DossFox
Book a Demo

Legal

Privacy Policy

Last updated May 7, 2026

DossFox is built on the principle that the data inside a dossier — proof of income, lease agreements, identity documents — is not ours. It is yours and your clients'. This policy explains what we collect, why, and how we protect it.

1. Who we are

DossFox is operated by IMERIA LDA, registered in Lisbon, Portugal. References to 'we', 'us', and 'our' refer to that legal entity.

2. What data we collect

  • Account data — name, work email, role — to provision your workspace.
  • Workspace content — dossiers and documents you upload — processed only to deliver the service.
  • Usage data — page views, feature engagement, errors — used to improve the product. Aggregated; never sold.
  • Billing data — handled by Stripe; we store the customer ID and invoice metadata only.

3. Legal basis (GDPR)

We process personal data under contract (to deliver the service you signed up for), legitimate interest (security and product improvement), and consent (marketing emails — opt-in only).

4. Where data lives

EU customers' workspaces are pinned to AWS eu-west-1 (Frankfurt). US customers can opt into us-east-1 on Scale. Backups are encrypted at rest and never leave the region.

5. Subprocessors

  • AWS (hosting, EU)
  • Stripe (billing, US, SCC)
  • Postmark (transactional email, EU)
  • Sentry (error monitoring, EU)
  • fal.ai (AI generation for branding, never customer dossier data)

6. Your rights

You can access, correct, export, and delete your data any time from workspace settings or by emailing [email protected]. We respond within 30 days.

7. Cookies

We use a single first-party cookie for authentication. We do not use third-party advertising or analytics cookies. Optional product analytics is available behind an opt-in consent banner where required by local law.

8. Contact

Privacy questions: [email protected]. Data protection officer: [email protected].