🇺🇸
🇺🇸 English 🇨🇳 简体中文
Get API key

Privacy Policy

Updated 2026-04-29

This Privacy Policy explains what information ProofDock (“we”, “us”) collects when you use our API and website, how we use it, and the choices you have. By using ProofDock you agree to the practices described here.

This is an initial draft. We will update it as the product and our data-handling practices evolve, and we recommend reviewing it with your own counsel before relying on it for compliance purposes.

What we collect

Account information. When you create an account we collect your email address and a hashed password. We do not store your password in plain text.

API keys. Each key you create is associated with your account. The key value itself is shown to you only once at creation; we store a hash for verification.

Usage logs. Every request to our gateway is logged. Each entry records the timestamp, the API endpoint, the response status, the credits consumed, the API key fingerprint (not the key itself), and the source IP address. These logs are used for billing reconciliation, abuse prevention, and service debugging.

Communications. If you email us at [email protected] we retain that correspondence so we can follow up.

We do not collect, and do not want to receive, information about your end users. ProofDock is a developer tool. The data you query is about public entities (companies, filings, court cases, market instruments) — not about individuals using your application.

How we use your information

  • To operate the gateway and authenticate your requests
  • To meter credit usage, enforce rate limits, and reconcile recharges
  • To detect and prevent abuse (e.g. credential sharing, scraping at extreme rates)
  • To respond to your support requests
  • To send infrequent product or security notices to your account email

We do not sell your information, and we do not use your usage data to train AI models.

Cookies

The marketing site uses a small number of essential cookies (for example, to remember your language preference). The authenticated dashboard uses a session cookie to keep you signed in. We do not run third-party advertising or analytics trackers on the marketing site at this time.

Third parties

ProofDock relies on a small set of providers to operate the service:

  • Hosting and infrastructure — to run the gateway, the database, and this website.
  • Email delivery — to send transactional messages (e.g. password reset).
  • Upstream data providers — when you call the gateway, we forward your query to the appropriate authoritative source. We do not pass any account-identifying information to upstream providers; only the parameters needed to fulfill the request.

We do not currently process payments through a third-party processor. Recharges are reviewed by an admin and applied manually. If we add an automated payment provider in the future, we will update this policy and notify account holders.

Data retention

  • Account data is retained for as long as your account is active.
  • Usage logs are retained for at least 90 days for billing reconciliation, and may be retained longer in aggregated form for capacity planning.
  • Closed accounts are deleted within 30 days of closure, except where we are required to retain certain records (e.g. for tax or legal reasons).

Your rights

You may request access to, correction of, or deletion of your personal information by emailing [email protected]. Where applicable law (e.g. GDPR, CCPA, PIPL) gives you additional rights — such as data portability or objection to processing — we will honor those rights consistent with our legal obligations.

You can also close your account at any time, which initiates the deletion process described above.

Security

We use industry-standard encryption in transit (TLS) and at rest. API keys are hashed; passwords are hashed and salted. Access to production data is limited to a small number of operators, and is logged. No system is perfectly secure, but we treat any suspected incident with urgency. If a breach affects your account we will notify you without undue delay.

International transfers

ProofDock operates from servers located in regions chosen for performance and reliability. By using the service you understand that your account information and request logs may be stored and processed in jurisdictions other than your own. We rely on standard contractual safeguards where applicable.

Changes to this policy

We may update this Privacy Policy from time to time. If we make material changes we will notify account holders by email and update the “Updated” date at the top of this page.

Contact

Questions, requests, or complaints? Email [email protected].