Privacy Policy

• Documents you submit. The files you upload for verification and the figures and text our engine reads from them while analysing them.
• Verification results and feedback. The result we produce for each document, and any thumbs-up / thumbs-down feedback you choose to give on a result.
• Technical and usage data. A one-way, salted hash of your IP address (we do not store your raw IP), your browser's user-agent string, and basic request logs (the time of a request and which checks ran). These are used to operate the service, enforce rate limits, and prevent abuse.
• Website analytics. Aggregate usage data collected through Google Analytics, and a small preference cookie that remembers your light/dark theme.

You do not need to provide a name, email address, or any account details to verify a document. We do not knowingly store the content of your documents in our searchable index — that index holds only a minimal record of each check (its outcome and the hashed IP), never the document text or extracted personal data.

• To run the verification you requested and return a result.
• To prevent abuse, apply rate limits, and keep the service secure and reliable.
• To detect, diagnose, and fix errors.
• To understand aggregate usage and improve the service.

We do not use your documents to advertise to you, and we do not sell your personal information.

We use a small functional cookie (stipple_theme) to remember your display preference, and Google Analytics, which sets its own cookies to measure how the site is used. You can block or delete cookies in your browser settings; the verifier itself works without them.

We do not sell your information. We share it only with the service providers ("sub-processors") that help us run Stipple:

• Google Cloud Platform — hosting, document and result storage, and our database, hosted in the Australia (Sydney) region.
• OpenRouter (Qwen2.5-VL) — when AI analysis is used, the document (or images and text from it) is sent to our AI model provider, which runs the vision-language model that reads and classifies it.
• Sentry — error and diagnostic reporting that helps us keep the service reliable.
• Google Analytics — aggregate website usage measurement.

We may also disclose information if required by law, or to protect the rights, safety, and security of our users and our service.

Uploaded documents and their detailed results are kept only for as long as needed to provide the service and are then automatically deleted. A minimal record of each check (its outcome and the hashed IP — never the document content) and our request logs are retained to operate the service, prevent abuse, and understand usage. You can ask us to delete a document or result you submitted (see "Contact us").

• All data is encrypted in transit using HTTPS/TLS.
• Documents and results are stored on Google Cloud Platform, protected by its security controls.
• Your IP address is stored only as a one-way, salted hash — we cannot recover the original address from it.
• No document content or extracted personal data is stored in our searchable index.
• There are no accounts or passwords for you to manage.

No method of transmission or storage is ever completely secure, but we work to protect your information using reasonable safeguards.

Your documents and results are stored in Australia (Google Cloud, Sydney region). Some of our sub-processors — our AI model provider, analytics, and error monitoring — may process data in other countries, including the United States. Where that happens, the data is handled under those providers' own terms and safeguards.

You can use the verifier without an account, so we hold very little information that identifies you. You can manage or block cookies in your browser, and you can email us to ask what data we hold about a verification you submitted or to request its deletion. Depending on where you live, you may have additional rights under local data-protection law; contact us and we will do our best to honour them.

Stipple is not directed to children under 16, and we do not knowingly collect personal information from them. If you believe a child has provided us information, contact us and we will delete it.

We may update this policy from time to time. When we do, we will revise the "Last updated" date at the top of this page. Significant changes will be made clear on this page.

Questions about this policy or your data? Email us at gaurav@stipple.sh.