Legal

Privacy Policy

Last updated: June 12, 2026

1. Who we are

Document Ocean 360 is a cloud-based document management and document control platform operated by MAOcean 360 ("we", "us", "our"). This policy explains how we collect, use, and protect personal data when you visit documentocean360.com or use the Document Ocean 360 application.

2. Data we collect

  • Account data — name, business email address, organization name, and role, provided when you create an account or sign in through our authentication provider.
  • Contact and enquiry data — information you submit through our contact, demo request, or quote forms.
  • Customer content — documents and metadata your organization uploads to the platform. Your organization remains the controller of this content; we process it only to provide the service.
  • Usage and device data — pages visited, approximate location (country/region), browser type, and similar analytics signals collected via cookies or similar technologies where permitted.

3. How we use your data

  • To provide, secure, and maintain the Document Ocean 360 service, including authentication, audit trails, and notifications.
  • To respond to demo requests, sales enquiries, and support tickets.
  • To send service communications (such as billing, security, or feature notices). Marketing emails are opt-in and include an unsubscribe link.
  • To understand aggregate website usage and improve our product and content.

4. Service providers

We rely on a small number of infrastructure providers to operate the service, including:

  • Cloudflare — content delivery, DDoS protection, and web hosting.
  • Clerk — authentication and single sign-on.
  • Cloud storage providers — encrypted storage of documents and media in the data residency region selected by your organization (US, EU, or ME).
  • Email delivery providers — transactional notifications.
  • Analytics providers — privacy-conscious usage analytics for our marketing website.

Each provider processes data under contractual terms consistent with this policy.

5. Security

Documents are encrypted at rest and in transit (AES-256 / TLS). Access is governed by role-based permissions with organization-level isolation, and every action is recorded in an immutable audit log. We engage third-party penetration testing on a regular basis.

6. Data retention

Account and customer content is retained for as long as your organization maintains an active subscription, and is deleted or returned following termination in line with your agreement. Enquiry data is kept only as long as needed to handle your request and any follow-up.

7. Your rights

Depending on your jurisdiction (including under GDPR and similar laws), you may have the right to access, correct, export, or delete your personal data, and to object to or restrict certain processing. To exercise these rights, contact us at contact@maocean360.com.

8. Contact

Questions about this policy or our data practices: contact@maocean360.com or via our contact page.

9. Changes to this policy

We may update this policy from time to time. Material changes will be announced on this page with a new "last updated" date.