1. Overview
Cambridge Holdings, LLC d/b/a SafeRedact ("SafeRedact," "we," "us," or "our") provides this Privacy Policy to explain how we collect, use, and protect your personal information when you use our document redaction service at saferedact.app (the "Service").
Privacy by Design: Only extracted text is sent to our AI for analysis. Original file binaries remain in your browser. Text is encrypted with AES-256-GCM before transmission. Our AI provider (Anthropic) processes requests with zero-retention headers — no document content is stored or used for model training by SafeRedact or its AI provider.
2. Data Controller
Cambridge Holdings, LLC is the data controller responsible for your personal data.
Cambridge Holdings, LLC
United States
Email: privacy@saferedact.app
For users in the EEA, UK, or Switzerland, SafeRedact acts as the data controller for personal data collected through the Service.
3. Information We Collect
Information You Provide
| Data | Purpose | Legal Basis |
|---|---|---|
| Email address | Account creation, communications | Contract |
| Password (hashed) | Account authentication | Contract |
| Payment information | Subscription billing via Stripe | Contract |
Information Collected Automatically
| Data | Purpose | Legal Basis |
|---|---|---|
| Document count | Usage limits, billing | Contract |
| Feature usage | Product improvement | Legitimate interest |
| Error logs | Debugging, reliability | Legitimate interest |
| IP address | Security, fraud prevention | Legitimate interest |
| Browser/device info | Compatibility | Legitimate interest |
Information We Do NOT Collect
- Document contents or files — Original files remain in your browser; only extracted text is sent for AI analysis and immediately discarded
- Detected sensitive information — SSNs, addresses, etc. are not stored
- Original files — We never see your original documents. Only extracted text is sent for AI detection.
- Redaction patterns — Your selections are not tracked
4. Legal Basis for Processing (GDPR)
For users in the EEA, UK, and Switzerland, we process personal data under these legal bases:
- Contract Performance — Processing necessary to provide the Service (account management, billing, support)
- Legitimate Interests — Processing for business interests that do not override your rights (security, fraud prevention, analytics)
- Consent — Where you have given consent for specific processing (marketing, optional cookies)
- Legal Obligation — Processing necessary to comply with legal requirements
5. How We Use Information
We use collected information to:
- Provide, maintain, and improve the Service
- Process payments and manage subscriptions
- Send transactional emails (receipts, account updates)
- Respond to support requests
- Prevent fraud and abuse
- Comply with legal obligations
- Analyze usage to improve our product (in aggregate)
6. Information Sharing
We do not sell your personal information. We may share information with:
- Service Providers — Companies that help us operate the Service (see Section 7)
- Legal Requirements — If required by law, subpoena, or court order
- Business Transfers — In connection with a merger, acquisition, or sale
- With Your Consent — When you explicitly authorize sharing
7. Sub-Processors
We use the following third-party service providers:
| Provider | Purpose | Location |
|---|---|---|
| Anthropic | AI text analysis | United States |
| Stripe | Payment processing | United States |
| Supabase | Authentication, database | United States |
| Vercel | Website hosting | United States |
| Google Analytics | Website analytics | United States |
| Resend | Transactional email | United States |
Each sub-processor is contractually required to protect your data.
8. International Data Transfers
SafeRedact is based in the United States. If you are located outside the US, your data will be transferred to and processed in the United States.
For EEA, UK, and Swiss Users
We transfer data using these legal mechanisms:
- Standard Contractual Clauses (SCCs) — EU-approved contract terms with our sub-processors
- Supplementary Measures — Additional technical and organizational protections
9. Data Retention
- Document files — Original file binaries remain in your browser; only extracted text sent for AI analysis (not stored)
- Extracted text — Not retained; processed and immediately discarded
- Account data — Deleted within 30 days of account deletion
- Usage logs — Retained up to 90 days
- Payment records — Retained 7 years for tax/legal compliance
Enterprise Data Handling
SafeRedact Enterprise processes bulk document sets for DSAR compliance and other redaction workflows. Enterprise use is governed by separate written agreements (DPA, SOW, or enterprise license) which take precedence over this Privacy Policy to the extent of any conflict. Enterprise-specific data handling:
- Bulk job metadata — Job name, file counts, detection counts, and status are stored in our database to enable audit reporting and job management. This metadata does not include document content.
- Document content — Processed identically to the consumer product. Only extracted text is sent for AI analysis; original files remain in the browser. No document content is stored.
- Audit reports — Detection results (PII type and count per file) are generated client-side and exported by the user. SafeRedact does not retain copies of audit reports.
- Data Processing Agreements — Available on request for Enterprise customers. Contact sales@saferedact.app.
Encryption
Text extracted from your documents is encrypted with AES-256-GCM in your browser before transmission to our API. This application-layer encryption operates in addition to standard HTTPS/TLS transport encryption, providing dual-layer protection for data in transit. No document content is stored at rest on SafeRedact servers.
10. Your Rights
Depending on your location, you may have these rights:
- Access — Request a copy of your personal data
- Correction — Update inaccurate information
- Deletion — Request deletion of your data
- Portability — Receive your data in a portable format
- Objection — Object to certain processing
- Restriction — Request restriction of processing
- Withdraw Consent — Where processing is based on consent
Contact privacy@saferedact.app to exercise these rights. We respond within 30 days.
11. Additional Rights for EEA, UK, and Swiss Users
Under GDPR, you have additional rights:
- Right to Lodge a Complaint — Contact your local data protection authority
- Right to Object — Object to processing based on legitimate interests
- Right to Withdraw Consent — Withdraw consent at any time
Supervisory Authorities
- EU: European Data Protection Board
- UK: Information Commissioner's Office (ICO)
- Switzerland: Federal Data Protection Commissioner (FDPIC)
12. Cookies & Local Storage
- Essential cookies — Required for authentication. Cannot be disabled.
- Analytics cookies — Google Analytics. Opt out here.
- Local storage — Stores preferences and guest usage limits.
We do not use advertising cookies.
13. California Privacy Rights (CCPA/CPRA)
California residents have additional rights:
- Right to know what personal information we collect
- Right to delete personal information
- Right to opt out of "sale" or "sharing"
- Right to non-discrimination
We do not sell or share personal information as defined under California law.
14. Children's Privacy
SafeRedact is not intended for children under 16. We do not knowingly collect information from children. Contact privacy@saferedact.app if you believe we have.
15. Changes to This Policy
We may update this policy. Material changes will be posted with a new effective date and, for significant changes, communicated via email.
16. Contact Us
Cambridge Holdings, LLC
Privacy: privacy@saferedact.app
General: hello@...