Security & privacy

The plain version. The full legal text is in the privacy policy.

What we don't do

No AI training

Your documents never enter any model's training data — ours, a vendor's, or anyone's.

No marketing use

We don't look at document contents for ad targeting, profile-building, or "improving the service."

No human review

No employee opens your document unless you specifically ask support to help with a job and consent to it.

No selling data

We don't sell or rent your data to anyone.

What we collect

Your email address (for login).

Your default mailing address (CASS-verified by our print partner).

Payment methods, handled by Stripe — we never see your full card number.

The documents you print, only for the time required to print and mail them.

Basic device metadata: platform, app version, last-seen timestamp.

How a document flows

Your computer renders the document to PDF — the contents stay on your machine until you print.

When you print, it's uploaded to your account encrypted over TLS. Nothing is mailed yet.

Held in your account, encrypted at rest (AES-256), with a 10-minute hold you can cancel.

Only after the hold ends — i.e. after you confirm — is it forwarded over TLS to our print partner.

Printed, folded, enveloped, and mailed by our print partner.

Purged from our servers 7 days after estimated delivery — we'd rather not keep your documents around.

Uploaded at print time, mailed only on confirm

When you hit Print, the rendered PDF is uploaded to your account encrypted over TLS — that upload is the print step. Nothing is sent to our print partner or put in the mail until the 10-minute hold ends and you've confirmed. Cancel inside that window and the document is dropped, never mailed, never charged. We treat an uploaded-but-unconfirmed document with the same care as any other: encrypted at rest, no human review, purged on the same schedule.

What our print partner sees

Our partner (PostGrid) sees the PDF, your name, and your address — the same information any printer-and-mailer would need. They're a SOC 2 Type II company with their own retention policies. We're working toward bringing more of the print pipeline in-house as we scale.

Sensitive documents

Plenty of people use us for tax forms, medical letters, legal documents. The system is designed for that — the privacy posture above isn't marketing, it's how the code is wired.

That said, we're not a HIPAA Business Associate today. If you're a healthcare provider, contact us — there's an enterprise path with a BAA.

Infrastructure & security

HostingUS-based

DatabasePostgreSQL · encrypted at rest (AES-256)

TransitTLS 1.2+ everywhere

AuthSession cookies · device bearer tokens stored securely on your device

PaymentsStripe · we never see your full card number

SOC 2Pre-certification. Engagement starts at 5,000 accounts.

Disclosures & legal process

We respond to valid subpoenas and court orders. We don't proactively scan documents. Our transparency report tracks every such request — the count is currently zero.

Operated by Deep Thought Technologies Inc. Questions? security@printwhisk.com · all legal docs