Your documents, your data.

Traxlate ("we", "us") provides a professional translation platform. We are the data controller for all account and document data you submit.

If you have questions about this policy, contact privacy@traxlate.com or open a support ticket from your dashboard.

Account data — email, name (optional), authentication factors (magic-link token, OAuth identifiers, WebAuthn credentials), language preference, time zone.

Document data — the text, files and metadata you submit for translation. This includes embedded images, OCR outputs and any glossaries or terminology you provide.

Usage data — translation jobs, credits consumed, request timestamps, and IP address for fraud and rate-limiting.

Payment data — billing address, plan tier, invoices, and the last four digits of your card. Full card data is handled by Stripe and never touches our servers. Crypto payments are handled by NOWPayments.

To translate your documents and return the results. To compute the exact credit cost before charging you. To deliver notifications (job ready, low credits, ticket replies) by email and optional web push.

To detect abuse, prevent fraud and enforce per-account rate limits. To improve our service — only via aggregated, de-identified analytics. We never use your documents to train external models, sell access to them or share them with third parties for marketing.

We do not send your documents to OpenAI, Anthropic, Google, or any other third-party AI provider. All translation, OCR, and review processing happens within our own platform.

We do not use your documents to train any model. We do not sell your data. We do not run advertising on the platform. We do not share documents with any third party except as required by law in a specific jurisdiction with a valid warrant.

Translation outputs are retained in your dashboard until you delete them or close your account. Translation memory entries are retained while your account is active so re-translations are instant.

On Pro and Business plans you can set per-job auto-deletion (1 day, 7 days, 30 days, never).

On account deletion request via your settings or by email to privacy@traxlate.com, we remove all your documents, TM entries and personal data within 30 days. Anonymous aggregated analytics may be retained.

We use Stripe (payments), NOWPayments (crypto), AWS SES (email delivery), Cloudflare (CDN + DDoS protection), Sentry (error monitoring) and OVH (infrastructure hosting). Each is bound by data-protection agreements.

An updated list is available on request and a 30-day notice is given before any new sub-processor is added.

Documents are encrypted at rest using full-disk encryption and in transit via TLS 1.3. Backups are encrypted and stored separately. Access requires multi-factor authentication for all production engineers.

We log every administrative action against your account in an immutable audit log; you can request a copy at any time.

Under GDPR, UK-GDPR and similar regimes you may request a copy of your data, correction of inaccurate data, deletion of your data, restriction of processing, objection to processing and data portability. Most of these are available as one-click actions in your dashboard settings.

If you believe we have mishandled your data, contact us first — we'll respond within 30 days. You also have the right to lodge a complaint with a supervisory authority.

We will email all active users at least 30 days before any material change. The change date and a summary will appear at the top of this page.