Filedocr.
Vol. 03 / Legal Notices Effective January 5, 2026

How we handle
your data.

The filedocr Privacy policy as it applies to all filedocr products and services, including our platform, Apps, APIs, and any other offerings. We value your trust and are committed to transparency about how we collect, use, and protect your data.

At a glance
14
Sections
4
Products
What you won't find

We don't sell your personal data. Private uploads are not used to train general-purpose models.

01Overview

Filedocr Group Privacy Policy

Plain summary

An introduction to this policy and the four Filedocr products it covers.

Effective Date: January 5, 2026 This Privacy Policy applies to the Filedocr Group and its services, including the Filedocr Platform, DocRAI, BetterQR, and Arthenticated. It explains what information we collect, how we use it, when we share it, how long we keep it, and what rights and controls are available to users. Because these services are different, this policy includes both group-wide privacy terms and product-specific details. Arthenticated is a social authentication platform focused on authentic, human-created media. BetterQR is a QR generation, redirect, and analytics product. DocRAI is a document intelligence and processing product. The Filedocr Platform includes PDF tools, file conversion, media tools, and AI-assisted creation and transformation features.
Arthenticated is designed for authentic, human-created digital media. AI-generated or synthetic media is not permitted on Arthenticated. By contrast, Filedocr and DocRAI may offer AI-assisted tools and AI generation features, subject to their own rules, safeguards, and moderation controls.
02Scope

Who We Are and What This Policy Covers

Plain summary

Who Filedocr is, which services are covered, and how they relate.

Filedocr is the parent company in the Filedocr Group. This policy describes how we collect, use, disclose, and protect information when you use our websites, apps, APIs, widgets, and related services. Covered services include the Filedocr Platform, Arthenticated, DocRAI, and BetterQR. Some features may be offered as standalone products, embedded experiences, APIs, or integrated workflows. If a service presents an additional notice, banner, or in-product disclosure, that notice supplements this policy for that specific feature or processing activity.
The Filedocr Group may use shared infrastructure for account management, billing, fraud prevention, unified sign-in, and service security. However, information is not automatically combined across products for unrelated purposes. For example, private communications on Arthenticated are not used to personalize BetterQR analytics reports.
Each service has different features, privacy controls, and product rules. If you use multiple services, you are responsible for following the specific product rules that apply to each one, including Arthenticated's prohibition on AI-generated or synthetic media.
03Data

Information We Collect

Plain summary

The three ways we collect information: you give it, we observe it, or third parties share it.

We collect information in three main ways: information you provide directly, information collected automatically when you use our services, and information received from third parties where permitted.
This may include account and profile details such as your name, handle, email address, optional phone number, profile photo, account preferences, and authentication credentials. It also includes content and files you upload or create, such as text, comments, documents, PDFs, images, audio, video, messages, livestream content, prompts, edits, annotations, and generated assets. We may also collect authentication and verification information that you choose to provide, such as provenance details, ownership claims, creator verification information, media reference files, or supporting materials used to validate identity or authenticity. When you contact support, make a report, complete a survey, or communicate with us, we collect the information included in those interactions.
We may collect device and usage information such as your browser type, operating system, app version, device type, language, time zone, IP address, timestamps, pages viewed, features used, clicks, crash reports, diagnostics, and performance metrics. We may also infer approximate location from IP address or device settings where allowed. Cookies, local storage, SDKs, and similar technologies may be used to maintain sessions, remember preferences, improve security, prevent fraud, measure usage, and support product functionality.
We may receive information from service providers, hosting providers, analytics and security vendors, support tools, payment processors, and integrations you choose to connect, such as social login providers. In BetterQR contexts, businesses that own QR destinations may also receive scan analytics through our service and may collect their own information on destination pages under their own privacy terms.
04Per Product

Product-Specific Information We Collect

Plain summary

Exactly what each of the four products collects, in plain terms.

Different products involve different categories of information because they provide different functionality. The items below explain the more specific data types that may be processed by each Filedocr Group service.
Arthenticated may process social graph information and interaction data such as follow relationships, likes, reactions, comments, shares, connection or friend lists where applicable, group memberships, event participation, and report or block actions. It may also process publishing metadata such as timestamps, captions, tags, hashtags, mentions, geotags you add, and technical media metadata. For authenticity features, Arthenticated may process hashes, signatures, provenance markers, watermarking indicators, certificates, verification badges, and records showing who verified content and when. If you use real-time features, Arthenticated may also process livestream engagement data, technical streaming quality metrics, message content, message attachments, call metadata, and recordings or transcripts if you create or enable them.
BetterQR may process QR code configuration data such as destination URLs or payloads, campaign labels, code names, custom domains, routing rules, time-based or location-based redirect logic, expiration settings, and access settings such as password protection where enabled. BetterQR may also process scan and redirect events including timestamp, approximate location from IP address, browser, device type, referrer, and indicators used to estimate whether a scan appears unique. It may produce analytics outputs such as total scans, unique scans, device breakdowns, top locations, and time-series reporting. If a BetterQR customer enables third-party pixels or analytics tags, those tools may collect data under the customer's configuration.
DocRAI may process uploaded documents such as PDFs, images, and office files, along with metadata needed to perform analysis. It may extract OCR text, detect tables and forms, classify documents, identify entities such as names, totals, dates, and labels, and generate confidence scores or structured outputs. DocRAI may also process prompts, extraction schemas, rule settings, correction feedback, export outputs, converted files, edited PDFs, JSON, CSV, and similar structured results created through document intelligence workflows.
The Filedocr Platform may process uploads used for editing, converting, compressing, merging, splitting, transforming, or enhancing files and media. It may also process editing actions such as annotations, redactions, form fills, page reordering, and similar modifications applied in PDF or media workflows. If you use AI or generation tools, the platform may process prompts, style settings, requested lengths, output formats, safety signals, generated images, generated audio, generated music, transformed files, and other output assets created at your request.
05Use

How We Use Information

Plain summary

We use data to run the products, improve them, and keep them safe.

We use information to operate, improve, personalize, secure, and support the Filedocr Group services. The exact use depends on the product you use, the features you enable, and your settings.
We use information to create and manage accounts, deliver uploads and processing workflows, generate outputs, provide social and community features, operate redirects, produce analytics, enable QR routing, support authenticity and verification functions, and make the services work as requested.
We may use information to understand how features are used, improve reliability and performance, measure service quality, generate BetterQR analytics for customers, recommend content or creators on Arthenticated, and develop or refine new product features. Where feasible, we use aggregated or de-identified information for research and development purposes.
We use information to detect and prevent spam, fraud, abuse, malware, policy violations, and unauthorized access. We may also use information to send service messages, billing notices, product updates, security alerts, customer support responses, and marketing communications where you have opted in or where permitted by law.
06Sharing

How Information Is Shared

Plain summary

Who we share data with — and what we never do (like selling it).

We share information only in the ways described in this policy. We do not sell personal information in the ordinary sense of exchanging it for money.
Information may be shared within the Filedocr Group to operate shared infrastructure, support account management, deliver billing, maintain security monitoring, and prevent fraud. We may also share information with service providers that host data, process payments, deliver communications, provide customer support tools, or help us maintain security and reliability, subject to contractual obligations.
On Arthenticated, information you publish publicly, along with interactions and profile details allowed by your settings, may be visible to other users. In BetterQR, a QR code owner may receive analytics relating to scans of their codes, typically in aggregated form. We may also disclose information to comply with law, respond to lawful requests, enforce our terms, investigate harm, protect users, or support a merger, acquisition, reorganization, or sale of assets.
07Public

Public Content, Communities, and Social Features

Plain summary

What becomes visible to others when you post or interact.

Arthenticated is a social platform, so some information may be public or visible to selected audiences depending on your settings and the context in which you share content.
Your username or handle, profile photo, profile details you choose to publish, public posts, comments, reactions, public interactions, displayed verification markers, authentication badges, public livestreams, and associated public chat or reaction activity may be visible to others. Public content may be copied, reshared, indexed, screenshotted, or viewed through third-party services or search engines. You should only make content public if you are comfortable with that level of visibility.
Depending on group type or privacy settings, membership lists, group posts, moderator access, comments, follows, reactions, and community interactions may be visible to group members, administrators, moderators, or the relevant audience. These interactions may also be used for ranking, discovery, or moderation features on Arthenticated.
08Social

Messaging, Calls, and Livestreams

Plain summary

How messages, calls, and livestreams on Arthenticated are handled.

Arthenticated may offer private or semi-private communications, voice and video calling, and live streaming features. The data processed depends on the feature you use and the settings you choose.
We process message content and attachments to deliver messages, support user reporting, and detect spam, abuse, or security threats. We also process metadata such as participants, delivery status, timestamps, and device or network diagnostics. Deleted messages may remain for a limited time in backups or on recipient devices.
We may process call setup information, participants, start time, duration, connection quality, and related diagnostics to provide calling features and improve reliability. If you record or transcribe a call using a feature you enable, we process that recording or transcript to store or deliver it as requested.
We may process livestream content, stream titles, descriptions, categories, audience chat, reactions, viewer counts, and other engagement data. Depending on your settings, livestreams may be public or limited to an audience. Safety checks, moderation systems, and human review may be applied where appropriate.
09BetterQR

QR Codes, Redirects, and Analytics

Plain summary

What happens when a QR code is scanned and how analytics are generated.

BetterQR supports both static QR codes and dynamic QR codes. Dynamic QR codes may route scans through BetterQR infrastructure before sending a visitor to the destination.
When a dynamic BetterQR code is scanned, your device may contact BetterQR servers so the destination can be resolved. During that process, we may receive standard request information such as IP address, user agent, and timestamp. If routing rules are enabled, we may evaluate request signals such as device type, approximate location, time, or language to determine the appropriate destination.
BetterQR may generate analytics reports for customers, such as total scans, unique scans, device and location trends, and time-based reporting. Some BetterQR customers may also enable third-party analytics tags, marketing pixels, or similar tools on landing pages or redirect flows. When that happens, those third parties may collect information directly from the visitor under their own policies, and the customer is responsible for any notice or consent required by law.
10Files

Documents, Uploads, Conversions, and Generated Assets

Plain summary

How uploads, processing, and saved files are handled.

Filedocr and DocRAI process uploaded files to provide editing, analysis, conversion, extraction, generation, and enhancement features. This section explains how those files and outputs are generally handled.
Uploaded files are used to perform the operation you request, such as converting a file, editing a PDF, extracting text, classifying a document, generating an output, or producing a structured export. We may scan uploads for malware, suspicious activity, or other security threats and may block or quarantine harmful files. By default, uploaded source files and non-saved outputs are handled transiently and deleted within a short processing period, typically within minutes and no later than 24 hours after processing is complete, unless you intentionally save them to your account or use a feature that requires longer retention.
If you choose to save outputs, projects, edited files, generated media, or structured data to your account, we retain them until you delete them or close your account, subject to backups, legal obligations, dispute resolution, or security holds. We protect files in transit with encryption and apply access controls, logging, and approval-based access practices for support, abuse review, and service reliability activities.
11AI

AI Features, Generation, and Automated Decision-Making

Plain summary

How AI prompts, outputs, and moderation work. Your uploads do not train general models.

Some Filedocr and DocRAI tools are AI-assisted or generative. Arthenticated also uses automated systems to help enforce platform rules, including its restriction on AI-generated or synthetic media.
We process prompts, parameters, instructions, schemas, source files, and related inputs that you provide in order to generate or transform content. We may also keep limited logs needed for billing, debugging, abuse prevention, model versioning, and service performance. Unless you explicitly opt in, private uploads and private generated outputs are not used to train general-purpose models. We may, however, use de-identified usage patterns and operational metrics to improve product reliability, abuse prevention, and service safety.
We may filter prompts, inputs, uploads, and outputs to block prohibited content, malware, fraud, abusive behavior, and policy violations. Automated systems may be used to detect spam, fraud, suspicious automation, or content that may violate product rules. In some cases, trained reviewers may conduct human review to confirm violations, respond to reports, or improve safety systems. On Arthenticated specifically, we may analyze uploads for signs of synthetic or AI-generated media and may remove or restrict content, label it, or take account action if the platform rules are violated.
12Cookies

Cookies and Similar Technologies

Plain summary

The kinds of cookies and local storage we use, and why.

We use cookies, local storage, SDKs, and similar technologies to operate the services, maintain sessions, remember your preferences, improve reliability, and measure performance.
Essential technologies support login, security, fraud prevention, and core functionality. Preference technologies remember items such as language choice, interface settings, and saved configurations. Analytics technologies help us understand usage trends in aggregated form, and in BetterQR contexts some customer-configured tags may also be present on redirect pages or landing experiences if enabled by the customer.
13Rights

Retention, Security, International Transfers, and Your Rights

Plain summary

How long we keep data, how we protect it, and the rights you have.

We keep information only for as long as needed to provide services, satisfy legal obligations, resolve disputes, protect the integrity of the platform, and enforce agreements. Retention depends on the type of data and the feature involved.
Transient processing data such as non-saved uploads and temporary outputs is generally deleted within minutes and no later than 24 hours after processing completes. Saved account content remains until you delete it or close your account, subject to backups and legal holds. Public posts on Arthenticated remain until deleted or the account is removed, though reshared copies outside our control may persist. We use safeguards such as encryption in transit, least-privilege access, monitoring for suspicious activity, secure development practices, incident response procedures, and vulnerability management. No system can be guaranteed perfectly secure, so you should also protect your credentials and use strong passwords.
We may process and store information in countries other than where you live and use appropriate safeguards required by applicable law when transferring personal information internationally. Depending on your location, you may have rights to access, correct, delete, restrict, object to, or receive a copy of your information. You may also control profile settings, privacy settings, notification preferences, saved content, marketing preferences, and other account choices inside the services where available. If you use BetterQR only by scanning a code, rights related to information collected by the destination owner after redirect may need to be exercised with that owner directly.
End of policy

Questions, requests, or a privacy concern?

The fastest way to reach the Filedocr Privacy Team is through the support channel inside the product you use. For a general inquiry, the address below works.

privacy@filedocr.com