Privacy Policy
Effective Date: February 28, 2026
This Privacy Policy describes how Bitparse LLC (“Bitparse,” “we,” “us,” or “our”) collects, uses, and shares information when you use the Bitparse API and related services (“Service”).
1. Information We Collect
1.1. Account Information
When you create an account, we collect the following through our authentication provider, Clerk:
- Email address — used to create your payment profile and for account communications
- User identifier — a unique ID assigned by Clerk, used to associate your account with credits, API keys, and payment records
1.2. Payment Information
When you purchase credits, the following is collected and stored:
- Transaction records — purchase amount, credits granted, transaction status, and timestamps
- Stripe customer ID — links your Bitparse account to your Stripe payment profile
Payment card details (card number, expiration, CVC) are collected and processed entirely by Stripe, Inc. We never receive, access, or store your card information.
1.3. API Keys
When you create an API key, we store:
- A SHA-256 hash of the key (we do not store the key in plain text)
- A key prefix (first 8 characters) for display purposes
- A user-provided name for the key
- Creation timestamp and last used timestamp (
last_used_at) — updated each time the key is used to authenticate a request
1.4. Usage Data
When you use the Service, we collect:
- Credit transaction history — amounts deducted or added, with descriptions and timestamps
- Request metadata — processing times, page counts, success/failure status, and token usage (input/output tokens consumed by the AI model)
- IP addresses and request IDs — logged for security monitoring, abuse prevention, and debugging purposes
- Prometheus metrics — aggregated, non-personally-identifiable performance metrics (request durations, error rates, pages processed)
1.5. Uploaded Documents
When you submit documents for parsing:
- Document content is processed in memory and is not written to persistent storage on our servers
- Document pages are converted to images and processed using AI models to extract content
2. How We Use Your Information
We use the information we collect to:
- Provide the Service — authenticate requests, process documents, manage credits, and deliver results
- Process payments — create Stripe checkout sessions, verify payments via webhooks, and grant credits
- Enforce usage limits — apply per-user rate limiting and track credit balances
- Monitor and improve the Service — track performance metrics, identify errors, and improve reliability
- Communicate with you — respond to inquiries and notify you of changes to the Service or these policies
We do not use your uploaded documents or extracted content to train AI models or for any purpose other than fulfilling your processing request.
3. Information Shared with Third Parties
We share information with the following third-party service providers, strictly as necessary to operate the Service:
| Provider | Data Shared | Purpose |
|---|---|---|
| Clerk | Email address, user ID, session data | User authentication and identity management |
| Stripe | Email address, payment details, purchase metadata | Payment processing and billing |
| Infrastructure and service providers | Data necessary to operate the Service | Hosting, processing, and service delivery |
We do not sell your personal information to third parties.
We may also disclose information if required by law, legal process, or government request, or to protect the rights, property, or safety of Bitparse, our users, or others.
4. Data Retention
| Data Type | Retention Period |
|---|---|
| Account information (user ID, email) | Retained while your account is active |
| Credit balances and transaction history | Retained while your account is active |
| API key hashes | Retained until revoked by you; revoked keys are soft-deleted |
| Payment records | Retained for accounting and legal compliance purposes |
| Uploaded documents | Not stored; processed in memory only |
| Aggregated metrics | Retained indefinitely (non-personally-identifiable) |
Upon account deletion, we will remove your personal data within a reasonable timeframe, except where retention is required for legal or accounting obligations.
5. Data Security
We implement the following measures to protect your information:
- API keys are hashed with SHA-256 before storage; plain-text keys are never stored
- Payment processing is handled entirely by Stripe, a PCI DSS Level 1 certified provider
- Webhook verification uses Stripe signature validation to prevent tampering
- Rate limiting protects against abuse and denial-of-service attacks
- Database constraints enforce data integrity (e.g., preventing negative credit balances)
- HTTPS encryption for all data in transit
While we take reasonable measures to protect your data, no method of transmission or storage is 100% secure. You are responsible for securing your API keys and account credentials.
6. Your Rights
Depending on your jurisdiction, you may have the following rights:
- Access — request a copy of the personal data we hold about you
- Correction — request correction of inaccurate personal data
- Deletion — request deletion of your personal data
- Data portability — request your data in a machine-readable format
- Objection — object to certain processing of your personal data
To exercise any of these rights, contact us at support@bitparse.ai. We will respond within 30 days.
6.1. California Residents (CCPA)
If you are a California resident, you have the right to:
- Know what personal information we collect and how it is used
- Request deletion of your personal information
- Opt out of the sale of your personal information (we do not sell personal information)
- Not be discriminated against for exercising your privacy rights
6.2. European Economic Area Residents (GDPR)
If you are located in the EEA, our legal bases for processing your personal data are:
- Contract performance — processing necessary to provide the Service
- Legitimate interests — monitoring and improving the Service, preventing fraud
- Legal obligation — retaining records for accounting and compliance
Data is processed and stored in the United States. By using the Service, you consent to the transfer of your data to this location.
7. Cookies and Tracking
The Bitparse API itself does not use cookies or browser-based tracking. If you access our website or dashboard, cookies may be used by our authentication provider (Clerk) for session management.
8. Children's Privacy
The Service is not directed to individuals under the age of 16. We do not knowingly collect personal information from children. If we learn that we have collected information from a child under 16, we will take steps to delete it promptly.
9. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy with a new effective date. Your continued use of the Service after changes constitutes acceptance of the updated policy.
10. Contact Us
If you have questions about this Privacy Policy or our data practices, contact us at:
- Email: support@bitparse.ai
- Entity: Bitparse LLC, State of Delaware