Privacy Policy

Effective July 7, 2026

This Privacy Policy explains what information ParseDirect ("we", "us") collects, how we use it, and who we share it with when you use ParseDirect (the "Service").

1. Information We Collect

Account information — your name, email address, and password (stored as a salted hash by our authentication provider, Supabase — we never see or store your plaintext password).

Your Content — the documents (PDFs and images) you upload, the field templates you define, and the structured data extracted from your documents.

Billing information — your subscription plan and status. Card numbers and payment details are collected and processed directly by our payment processor, Paddle — we only receive your plan, subscription ID, and billing period dates.

API keys — if you generate an API key, we store a one-way hash of it. The plaintext key is shown once at creation and cannot be recovered by us.

Usage data — page and credit consumption, extraction history, timestamps, and, for API requests, your IP address (used for rate limiting and abuse prevention).

2. How We Use Information

  • To provide the Service — running extraction, storing results, and enforcing plan limits;
  • To process payments and manage your subscription;
  • To send transactional emails (account verification, billing receipts, service notices);
  • To detect and prevent abuse, fraud, or security incidents;
  • To respond to support requests you send us.

We do not sell your personal information, and we do not use Your Content to train our own models or anyone else's.

3. AI Processing Disclosure

To extract structured data, the content of the documents and images you upload is sent to Anthropic (the maker of Claude) via their API. Per Anthropic's API terms, content submitted through the API is not used to train their models by default and is retained by Anthropic only as needed to provide and secure the service. This is the core mechanism of the Service — if you upload a document for extraction, its content will be sent to Anthropic for processing.

4. Who We Share Information With

We share information with the following service providers ("subprocessors"), each bound by their own terms and only to the extent needed to provide the Service:

  • Supabase — database, authentication, and file storage;
  • Anthropic — AI processing of uploaded document content (see Section 3);
  • Paddle — payment processing and billing, as merchant of record;
  • Vercel — application hosting and infrastructure;
  • Cloudflare (Turnstile) — bot and abuse protection on our login and signup forms;
  • Slack — internal operational alerts (e.g. a failed billing sync), which may include your email address and subscription status visible only to us.

We don't share your information with third parties for their own marketing purposes. We may disclose information if required by law, or to protect the rights, property, or safety of ParseDirect, our users, or others.

5. Data Retention

We retain your account data, documents, and extraction results for as long as your account is active. If you delete a document or your account, we delete the associated files and records from our systems, except where we're required to retain billing records for tax or accounting purposes, or where data has already been purged per a subprocessor's own retention schedule.

6. Data Security

Documents are stored in a private storage bucket scoped to your account, and database access is restricted by row-level security so that other users cannot read your data. API keys are stored as one-way hashes, never in plaintext. No method of transmission or storage is 100% secure, and we can't guarantee absolute security.

7. Your Rights

Depending on where you live, you may have rights to access, correct, export, or delete your personal information — for example under the GDPR (EEA/UK) or the CCPA (California). You can access and delete most of your data directly from Settings, or email hello@parsedirect.com to make a request, including full account deletion.

8. Cookies

We use a session cookie to keep you signed in (set by Supabase Auth) and, where enabled, a cookie set by Cloudflare Turnstile to distinguish humans from bots on our login and signup forms. We don't use third-party advertising or analytics cookies.

9. Children's Privacy

The Service is not directed at children under 16, and we don't knowingly collect personal information from them. If you believe a child has provided us information, contact us and we'll delete it.

10. International Data Transfers

Our subprocessors host infrastructure in multiple countries. By using the Service, you understand your information may be transferred to and processed in countries other than your own, which may have different data protection laws.

11. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we'll update the effective date above and, where appropriate, notify you by email.

12. Contact

Questions about this Privacy Policy or your data? Email hello@parsedirect.com.