Privacy built for European and Canadian rules
GDPR and Quebec's Law 25 aren't afterthoughts here — they're part of how the product is designed. Here's our approach in plain English.
This page summarizes our approach for prospective customers. Read the full Privacy Policy, which governs our actual privacy practices.
What we collect
Two categories: the text you submit for detection, and basic account and usage data needed to run the service (e.g. email, plan, scan counts).
How we use your text
- To return your detection result — the sole purpose.
- It is processed in-house on Google Cloud and is not shared with third parties.
- It is not used to train or fine-tune detection models.
GDPR (European Union)
We support the data-subject rights GDPR requires — access, rectification, erasure and portability — and we process content on a clear, limited basis. Enterprise customers can request a Data Processing Agreement covering roles, sub-processors and safeguards.
Quebec Law 25
As a company connected to the Canadian ecosystem, Law 25 is directly relevant to us. We align with its requirements around transparency, consent, and protection of personal information, and can discuss data-residency arrangements for Quebec and Canadian customers.
Data residency
We offer residency options to help organizations meet regional obligations. The specifics depend on your deployment — talk to sales to scope them.
Your controls
- Delete your scans and account data on request.
- Request a DPA for enterprise deployments.
- Contact our team with any privacy question or data-subject request.
Have a compliance question?
Our team can walk through GDPR, Law 25, residency and DPAs with you.
Contact us