Last updated: May 2026
Who we are
Geordi Scan processes legal document uploads to generate scenario diagrams and automated consistency notes. This policy describes how we handle personal data under the GDPR.
Data we collect
- Account: email address and password (stored hashed).
- Documents: uploaded PDF or text files you choose to analyze.
- Analysis results: structured JSON derived from your documents.
- Technical: session cookies required for authentication.
Why we process data
We process your data to provide the service you request (document analysis and saved projects), based on your account registration and consent at signup.
Processors
- Vercel — application hosting (configure EU region).
- Neon / PostgreSQL (EU) — account and project metadata.
- Cloudflare R2 (EU jurisdiction) — document file storage.
- Microsoft Azure OpenAI (EU) — document analysis in production.
- OpenAI — development environments only.
Retention
Data is kept until you delete your account or individual projects. Account deletion removes database records and stored files.
Your rights
You may export or delete your account from the Account page. You may also contact us to exercise access, rectification, restriction, or objection rights under GDPR.