Privacy Policy
How Saff collects, protects, uses, and keeps account, document, extraction, billing, and security data.
Controller and contact
Saff is provided by Lenouar Artificial Intelligence Developing Services LLC, Al Muroor, Abu Dhabi, UAE. For privacy questions, contact services@lenouar.ae or +971555537749.
This Privacy Policy applies to Saff accounts, workspaces, extraction tables, uploaded documents, extracted rows, manual corrections, exports, billing records, security records, and related service activity.
Data we process
We process account data such as name, email address, sign-in records, session information, workspace membership, language preference, and user role.
We process workspace data such as table names, column names, field descriptions, extraction instructions, required fields, batch records, file details, review status, and export records.
We process document and extraction data such as uploaded PDFs or scans, temporary encrypted upload files, extracted values, supporting snippets, confidence information, manual corrections, and value history.
We process billing and operational data such as workspace wallet top-ups, selected billing currency, payment references, receipts, balance history, security events, usage-limit records, service logs, and support messages.
If you connect your own S3-compatible storage, we process connection details and encrypted access credentials so Saff can save retained originals to your bucket and show previews to signed-in users.
| Category | Retention approach |
|---|---|
| Original uploaded files in extract-only mode | Temporarily stored in encrypted form for processing, then deleted after processing or expiry. |
| Retained original files | Stored only in the customer-connected storage bucket, in encrypted form, when retained originals are selected. |
| Extracted rows and corrected values | Kept in the workspace's separate database until deleted through available product controls or retention processes. |
| Billing and audit records | Kept as needed for payment reconciliation, security, dispute handling, and legal or accounting obligations. |
| Storage connection secrets | Stored encrypted while the connection is active or needed to support retained files and required records. |
How we use data
We use data to provide Saff, sign users in, manage workspaces, create extraction tables, process documents, produce extracted rows, support review, generate exports, manage wallet balances, and provide support.
We use document content and table field details to ask an AI extraction processing provider to return values for the fields selected by the user.
We use security and activity data to protect the service, detect abuse, investigate failures, enforce limits, respond to incidents, and keep the service reliable.
Encryption and workspace separation
Saff encrypts sensitive extracted values, supporting snippets, corrections, and storage secrets before saving them.
Each workspace is designed to keep extraction data in a separate workspace database. Account and billing records are kept apart from document-derived extracted values.
Temporary uploads and retained originals are encrypted. Retained originals are opened only through Saff for signed-in users with the right access.
Service providers
We use service providers for hosting, databases, temporary file storage, payments, transactional email, background processing, and AI extraction.
Payment card details are handled by Stripe through embedded payment forms. Saff stores payment references and wallet balance history, not raw card numbers.
A current subprocessor list is published on the Saff Subprocessors page.
Customer responsibilities
Workspace owners are responsible for the documents they upload, the field instructions they create, the users they invite, and the storage buckets they connect.
If you connect your own storage, you are responsible for bucket permissions, encryption settings, lifecycle rules, access controls, regional choices, and your storage provider relationship.
Access, correction, and deletion requests
Workspace users may access, correct, export, and delete product data through the Saff interface where those controls are available.
For privacy requests that cannot be completed through the product interface, contact services@lenouar.ae. We may need to verify your identity and workspace authority before acting on a request.