Privacy Policy

Last updated: 26 February 2026  ·  Governing law: France

This Privacy Policy explains how Dokitscript ("we", "us", "our") collects, uses, and protects your personal data when you use our website at dokitscript.com. We are committed to protecting your privacy in compliance with the General Data Protection Regulation (GDPR) and French data protection law.

1. Data We Collect

We collect the following categories of personal data:

• Account data: name, email address, and password (hashed) when you register.
• Usage data: number of transcriptions performed, timestamps, and selected plan.
• Technical data: IP address, browser type, device type, and session information.
• Content data: URLs submitted for transcription and resulting transcription text.
• Analytics data: pages visited, time on site, and traffic sources (via Google Analytics 4).

We do not collect any special category (sensitive) personal data.

2. How We Use Your Data

• To provide and operate the transcription service.
• To manage your account and enforce plan limits.
• To send email verification and important service communications.
• To analyse usage patterns and improve the service.
• To process payments and manage subscriptions (when applicable).
• To prevent fraud and enforce our Terms of Service.

Our legal basis for processing is: contract performance (service delivery), legitimate interests (security, analytics), and consent where required.

3. Cookies

We use the following cookies:

• Session cookie (transcriptai.sid): keeps you logged in. Expires after 7 days.
• Analytics cookies (Google Analytics 4): track usage and traffic. You can opt out via your browser settings or using the Google Analytics Opt-out Add-on.

4. Third-Party Services

We share data with the following trusted third parties solely to operate the service:

• OpenAI — audio transcription processing (audio files are not stored beyond the API call).
• Google Analytics — website analytics.
• MongoDB Atlas — database hosting.
• Railway — server hosting.
• Resend — transactional email delivery.
• Stripe — payment processing (when subscriptions are active).

We do not sell your personal data to any third party.

5. Data Retention

• Account data: retained for as long as your account is active.
• Transcription history: last 20 transcriptions stored, older ones automatically removed.
• Anonymous usage: IP-based usage counters reset monthly.
• Upon account deletion, all personal data is permanently removed within 30 days.

6. Your Rights (GDPR)

You have the right to:

• Access — request a copy of your personal data.
• Rectification — correct inaccurate data.
• Erasure — request deletion of your account and data.
• Portability — receive your data in a machine-readable format.
• Object — opt out of processing based on legitimate interests.
• Withdraw consent — at any time, where consent is the legal basis.

To exercise any of these rights, contact us at legal@dokitscript.com. We will respond within 30 days. You also have the right to lodge a complaint with the Commission Nationale de l'Informatique et des Libertés (CNIL).

7. Data Security

We implement appropriate technical and organisational measures to protect your data, including password hashing (bcrypt), HTTPS encryption, rate limiting, and access controls. However, no method of transmission over the Internet is 100% secure.

8. International Transfers

Some of our third-party providers may process data outside the European Economic Area. Where this occurs, we ensure appropriate safeguards are in place (such as Standard Contractual Clauses or adequacy decisions).

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users of significant changes by email. The "last updated" date at the top of this page will always reflect the most recent version.

10. Contact

For any privacy-related questions or requests, please contact us at:
legal@dokitscript.com

---

Dokitscript  ·  dokitscript.com  ·  France