Privacy Policy · Alpaca Docs

1. Who we are

Alpaca Docs is a desktop application operated by João Abrantes, sole proprietor, trading as Alpaca Law, NIF PT216046858, based in Portugal.

Contact email: privacy@alpacalaw.com.

This Privacy Policy describes how we handle personal data in connection with Alpaca Docs: the desktop application and the supporting infrastructure for sign-in, billing, and legal-database lookup (collectively, "the Service"). For the alpacalaw.com web product, please refer to the separate Alpaca Law privacy policy.

2. What we see, and what we don't

Alpaca Docs is designed so that your work does not pass through our servers.

What we never see

Your chats with the AI model.
Files inside your project folders.
The AI model's responses.
Any prompt content beyond the legal-database queries described below.

These travel directly from your computer to the AI provider you have chosen (Anthropic, OpenAI, Google, or another supported provider) and to your local disk. Our infrastructure is not in that path.

What we see, to provide the Service

Account data: email address, user identifier, and date of last login, collected when you sign in through Google (OAuth 2.0), ChatGPT (OAuth), or email PIN. We do not store passwords.
Subscription and billing data: subscription status, plan tier, invoice records, and tax identification number where applicable.
Legal-database queries: when you or the AI model search or read a document through our legal database, we see the query string and the document identifier returned. We do not retain a copy of the document content on a per-user basis.
Technical data: IP address, HTTP request metadata, and server logs. Retained for 7 days.

3. Legal bases for what we do see

Under Article 6 of the GDPR, we process the personal data listed in Section 2 on the following bases:

Performance of a contract (Art. 6(1)(b)) — to provide the Service: authentication, legal-database access, payment processing, and operational communications.
Legitimate interests (Art. 6(1)(f)) — security monitoring, abuse prevention, and service improvement. Our legitimate interest is keeping the Service available and trustworthy.
Legal obligation (Art. 6(1)(c)) — retention of billing records for tax purposes.

We do not use personal data for direct marketing, personalized advertising, automated profiling with legal effects, or for training artificial intelligence models.

4. AI providers

You choose which AI model to use inside Alpaca Docs (currently Claude, ChatGPT, or Gemini, with more coming). Your prompts, attachments, and the model's responses travel directly from your computer to the provider you have chosen.

The provider is not a sub-processor of Alpaca. You hold a direct relationship with them, governed by their privacy policy and terms. We do not see, store, or proxy any of that data.

If you use Sign in with ChatGPT, your OAuth session with OpenAI is stored encrypted on your computer using OS-level secure storage (Electron safeStorage); only the encrypted blob touches disk. We do not see your access or refresh tokens.

If you bring your own API key for Anthropic, OpenAI, or Google, the key is stored encrypted on your computer the same way. We do not see it.

5. Sub-processors

The following providers process personal data on our behalf, for the parts of the Service that touch our infrastructure (sign-in, billing, legal-database lookup, operational email):

Sub-processor	Purpose	Location
Google Cloud / Firebase	Authentication and account database	Belgium (EU)
Render.com	Backend hosting for the legal-database API	Germany (EU)
Stripe	Payment processing	Ireland (EU) / USA
AWS SES	Operational emails (sign-in PIN, billing receipts)	Ireland (EU)

We do not sell, rent, or share personal data with third parties for marketing or advertising. Data is shared only with the sub-processors above, and only to the extent strictly necessary to operate the Service.

6. International data transfers

Our primary infrastructure is located in the European Union. Stripe processes payments through entities in Ireland (EU) and the United States; these transfers are made under Standard Contractual Clauses approved by the European Commission and included in our agreement with Stripe.

Note that AI-provider interactions (Section 4) happen between your computer and the provider you have chosen; the location of that processing depends on the provider you selected and is not under our control.

7. Data retention and deletion

Account and subscription data are retained for the duration of your account. Legal-database query logs are retained for 90 days and then aggregated into anonymized usage counters.

You can delete your account at any time. Deletion removes account data, billing identifiers, and query history. Billing records required by tax law are retained for the statutory period (10 years under Portuguese tax law) and then deleted.

Accounts inactive for 24 consecutive months are flagged for automatic deletion, with email notice 30 days in advance.

Server logs are retained for 7 days and then deleted.

8. Your rights

Under the GDPR, you have the following rights over your personal data:

Access (Art. 15) — request a copy of your personal data.
Rectification (Art. 16) — request correction of inaccurate data.
Erasure (Art. 17) — delete your account and associated data, or contact us to request erasure.
Portability (Art. 20) — request export of your data in a structured, machine-readable format.
Objection (Art. 21) — object to processing based on legitimate interests.
Restriction (Art. 18) — request restriction of processing in certain circumstances.

Response time: 30 days, pursuant to Article 12 of the GDPR. To exercise your rights, contact us at privacy@alpacalaw.com.

You also have the right to lodge a complaint with the Comissão Nacional de Proteção de Dados (CNPD), the supervisory authority in Portugal (www.cnpd.pt).

9. Security

Data in transit between your computer and our infrastructure is encrypted with TLS 1.2 or later. Data at rest in our infrastructure is encrypted with AES-256. Authentication is passwordless. Administrative access to our infrastructure requires multi-factor authentication. We monitor for anomalies continuously and apply security patches promptly.

Credentials stored on your computer (API keys, ChatGPT OAuth tokens) are encrypted with the operating system's secure storage (Electron safeStorage, backed by Keychain on macOS and DPAPI on Windows). Only the ciphertext is written to disk.

10. Cookies

The Alpaca Docs desktop application does not use cookies. The marketing site at alpacadocs.com uses strictly necessary cookies for session preferences. We do not use advertising or third-party tracking cookies.

11. Children

The Service is not intended for anyone under 18 years of age. We do not knowingly collect personal data from minors. If you become aware that a minor has provided personal data through the Service, please contact us so we can delete it.

12. Changes to this policy

We may update this Privacy Policy from time to time. The revised version will be posted on alpacadocs.com and the last-updated date at the top will change. Material changes will be communicated in-app and by email where appropriate.

13. Language version

The Portuguese version of this Privacy Policy is the binding version. The English language version is provided for convenience. Where the two versions differ, the Portuguese version prevails.

14. Contact

For privacy questions, data-processing concerns, or to exercise your rights: privacy@alpacalaw.com.

Response time: 5 business days for general queries; 30 days for GDPR rights requests.