PRIVACY

Privacy Policy

Data Controller

ProDocs UG (haftungsbeschränkt)

Im Steig 9, 72501 Gammertingen, Germany

Email: info@prodocs.app

Cookies & Technologies

Essential cookies only (no consent required):

Firebase Auth Session (Google Ireland Ltd.) – Authentication, maintaining login status. Duration: Session.

CSRF Token (ProDocs) – Protection against cross-site attacks. Duration: Session.

Cookie Consent (ProDocs) – Stores your cookie preference. Duration: 1 year.

What we do NOT use: No Google Analytics, no advertising cookies, no Crashlytics, no third-party trackers, no social media plugins.

Authentication & User Profile

Firebase Authentication (Google Ireland Ltd.) – Email, password hash, login status.

Google Cloud Firestore – User profile, document metadata, deadlines, email connections.

Legal basis: Art. 6(1)(b) GDPR (contract performance).

Document Processing

Google Cloud Storage – Storage of uploaded documents (images, PDFs).

Google Cloud Document AI – Scanned documents are sent to Google for OCR text recognition.

Anthropic Claude API (Anthropic Inc., USA) – Document images + OCR text are transmitted for AI analysis, categorization, and chat.

Google Gemini API (Fallback) – Same data as Claude, used when Claude is unavailable.

Legal basis: Art. 6(1)(b) GDPR (contract performance).

Email Integration (optional)

Only when actively enabled by the user:

Gmail API (Google) – Read access to emails and attachments.

Microsoft Outlook/Graph API (Microsoft Corp., USA) – Read and send access to emails.

IMAP (iCloud, GMX, WEB.DE) – Read access to emails.

Legal basis: Art. 6(1)(a) GDPR (consent). You can revoke consent at any time in the app settings.

Data Transfer to USA

Anthropic Inc. (Claude API) – AI document analysis. Secured by EU Standard Contractual Clauses (SCCs).

Microsoft Corp. (Outlook/Graph API) – Email integration. Secured by EU-US Data Privacy Framework.

Google LLC – Certified under EU-US Data Privacy Framework. Data processing in europe-west3 (Frankfurt, Germany).

Infrastructure & Hosting

Google Cloud Run (europe-west3, Frankfurt) – Backend hosting for all API requests.

Google Cloud Logging (Serilog) – Application logs including user ID, request paths, error messages.

All-Inkl (Saxony, Germany) – Website hosting for prodocs.app.

Formsubmit.co – Contact form processing.

Your Rights

Under GDPR you have the right to:

• Access your personal data (Art. 15)

• Rectify inaccurate data (Art. 16)

• Delete your data (Art. 17)

• Restrict processing (Art. 18)

• Data portability (Art. 20)

• Object to processing (Art. 21)

• Withdraw consent (Art. 7(3))

Contact: info@prodocs.app

Supervisory authority: State Commissioner for Data Protection, Baden-Württemberg, Germany.

Last updated: March 2026