Privacy Policy

About ApproveLock

ApproveLock is a protected client work delivery platform. An owner uploads work and shares a protected preview through a link. The client reviews the preview while full access stays locked, and the owner decides when to unlock access or send the final file. ApproveLock does not process payments and does not act as escrow.

Information we collect from owners

• Account details you provide at sign-up (email address and any name you enter).
• Documents and files you upload, and the access settings you configure for each one (allowed emails, recipient name, expiry, watermark options).
• Usage records tied to your account, such as document counts, storage used, viewing bandwidth, and conversion counts, used to apply plan limits.

Information we collect from viewers / clients

When a viewer opens a protected preview, ApproveLock records access activity for the document owner. Depending on the owner's settings this can include:

• The name and email the viewer enters at the access gate.
• When the preview was opened, and active viewing time where available.
• Approximate IP address, device type, and browser information derived from the request.
• Whether an access attempt was allowed or denied.

Viewer access activity

Access activity is collected so the document owner can see who reviewed their work and stay in control of delivery. It is associated with the specific document and shared with that document's owner.

Viewer identity watermark

Protected previews may display an identity watermark (for example the viewer's name or email and a timestamp) over the document. The watermark is a deterrent and an attribution aid. It does not prevent screenshots, photographs, or copying, and ApproveLock does not guarantee that a preview cannot be captured or leaked.

IP, device, and browser data

We process limited technical data (such as an approximate IP address and a device/browser descriptor) to record access activity, apply rate limits, and keep the service secure. We do not use it for advertising.

Uploaded files and protected previews

Uploaded files are stored privately. Viewers never receive the raw file path; previews are served through short-lived signed links generated on the server.

Analytics and active viewing time

Active viewing time, where available, is measured from periodic signals while the preview tab is open and is intended to reflect active review time rather than wall-clock time. It is approximate.

Cookies, session, and localization

We use cookies that are necessary for the service to function: an authentication session for signed-in owners and a small preference cookie that remembers your language (English or Arabic). We do not use advertising cookies.

How we use data

• To operate protected delivery: gating access, generating previews, and applying watermarks.
• To show document owners the access activity for their own documents.
• To apply plan limits and keep the service reliable and secure.
• To respond to support requests.

Who can see viewer activity

Access activity for a document is visible to that document's owner. ApproveLock staff may access data where strictly necessary to operate, support, or secure the service.

Storage and security

Files are kept in private storage and previews are delivered through short-lived signed links. We apply access controls and rate limits. No method of storage or transmission is completely secure, and we cannot guarantee absolute security.

Data retention

We keep account and document data while an account is active. Access-activity history may be retained for a period that depends on the owner's plan. Exact retention windows may change as the product develops; contact us if you need specifics for your account.

Data deletion and requests

Owners can delete their documents from the dashboard, which removes the stored file. For account deletion, or to ask what data relates to you or a viewer, contact us using the details below and we will respond as soon as we reasonably can.

Third-party services

We rely on a small number of infrastructure providers to run ApproveLock:

• Supabase — authentication, database, and file storage.
• Vercel — application hosting and delivery.
• Upstash — rate-limiting state.
• Gotenberg (a document-conversion service) — used only if Office-to-PDF conversion is enabled; not used during the private beta.

International processing

Our providers may process and store data in data centres located in different countries. By using ApproveLock you understand that data may be processed outside your own country.

Contact

For any privacy question or request, contact contact@approvelock.com.