SourceDocSourceDoc
FeaturesHow It WorksTestimonialsFAQsPricing
Sign inGet Started

Privacy Policy

Last Updated: Apr 26, 2025

Welcome to SourceDoc, operated by Eryx Labs Ltd. ("SourceDoc," "we," "us," or "our"). We are committed to protecting your privacy and handling your data responsibly. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website https://sourcedoc.eryxlabs.co.ke and use our AI-powered document intelligence platform and related services (collectively, the "Services"). Please read this privacy policy carefully. By accessing or using our Services, you agree to the terms of this Privacy Policy. If you do not agree with the terms, please do not access the site or use our Services.

1. Information We Collect

We may collect information about you in a variety of ways to provide and improve our Services. The information we may collect via the Services includes:

  • Personal Data: Personally identifiable information you voluntarily provide, such as your name, email address, phone number, company name, and job title when you register for an account, request a demo, contact support, or otherwise communicate with us.
  • Document Data: Files, documents, and the content contained within them (including text, images, metadata) that you upload, connect (e.g., from email or cloud storage), or otherwise provide to the Services for processing, analysis, extraction, or querying ("Document Data"). We treat your Document Data as strictly confidential. It is processed solely to provide the Services to you as requested (e.g., extracting data, answering your questions based on the documents). We do not use your specific Document Data to train our general AI models shared across customers unless we obtain your explicit, separate consent.
  • Derivative Data: Information our servers automatically collect when you access the Services, such as your IP address, browser type, operating system, access times, device information, and the pages you view directly before and after accessing the Services.
  • Financial Data: Information related to your payment method (e.g., billing address, partial credit card number, card brand, expiration date) necessary to process payments for subscribed Services. We use reputable third-party payment processors to handle transactions securely. We do not store your full credit card number on our servers. Your payment information is provided directly to our third-party processor, whose use of your personal information is governed by their Privacy Policy. We recommend reviewing their policy for details on how they handle your financial data.
  • Usage Data: Information about how you interact with the Services, such as features used, frequency and duration of use, AI models invoked, types of documents processed (without accessing content unless necessary for support), integrations configured, and performance metrics.
  • AI Interaction Data: Information about your interactions with our AI features, such as queries submitted to the Document Q&A feature and feedback provided on AI outputs. This data, often aggregated and anonymized, helps us improve the accuracy, relevance, and performance of our AI models and features.

2. How We Use Your Information

Having accurate information permits us to provide, maintain, and improve the Services efficiently. Specifically, we may use information collected about you to:

  • Create and manage your account and user profiles.
  • Provide, operate, secure, and maintain our Services.
  • Process, analyze, and extract information from your Document Data as directed by you through your use of the Services.
  • Respond to your queries based on the content of your Document Data using our AI Q&A features.
  • Process transactions, manage subscriptions, and send billing information.
  • Improve, personalize, and expand our Services based on usage patterns and feedback.
  • Understand and analyze how you use our Services to enhance user experience and service performance.
  • Develop new products, services, features, and functionality.
  • Communicate with you for customer service, technical support, service updates, security alerts, and administrative messages.
  • Send you marketing and promotional communications (where permitted by law and subject to your opt-out rights) about SourceDoc features, offers, and events. You can opt-out of marketing emails at any time.
  • Monitor for and prevent fraudulent activity, security incidents, and violations of our terms.
  • Comply with applicable laws, regulations, legal processes, or governmental requests.
  • Train and improve our underlying AI models and algorithms, primarily using aggregated, anonymized, or de-identified Usage Data and AI Interaction Data. As stated above, your specific confidential Document Data is not used for general model training without explicit consent.
  • Manage integrations you configure (e.g., connecting to cloud storage, sending data to ERPs).

3. Disclosure of Your Information

We respect the confidentiality of your information and only share it in limited circumstances. Your information may be disclosed as follows:

  • By Law or to Protect Rights: If we believe disclosure is necessary to respond to legal process (like a subpoena or court order), investigate potential violations of our policies, protect the rights, property, or safety of Eryx Labs Ltd., our users, or others, or as otherwise required by applicable law.
  • Third-Party Service Providers: We share information with trusted third-party vendors, consultants, and service providers who need access to such information to perform work on our behalf. This includes providers for:
    • Cloud hosting and infrastructure (e.g., AWS, Azure, GCP)
    • Payment processing
    • Data analytics
    • Email delivery and communication tools
    • Customer support services
    • Security monitoring

    These providers are contractually obligated to safeguard your information and use it only for the specific services they provide to us. Providers handling Document Data are subject to strict confidentiality agreements.

  • Integrations You Enable: If you choose to connect SourceDoc to third-party applications or services (e.g., cloud storage, ERP systems), we will share information, potentially including Document Data or extracted data, with those services as directed by you through the integration setup. We are not responsible for the privacy practices of these third-party services.
  • Business Transfers: In connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business by another company, your information may be transferred as part of that transaction, subject to standard confidentiality agreements.
  • With Your Consent: We may disclose your information for any other purpose with your explicit consent.
  • Aggregated or Anonymized Data: We may share aggregated or anonymized information that does not directly identify you (e.g., usage statistics, trend reports) for industry analysis, marketing, or other business purposes.

We do not sell your Personal Data or your Document Data. We do not share your specific Document Data with third parties except as necessary to provide the Services (e.g., with our secure cloud hosting provider under confidentiality obligations) or as directed by you through integrations.

4. Security of Your Information

We implement administrative, technical, and physical security measures designed to protect your Personal Data and Document Data from unauthorized access, use, alteration, or destruction. These measures include:

  • Encryption of data at rest and in transit.
  • Strict access controls, including Role-Based Access Control (RBAC).
  • Regular security assessments and vulnerability management.
  • Secure infrastructure hosted with reputable cloud providers.
  • Employee training on data security and confidentiality.
  • Working towards compliance standards like SOC 2 to further validate our security practices.

While we take reasonable steps to secure your information, please be aware that no security measures are perfect or impenetrable. No method of data transmission over the Internet or method of electronic storage is 100% secure. Therefore, we cannot guarantee absolute security.

You can learn more about our security practices on our Security Page.

5. Your Data Protection Rights

Depending on your location (e.g., EU/EEA, California, Kenya), you may have certain rights regarding your Personal Data under applicable data protection laws. These may include:

  • The right to access – Request copies of your Personal Data we hold.
  • The right to rectification – Request correction of inaccurate or incomplete Personal Data.
  • The right to erasure (‘right to be forgotten’) – Request deletion of your Personal Data, under certain conditions.
  • The right to restrict processing – Request limitation of how we process your Personal Data, under certain conditions.
  • The right to object to processing – Object to our processing of your Personal Data (e.g., for direct marketing), under certain conditions.
  • The right to data portability – Request transfer of your Personal Data to another organization, or directly to you, in a structured, commonly used, machine-readable format, under certain conditions.
  • The right to withdraw consent – If processing is based on consent, you have the right to withdraw it at any time.

To exercise any of these rights, please contact us at info@eryxlabs.co.ke. We may need to verify your identity before processing your request. We will respond to your request within the timeframe required by applicable law.

6. Cookies and Tracking Technologies

We use cookies and similar tracking technologies (like web beacons and pixels) to operate and personalize the Services, analyze usage, and improve your experience. This may include:

  • Essential Cookies: Necessary for the website and Services to function properly (e.g., authentication, session management).
  • Performance and Analytics Cookies: Help us understand how visitors interact with our Services by collecting information anonymously (e.g., Google Analytics).
  • Functional Cookies: Enable enhanced functionality and personalization (e.g., remembering preferences).

You can typically manage cookie preferences through your browser settings. Disabling certain cookies may affect the functionality of the Services.

7. International Data Transfers

Your information, including Personal Data and Document Data, may be transferred to, stored, and processed in countries other than your own, including countries where our servers or third-party service providers are located (such as the United States or European Union member states). These countries may have data protection laws that differ from those in your country (like Kenya).

We take appropriate safeguards to ensure that your data receives an adequate level of protection in the jurisdictions in which we process it. Where required by law (e.g., for transfers of data from the EEA, UK, or Switzerland), we rely on mechanisms like the Standard Contractual Clauses approved by the European Commission or other legally recognized transfer mechanisms.

8. Data Retention

We retain your Personal Data for as long as necessary to fulfill the purposes outlined in this Privacy Policy, primarily to provide you with the Services, maintain your account, comply with our legal obligations (e.g., tax, accounting, legal reporting), resolve disputes, and enforce our agreements.

Document Data you provide is generally retained while your account is active or as needed to provide the Services. You can typically delete your Document Data through the Service interface. Upon account termination, we will delete or anonymize your Document Data according to our internal data retention schedules, unless retention is required by law or for legitimate business purposes like security incident investigation or backups (which are securely stored and isolated).

9. Policy for Children

Our Services are not directed to individuals under the age of 13. We do not knowingly collect Personal Data from children under 13. If you become aware that a child has provided us with Personal Data without parental consent, please contact us at info@eryxlabs.co.ke. If we learn that we have collected Personal Data from a child under 13, we will take steps to delete such information promptly.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last Updated" date at the top. We may also provide notice through the Service interface or via email for significant changes. You are advised to review this Privacy Policy periodically for any changes. Your continued use of the Services after the effective date of the revised policy constitutes your acceptance of the changes.

11. Contact Us

If you have questions, comments, or concerns about this Privacy Policy or our data practices, please contact us:

Attn: Privacy Inquiry
Eryx Labs Ltd.
Kiambere Rd, 10th Flr - Nachu Plaza
00800, Nairobi
Kenya
Email: info@eryxlabs.co.ke

For general inquiries, you can also reach us via the contact methods listed on our website.

SourceDocSourceDoc

AI-powered document intelligence platform. Transform documents into actionable insights with unmatched accuracy.

Product

  • Features
  • How It Works
  • Pricing
  • Integrations
  • Security

Resources

  • FAQ Center
  • Support
  • Use Cases

Company

  • About Us
  • Contact Sales
  • Careers

Legal

  • Privacy Policy
  • Terms of Service

© 2025 SourceDoc. All rights reserved.

Built by Eryx Labs