Privacy Policy

Last Updated: January 2, 2026

1. Introduction

Baseline Docs ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our document control and version management service.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Name and email address from your Google account
  • Document Content: Documents, files, and metadata you upload to the Service
  • Profile Information: Any additional information you provide in your user profile

2.2 Automatically Collected Information

  • Usage Data: Information about how you use the Service, including actions performed and features used
  • Device Information: Browser type, operating system, and device identifiers
  • Log Data: IP address, access times, and pages viewed
  • Cookies: Authentication tokens and session data

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Service
  • Authenticate your access and maintain your account
  • Process and store your documents securely
  • Enable collaboration features within your organization
  • Send administrative notifications and updates
  • Monitor and analyze usage patterns to improve user experience
  • Detect, prevent, and address technical issues and security threats
  • Comply with legal obligations

4. Data Sharing and Disclosure

4.1 Within Your Organization

Your documents and information are shared with other users within your organization according to the permissions and access controls you configure. This includes document creators, approvers, and administrators.

4.2 Service Providers

We use third-party service providers to help us operate the Service:

  • Supabase: Database and authentication services
  • Vercel: Hosting and deployment
  • Google: Authentication services

These providers have access to your information only to perform tasks on our behalf and are obligated to protect it.

4.3 Legal Requirements

We may disclose your information if required by law or in response to valid legal requests, such as:

  • Complying with court orders or subpoenas
  • Protecting our rights, property, or safety
  • Investigating potential violations of our Terms of Service
  • Protecting against fraud or security threats

4.4 No Sale of Data

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

5. Data Security

We implement appropriate technical and organizational measures to protect your information:

  • Encryption: Data encrypted in transit (HTTPS/TLS) and at rest
  • Authentication: Secure OAuth 2.0 authentication via Google
  • Access Controls: Role-based access and row-level security policies
  • Regular Backups: Automated backups to prevent data loss
  • Monitoring: Continuous security monitoring and logging

However, no method of transmission over the Internet is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

6. Data Retention

We retain your information for as long as your account is active or as needed to provide you services. We will retain and use your information as necessary to:

  • Comply with legal obligations
  • Resolve disputes
  • Maintain audit trails and document history
  • Enforce our agreements

You may request deletion of your account and associated data by contacting your organization's administrator.

7. Your Rights and Choices

Depending on your location, you may have certain rights regarding your personal information:

  • Access: Request access to your personal information
  • Correction: Request correction of inaccurate information
  • Deletion: Request deletion of your information (subject to legal retention requirements)
  • Portability: Request a copy of your data in a portable format
  • Objection: Object to certain processing of your information

To exercise these rights, please contact your organization's administrator or reach out through the support channels provided within the Service.

8. Cookies and Tracking

We use cookies and similar tracking technologies to:

  • Authenticate your sessions and keep you logged in
  • Remember your preferences and settings
  • Understand how you use the Service
  • Improve Service performance and user experience

You can control cookies through your browser settings, but disabling cookies may limit your ability to use certain features of the Service.

9. Third-Party Links

The Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to read their privacy policies.

10. Children's Privacy

The Service is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal information, please contact us.

11. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. By using the Service, you consent to such transfers.

12. Changes to Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by:

  • Posting the updated policy with a new "Last Updated" date
  • Sending email notifications to registered users
  • Displaying prominent notices within the Service

Your continued use of the Service after changes constitutes acceptance of the updated Privacy Policy.

13. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us through:

  • Your organization's administrator
  • The support channels provided within the Service
  • The contact information provided by your organization
← Back to Home