Smart DAFT Privacy Policy

Effective date: June 3, 2026

Smart DAFT helps self-filing DAFT applicants check fit, organize documents, prepare packet materials, and track next steps. This policy explains what data we collect, how we use it, and how to contact us.

Information we collect

We collect account information such as your email address and basic Google profile details when you choose Google sign-in. We also collect the quiz answers, consent records, uploaded documents, document facts, payment status, support messages, and technical logs needed to operate the service.

Google sign-in data

Smart DAFT uses Google OAuth only to let you sign in. We request basic profile and email information so we can create and secure your account. We do not request access to your Gmail, Google Drive, Google Calendar, contacts, or other Google account content.

How we use information

We use your information to authenticate your account, create your private case vault, process documents you upload with consent, prepare DAFT packet outputs, process payment, provide support, prevent abuse, debug errors, and improve reliability.

Documents and AI processing

Uploaded documents are used to extract DAFT-relevant facts and prepare your packet materials. Smart DAFT does not use your private documents to train AI models. Documents are processed only for the case workflow you start.

Service providers

We use providers such as Supabase for authentication, database, and storage; Vercel for hosting; Stripe for payments; Resend for email; Sentry and PostHog for product reliability and analytics; and AI/OCR providers for document extraction when you consent to document processing.

Sharing

We do not sell your personal information. We share data only with service providers needed to run Smart DAFT, when required by law, to protect the service, or with your direction.

Retention and deletion

We keep account, case, payment, and consent records as long as needed to provide the service, meet legal or accounting obligations, resolve disputes, and maintain security. You can request deletion of your account or case data by contacting us.

Your choices

You can choose not to upload documents, can request deletion, and can revoke Google OAuth access from your Google Account settings. Revoking Google access may prevent sign-in until you authenticate again.

Security

We use account authentication, access controls, consent gates, protected storage, and operational monitoring to protect user data. No internet service can guarantee perfect security.

Contact

For privacy questions or deletion requests, contact planetce@gmail.com.