Privacy Policy

Last updated: 30 April 2026

This Privacy Policy explains how QuicKontract (“we”, “us”, “the Service”) collects, uses, and protects your information when you use the application at quickontract.com.

1. Who we are

QuicKontract is a tool that helps users review contracts by uploading or photographing pages and receiving an AI-generated summary of risks and notable clauses. The Service is operated by the QuicKontract team. For privacy questions, contact doron.shamia@gmail.com.

2. Information we collect

• Account data: when you sign in, we receive your email address and (for Google sign-in) your name and profile picture from the identity provider.
• Contract content: the text, images, or PDF/DOCX files you submit for analysis. These are sent to our AI provider to produce the analysis result.
• Usage data: token balance, ledger of analyses performed, page counts, model used, and timestamps. We do not store the contract content itself after analysis completes.
• Payment data: when you purchase tokens, PayPal handles the transaction. We receive only the order ID, amount, and confirmation — never your card or PayPal credentials.
• Technical data: standard server logs (IP address, user agent, request path) for security and debugging, retained for up to 30 days.

3. How we use your information

• To provide the contract analysis Service you request.
• To authenticate your account and maintain your token balance.
• To process payments and prevent fraud.
• To debug, secure, and improve the Service.
• To communicate with you about your account (e.g., magic-link sign-in emails).

We do not sell your data, and we do not use your contract content to train AI models.

4. How contract content is handled

Documents and images you submit are transmitted over HTTPS to our AI provider (Anthropic) for analysis. Anthropic processes the content to generate the response and, per their data policy, does not retain API inputs or outputs for training. We do not store the contract content on our servers after the analysis is returned to your browser.

The analysis result itself is shown only in your browser; you may export it as HTML. We do not retain a copy.

5. Sub-processors

We rely on the following third-party services to operate QuicKontract:

• Supabase — authentication and database hosting (account data, token balance, payment ledger).
• Anthropic — AI model that performs the contract analysis.
• PayPal — payment processing for token purchases.
• Netlify — application hosting and edge functions.
• Resend — transactional email (sign-in links).
• Google — optional Google sign-in (only if you choose this method).

Each provider has its own privacy policy and security controls. Data is transferred only as needed to deliver the Service.

6. Cookies and local storage

We use browser local storage to keep you signed in and to remember preferences (language, install-banner dismissal). We do not use third-party advertising or analytics cookies.

7. Data retention

• Account data: kept while your account is active.
• Token balance and payment ledger: kept while your account is active and for up to 7 years thereafter for tax and accounting compliance.
• Contract content: not retained after analysis completes.
• Server logs: up to 30 days.

8. Your rights

You may at any time:

• Request a copy of the personal data we hold about you.
• Request correction or deletion of your account and associated data.
• Withdraw consent or object to processing.
• Lodge a complaint with your local data protection authority (residents of the EEA/UK).

To exercise these rights, email doron.shamia@gmail.com. Note that deleting your account also forfeits any unused token balance.

9. Security

All traffic is encrypted in transit (HTTPS/TLS). Authentication uses industry-standard JWT tokens. Server-side credentials are stored as environment variables and never exposed to the browser. We design the Service so that contract content is processed transiently and not stored at rest.

10. Children

QuicKontract is not intended for children under 16. We do not knowingly collect personal data from children.

11. International transfers

Our providers may process data in the United States and other countries. By using the Service, you consent to such transfers. Where required, transfers rely on standard contractual clauses or equivalent safeguards.

12. Changes to this policy

We may update this Privacy Policy from time to time. The “Last updated” date at the top reflects the latest revision. Material changes will be announced in-app or by email.

13. Contact

Questions or requests: doron.shamia@gmail.com.

← Back to QuicKontract