With our local-first architecture, your primary data lives in your browser's IndexedDB. We only sync binary fragments (updates) to our servers to facilitate real-time collaboration with your peers.
All WebSocket traffic is encrypted via TLS 1.3. Document updates are transmitted as binary delta-encoded fragments, ensuring that your content is protected from interception during the synchronization process.
We do not read, scan, or sell your document content. Our business model is based on infrastructure and productivity tools, not on data monetization or advertising.
Our NestJS backend and PostgreSQL databases are hosted in SOC 2 Type II compliant environments with automated snapshots and point-in-time recovery to ensure data durability.
Last Updated: December 24, 2025
To provide a seamless collaborative experience, we collect account information (email, name) and technical metadata (IP addresses, device identifiers). Document content is stored as Conflict-free Replicated Data Types (CRDTs).
Your data is used exclusively to:
We retain your document data as long as your account is active. Upon document deletion, all associated binary fragments are purged from our primary database within 30 days. Local browser data (IndexedDB) can be cleared by the user at any time.
We do not sell your personal information. We only share data with service providers (like our hosting platform) who are essential to running the CollabDocs service and who adhere to strict data processing agreements.