Privacy Policy

Effective: March 22, 2026

This privacy policy applies to all DockLabs applications and services, including Beacon, Harbor, Manifest, Bounty, Lookout, and Admiralty (collectively, the "Services"). DockLabs is a personal project developed by Daniel O'Keefe.

1. Information We Collect

We collect information necessary to provide our Services:

• Account information: Name, email address, and organizational affiliation provided during registration or single sign-on (SSO) via Microsoft Entra ID.
• Usage data: Log data including IP addresses, browser type, pages visited, and timestamps, collected automatically when you use our Services.
• Application data: Content you create, upload, or manage within our Services, such as contacts, grant records, documents, correspondence, and workflow data.
• AI interaction data: Queries processed by our AI features (powered by Claude) for purposes such as grant discovery, legislative scoring, and FOIA review.

2. How We Use Your Information

We use collected information to:

• Provide, maintain, and improve our Services
• Authenticate users and manage access
• Process AI-assisted workflows (grant matching, document review, legislative tracking)
• Generate audit logs for compliance and accountability
• Respond to support requests
• Comply with legal obligations, including public records laws

3. Data Retention

Data retention periods vary by application and are configurable by your organization's administrator. Standard retention options include 7-year, 10-year, and permanent retention, in accordance with applicable records retention schedules. You or your administrator may request deletion of data not subject to legal retention requirements.

4. Data Sharing

We do not sell your personal information. We may share data with:

• Service providers: Hosting (DreamHost), AI processing (Anthropic/Claude), authentication (Microsoft Entra ID), and other infrastructure providers necessary to operate the Services.
• Legal compliance: When required by law, subpoena, court order, or applicable public records request.
• Your organization: Administrators within your organization may have access to data associated with your account.

5. AI Processing

Several of our Services use Claude (by Anthropic) for AI-powered features. Data sent to Claude for processing is governed by Anthropic's usage policies. We do not use your data to train AI models. AI-generated outputs (scores, summaries, recommendations) are provided as decision-support tools and should be reviewed by qualified personnel.

6. Security

We implement security measures including HTTPS encryption, Content Security Policy headers, file scanning, audit logging, and role-based access controls. However, no system is completely secure, and we cannot guarantee absolute security of your data.

7. FOIA and Public Records

If you are a government user, data stored in our Services may be subject to Freedom of Information Act (FOIA) or state public records laws. Our Services include built-in FOIA workflow and exemption management tools to help your organization comply with these obligations.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

• Access your personal data
• Request correction of inaccurate data
• Request deletion of your data (subject to legal retention requirements)
• Export your data in a portable format

9. Cookies

Our Services use session cookies for authentication and security. We do not use third-party advertising or tracking cookies.

10. Changes to This Policy

We may update this policy from time to time. Material changes will be communicated through the Services or via email to registered users.

11. Contact

For privacy-related questions or requests, contact Daniel O'Keefe at dokeefect.com.