COOKIES POLICY

For the Dokum.ai Service

1. WHAT ARE COOKIES?

Cookies are small text files sent by our server and saved on the User's terminal device (computer, smartphone).

In the case of a SaaS service like Dokum.ai, these files are crucial for the technical operation of the service – they allow us to "remember" that you are logged in and to securely process your documents.

The Controller of data collected via cookies is Dokumind Sp. z o.o. based in Opole, Poland.

2. TYPES AND PURPOSES OF COOKIES

We use the following types of cookies within the Service:

A. Essential (Technical) Cookies – ALWAYS ACTIVE

These files are fundamental to the operation of the application. Without them, it is impossible to log in to your account, upload files, or safely use an encrypted connection.

  • Legal basis: Art. 173(3) of the Telecommunications Act (do not require User consent).
  • Purpose: Authentication (maintaining the session after login), security (protection against CSRF attacks), load balancing.
  • Validity: Usually session-based (deleted after closing the browser).

B. Analytical Cookies – CONSENT REQUIRED

These help us understand how Users use the Service (e.g., which OCR functions are most popular), allowing us to improve the product. This data is collected in an anonymized and aggregated manner.

  • Tools: Google Analytics 4 (GA4).
  • Technical Standard: We use Google Consent Mode v2, meaning that if consent is refused, Google Analytics does not save cookies but only sends anonymous "pings" (without personal data).
  • Validity: Limited in time (typically 13-24 months) in accordance with EDPB guidelines.

C. Functional Cookies – CONSENT REQUIRED

These allow the remembering of User choices to facilitate work with the system.

  • Examples: Remembering interface language, document list view settings, or the last selected export format (e.g., JSON/XML).
  • AI Context: These files may also store temporary chat session identifiers with the AI assistant to maintain conversation continuity during a single visit.

3. CONSENT MANAGEMENT (CMP)

3.1. Upon the first visit to the Service, a banner (Consent Management Platform) is displayed, allowing the User to:

  • Accept all cookies.
  • Reject all cookies (except essential ones).
  • Make detailed settings (e.g., consent only for functional, without analytics).

3.2. The User has the right to change their preferences or withdraw consent at any time by clicking the "Cookie Settings" link available in the page footer.

3.3. Important: Blocking essential cookies (via browser settings) will prevent logging into the Dokum.ai application and using its features.

4. SERVER LOGS AND SECURITY

Independently of cookies, the Service automatically records information in server logs (IP address, date, time of request, browser information).

  • Purpose: This data is used solely for server administration, diagnosing API errors, and ensuring security (e.g., detecting DDoS attacks, unauthorized access attempts).
  • Basis: Legitimate interest of the Controller (IT security).
  • Retention: Technical logs are stored for 30 days and then overwritten, unless they constitute evidence in proceedings regarding a violation of the law.