Support

Documentation pages for using Creodocs.


  • Manual Entry

Privacy Policy

Last updated on February 5, 2021.

This policy applies to creodocs.com, hereby referred to as Creodocs. Creodocs is operated by Creodocs Limited (NZBN 9429046066565), registered in New Zealand and located in Auckland, New Zealand.

Creodocs fundamentally believes in an ethical approach to privacy, where the only information collected is required for providing services, enabling features and complying with regulatory and legal requirements. Creodocs believes that analytics and data mining are distractions from creating a high quality product and refrains from these activities unless absolutely necessary to provide its services. Simply put, Creodocs is only interested in charging for creating documents, not in mining your personal information.

The sections below outline the major categories of information that Creodocs retains. Each details what information is collected, why it is collected, how it is stored and when it is removed, with the aim of being transparent about why the information is necessary.

Purchases and Billing

When you make a purchase of credits on Creodocs, your credit card information is not seen or stored by Creodocs. Payment processing is handled by Stripe and happens entirely on their infrastructure. Please refer to Stripe's Privacy Policy for more information on how your payment information may be stored and managed by Stripe.

A purchase and user membership history is retained for each billing group. For each purchase or grant of credits to a billing group, a usage history is stored summarizing which user used which template how many times at a given price, and when the last usage occurred. This information is stored to: enable a billing history for auditing and legal purposes, allow the billing group owner oversight into usage patterns and attribute responsibility in the case of issues or discrepancies down the line.

Purchase and usage information will be retained for as long as a billing group exists. A billing group owner may request the permanent deletion of the billing group history by contacting privacy@creodocs.com, but note that some record may still need to be retained by Creodocs for financial auditing and tax purposes.

Application Information

Application information refers to information you explicitly provide as you use Creodocs. For example, if you add a private template, Creodocs needs to store the template information, the template code and link your user account to the template as its owner. This category of information is required for Creodocs to provide its services as a web application where your state is saved in a central location. When this information is no longer required by you or Creodocs, it is permanently discarded.

Account Information Your Creodocs account is primarily identified by the email address used to create it. Your email address is used to communicate with you (see the Communication section) and will be visible to other users of Creodocs when you engage in a sharing activity, such as by being part of a billing group with other users or making use of a shared template. A history of email and password changes is retained for each account, for the purposes of support and identification of malicious activity.

Created Documents Documents created by Creodocs contain potentially sensitive information submitted for document variables. Due to this, all documents are retained for only 30 days, at which point they are automatically deleted without backups. You may delete documents you have created prior to their automatic deletion from the Data Submissions page for the template used.

Private Templates If you choose to add a private template to Creodocs, template information and code will be retained indefinitely so are you able to make use of it. You can permanently delete a private template at any time from its Template Settings page.

Document Variable Content Document variable content is retained as long as the created document exists (up to 30 days). If you choose to make use of the locked variables feature when manually submitting document content, Creodocs will retain your document content indefinitely in order to restore it the next time you use the template.

Application information will be retained while you remain a user of Creodocs, unless otherwise stated. If you no longer wish to be a user, or require specific information about you removed, please contact privacy@creodocs.com.

Passive Information (Logging and Cookies)

Passive information refers to information you implicitly provide when you interact with Creodocs. For example, when you log in, Creodocs needs to know who you are and that you are still logged in as you use the site—this requires your browser to automatically send a token Creodocs provided you when you logged in (known as a cookie). This category of information is required for basic usage statistics, diagnosing issues with the product, detecting and minimising malicious activity and to verify legitimate access to your account.

Access and Error Logs Creodocs retains webserver access and error logs containing metadata including: IP addresses (which may be used for rough geolocation), the page requested, referrer URL, information about the software making the request, the time of the request and whether the request was successful. These logs are retained for the purpose of basic analytics, diagnosing problems with the service and identifying malicious activity. Logs are retained indefinitely but only up to 6 months of logs are stored on the active Creodocs webserver(s).

Failed Request Logging If a request, such as attempting to log in, results in a failure, such as due to an incorrect username or password supplied, the event information is logged to a database. This will usually include the IP address of the requester, the time of the request, and may include the content of the request (passwords will not be saved in plain text). This information is used to automatically block malicious requests, such as attempted brute-forcing of a user's password, for identifying issues with the service and for support communication regarding problems encountered. This information will be deleted periodically and will not be stored for longer than 6 months.

Cookies When you log in to Creodocs, a token is saved on your device—known as a cookie—which allows Creodocs to know you are logged in. Every time you interact with the website, the cookie is automatically sent to tell Creodocs who you are and confirm you are still logged in. Creodocs does not store any other cookies on your computer, and the session cookies are removed when you log out or when they expire after several hours.

Communication

Creodocs will use the email address associated with your account to send important information regarding your account. This will typically be for important notices that require your interaction, such as when you are invited to a billing group, or when you explicitly request information, such as having a document you created emailed to you. From time to time, Creodocs may need to send important notices to all users regarding the product, such as breaking changes or major updates to this policy. Emails are sent using Amazon Simple Email Service. Please refer to the Amazon Web Services Privacy Policy for more information on how your email address may be stored and managed.

Support, Feedback or Other Direct Interactions

If you directly contact Creodocs for any purpose, such as to request support or report a problem, your written communication will be retained indefinitely. This will include at least: the communication, your email address and any information you provide (such as diagnostic information or logs). The purpose of this is for Creodocs to maintain a formal record of communication. This record can be useful to give context from previous interactions, enable collation of ongoing issues with the product or serve as a reference point in case of disputes.

You may request for your interactions to be permanently deleted by contacting privacy@creodocs.com.

Backups

Creodocs will retain backups of Application Information and private templates, for the expressed purpose of restoring the Creodocs platform in case of catastrophic failure. Backups will be retained for up to 6 months and may include information that you have explicitly deleted. For example, if you delete a private template on January 2, it will be immediately deleted, but a backup made on January 1 will contain your template and can be retained for up to 6 months. Backups are made as an insurance policy and will not be accessed except in exceptional circumstances.

Sharing of Collected Information

Creodocs employees and contractors may have access to collected information as required to perform their jobs. This is for purposes such as providing support, diagnosing problems and making improvements. Creodocs does not sell or disclose your personal information to any third party. Exceptions to this include: 1) disclosure as required by law to a law enforcement or government agency 2) to the credit card payment processor for accepting payments 3) to the email service provider for sending communications.

Updates to this Policy

This policy will be updated from time to time as Creodocs evolves. The date it was last updated is stated at the top of the policy. It is your responsibility to review the policy periodically to confirm your continued agreement. In the event of substantial changes to the policy, you may receive written communication to the email address associated with your account to alert you of the changes. Minor changes such as rewording or clarification will not trigger such communication.

Communication Regarding This Policy

If you have any questions or concerns regarding this policy, please contact privacy@creodocs.com.