SpecMake

Privacy Policy

Last updated: February 24, 2026

1. Introduction

SpecMake ("we", "us", "our") operates the specmake.com website and document translation service. This Privacy Policy explains how we collect, use, and protect your information when you use our service.

For GDPR purposes, SpecMake is the data controller responsible for your personal data. You can reach us at privacy@specmake.com.

2. What We Collect

We collect the following information:

  • Account information: Email address and password when you create an account.
  • Uploaded documents: Technical documents you upload for processing and translation.
  • Usage data: Pipeline processing metadata (document type, language pairs, page count) for service operation and billing.
  • Payment information: Handled entirely by Stripe. We store only your Stripe customer ID — never your card details.
  • Marketing preferences: Whether you have opted in to receive marketing communications, and the date and time of your consent.

3. How We Use Your Data

  • Process and translate your uploaded documents.
  • Maintain your account, document history, and glossary.
  • Track usage against your plan limits.
  • Send transactional emails related to your account (e.g., password resets, billing confirmations).
  • Monitor aggregate service performance and cost.

4. Marketing Communications

We will only send you marketing emails (product updates, feature announcements, tips for technical documentation) if you have explicitly opted in during signup or through your account settings.

You can withdraw your consent and unsubscribe at any time by:

  • Clicking the "unsubscribe" link in any marketing email.
  • Updating your preferences in your account settings.
  • Contacting us at privacy@specmake.com.

Withdrawing consent does not affect the lawfulness of processing based on consent before its withdrawal. Unsubscribing from marketing emails does not affect transactional emails necessary for service operation (e.g., password resets, billing notifications).

5. AI Processing

Your documents are processed using the Anthropic Claude API. Document content is sent to Anthropic's API for extraction, structuring, and translation. Anthropic's API does not use your data for model training. Refer to Anthropic's Privacy Policy for details on their data handling.

6. International Data Transfers

Your data is primarily stored in the EU (Supabase, Frankfurt, Germany). However, some of our service providers process data outside the EU/EEA:

  • Anthropic (Claude API): Document content is sent to Anthropic's servers in the United States for AI processing. This transfer is governed by Standard Contractual Clauses (SCCs) as per Anthropic's data processing terms.
  • Vercel: Our website is hosted on Vercel's global edge network, which may serve content from locations outside the EU/EEA. Vercel participates in the EU-U.S. Data Privacy Framework.
  • Stripe: Payment processing may involve data transfer to the United States. Stripe is certified under the EU-U.S. Data Privacy Framework.

We ensure that all international transfers of personal data are protected by appropriate safeguards as required by GDPR, including Standard Contractual Clauses, adequacy decisions, or certification under the EU-U.S. Data Privacy Framework.

7. Data Storage & Security

Your data is stored in Supabase (PostgreSQL) hosted in the EU (Frankfurt, Germany). All data is encrypted in transit (TLS) and at rest. Row-level security ensures you can only access your own data.

8. Payments

All payment processing is handled by Stripe. We never receive or store your credit card number, expiration date, or CVC. We only store your Stripe customer ID to manage subscriptions and billing.

9. Cookies & Tracking

SpecMake does not use cookies for advertising or analytics. We use only essential cookies required for authentication (session tokens managed by Supabase Auth). We do not use any third-party tracking scripts or pixels.

10. Data Retention

Your documents and translations are retained for as long as your account is active. You can delete individual documents at any time from your dashboard. If you delete your account, all associated data (documents, translations, glossary entries, templates) is permanently deleted within 30 days.

11. Your Rights (GDPR)

If you are in the EU/EEA, you have the right to:

  • Access the personal data we hold about you.
  • Rectify inaccurate data.
  • Request deletion of your data.
  • Export your data in a portable format.
  • Object to or restrict processing of your data.
  • Withdraw consent at any time (including marketing consent).
  • Lodge a complaint with your local data protection authority.

To exercise any of these rights, contact us at the address below.

12. Third-Party Services

  • Supabase: Database, authentication, and file storage (EU).
  • Anthropic (Claude API): AI-powered document processing (US).
  • Stripe: Payment processing (US, EU-U.S. DPF certified).
  • Vercel: Website hosting (global, EU-U.S. DPF participant).

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users of material changes via email. Continued use of the service after changes constitutes acceptance.

14. Contact

For privacy-related questions or to exercise your rights, contact us at: privacy@specmake.com