Privacy Statement

Last revised September 9, 2025

INTRODUCTION

This Privacy Statement (“Statement”) is meant to help you understand how Copyleaks (together with its affiliated companies – “Copyleaks”, “we”, “our” or “us”) collects, uses, shares, and protects personal information with respect to your use of this website (the “Site”), the services and content made available on the Site, the API and any other service provided by Copyleaks (together the “Services”). Our Services may entail collection and processing of personal information for the purposes set out below in this Statement. 

We may process personal information:

    1. of individuals who visit, browse and use our Services, such as the AI Detection and Plagiarism detection platform that is available on the Site, or by engaging and interacting with us through our contact page on the Site (“Visitors” and “Users” respectively). As a Visitor or a User, you may provide personal information directly while browsing and using the Site Services and we may collect personal information regarding your usage of the Site, as further explained in this Statement.
    2. of our Enterprise Customers’ personnel who are authorized users who create an admin account in our platform Services in order to use the Service on behalf of the Enterprise Customer (“Account Admins”).
    3. That is submitted to the Services by our Enterprise customers (“Enterprise Customers”), which we process on behalf of our Enterprise Customers (“Customer Data”) in our capacity as a “data processor” (or equivalent term under applicable data protection laws) in accordance with the instructions governed by commercial agreements and Data Processing Addenda  we have in place with our Enterprise Customers. In certain cases, we will also process Enterprise Customer Data as an independent data controller, as further explained in this Privacy Statement below.

 

Whether you are a Visitor, User or Account Admin, you are not legally required to provide us with your personal information. If you do not wish to provide us with your personal information, please refrain from using our Services and visiting or interacting with our Site, but be aware that without providing certain information, we may be unable to provide you with some or all of our Services.

We reserve the right to change this Privacy Statement and we may update it from time to time, as we deem necessary and according to the changes in any applicable law. Should we make material changes to this Statement, we will notify you in an appropriate manner, such as posting a notice on the Site.

Our role as Data Controller and Data Processor

As per modern data protection laws, such as the EU GDPR and U.S. state data privacy,  Copyleaks takes on the role of a controller in certain processing activities and a processor under other situations, to the extent that such laws and regulations apply to us. We are a controller when we determine the purposes and means of the processing, such as when we process Visitors’, Users’ and Account Admins’ personal information. However, in our capacity as controller, Copyleaks is not subject to the US privacy laws. On the other hand, we serve as a data processor or service provider (as such terms are defined in data protection laws), when we process personal information on behalf of a data controller or a business (as such terms are defined under data protection laws), i.e., when we process Enterprise Customer Data such as documents and texts submitted by Enterprise Customers into the Services for scanning. We process such data on behalf of our Enterprise Customer (who is the controller of such data or the “business”), in accordance with its instructions which are governed by an agreement with the Enterprise Customer (usually referred to as a Data Processing Addendum) and other commercial provisions with such Customer in accordance with applicable data protection laws. Without derogating from the above, Copyleaks may also take on the role of a controller under certain data protection laws with regard to Enterprise Customer Data where applicable laws and the contractual engagement with Customers allow it to use the Customer Data, for purposes such as fraud detection, billing and improving Copyleaks’ services including by training Copyleaks’ models, as further explained in the Use of Personal Information chapter in this Statement.

Accordingly, this Privacy Statement describes Copyleaks’s data processing practices as a data controller and does not apply to the processing of Enterprise Customer Data as data processor or service provider. If you have any questions or requests or to exercise your rights regarding your personal information collected by our Enterprise Customers and processed by us as a processor or service provider, please contact the respective Enterprise Customer and we will work with them to facilitate their fulfillment or their obligations under the data protection laws.

Whether you are a Visitor, User or an Account Admin who uses our Services on behalf of our Enterprise Customers – you are solely responsible for determining whether to insert personal information to our document and texts scanning Services, and for ensuring that such personal information was collected lawfully, including by ensuring that all individuals whose personal information is shared while using our Services have been provided with adequate notice and by having a proper lawful basis (such as informed consent where such consent is necessary or advised) for sharing with us and processing the personal information, and that all legal requirements applicable to the collection, use or other processing of personal information through our Service are fully met. If you prefer not to include personal information when using our Services, you may use the “Hide Sensitive Data” feature. If you are a direct customer, you may opt out of our use of your information to train our models by contacting customer support at [email protected]. If you are a user of our Enterprise Customers, our Enterprise Customer may elect to opt out of our use of the information to train our models.

PERSONAL INFORMATION WE COLLECT

We collect personal information directly from you and automatically from your usage of the Services, in accordance and depending on how you interact with our Services and the Site:

  • To provide our Services to Enterprise Customers, we will need to collect the name and an email address from an Account Admin.
  • When you sign up and setup a personal User in the Site and uses the Services, we may collect the following information (collectively: “User Data”):
    • Contact details such as your name, country, User profile, e-mail address and home address for billing.
    • Security and sessions details – IP address, browser type, Device type, your last login session.
    • Billing details and number of credits on your plan.
    • The materials you upload to the Service such as your texts and documents scans.
    • When you visit our Site and leave us feedback or request support, we will collect any information that is contained in your feedback or support request.
    • When you contact us by e-mail or telephone, using any of the e-mail addresses or telephone numbers provided on the Site, we collect any Personal Information you may provide to us voluntarily in connection with this communication.
    • You can provide us with your contact information and additional information you choose to provide when you send a request for customer support.
    • Information provided as part of participation in surveys: We may occasionally ask you to provide information by participating in surveys. Participation in such surveys is voluntary, and you can choose not to provide the information. 
  • We may allow you to apply for open positions at Copyleaks through the Site. You may file an application for a job opening through the career page on the Site, providing your name, email address, phone number, copy of your CV or link to your LinkedIn profile. We will process this information to evaluate your candidacy in accordance with this Privacy Statement.

When you use our Services to scan or submit documents or any digital or other content or type of file (“Content”), this Content may contain Personal Information, depending on whether you enabled the “Hide Sensitive Data” feature to mask your data. However, we have no control over the type of data you decide to upload in the Content submitted. You alone determine what Content to share with our Services and whether to include any personal information of yours in the Content.  Note that if you are a student-User associated with an Enterprise Customer, we collect this information on behalf of the applicable Enterprise Customer in order to provide the Services. You are also responsible for procuring any necessary consent and/or making any required notification to others if the Content you upload contains others’ personal information, including when you enter any Personal Information into any postings or comments within the Service, as we will collect such information and this information too. We use this information to provide the Services to our Enterprise Customers. We also use this information to train our models. If you are a direct customer, you may opt out of our use of your information to train our models by contacting customer support at [email protected]. If you are a user of our Enterprise Customers, our Enterprise Customer may elect to opt out of our use of the information to train our models.

Information on others: If you provide us information on others, it is your responsibility to verify that this is done in accordance with the provisions of the law, including having them consent as may be required under the applicable laws. When acquiring their consent, you must inform them how the information will be used, that a copy of their information will be retained and that the content provided will be used by us to train our models.


Information we collect automatically and cookies:

If you opt-in to receive our newsletter, we, through our service provider, use tracking pixels to determine whether you open emails, the time of opening, information about the device you use (including IP address), whether you interacted with the email, the topic of the email, whether it was delivered, sender and recipient addresses. We use this information to:

  1. measure the effectiveness of our communications and make them more attractive, particularly by improving email subject lines.
  2. limit the frequency of sending or stopping it, ensuring emails continue to reach their recipients.
  3. detect and analyze suspected fraud.
  4. personalize communications based on your interest in received emails and interaction with them. This personalization includes: adapting message content, adjusting sending frequency or communication channel and optimizing campaigns based on reactions (e.g., adjusting email subject lines); and 
  5. offer tailored content or advertisements on other websites, applications, or communication channels.

 

You may revoke your consent at any time with effect moving forward by clicking the “unsubscribe” link included within each email we send to you.

We may use cookies and other technologies to collect information about how you use our Service and interact with our Site so we can improve our Services and Site and also for targeting our advertising with your consent.

Such technologies include cookies, web beacons, and other storage technologies. Cookies are essentially text files (or code lines) that are created on the browser and/or on your mobile device, to the extent that you have allowed cookie implementation in the settings of the device/computer you are browsing with, and collect technical usage information, such as the duration of your visit on the site/page/screen, your browsing method and the actions performed therein. The use of cookies facilitates your identification when you revisit our websites. Additionally, cookies will monitor your activities and collect information such as: IP address, connection dates, duration of your visit, version of the operating system, type of browser, IP-based location, domain name and point of access to the Service.  We also employ cookies for serving targeted ads, with your consent. Third party advertisers and service providers may also use, place, or read cookies or other technologies as described below on your device, and those practices are subject to their own policies.

The settings of your device/computer may be updated or modified to completely or partially block the use of cookie files. You can adjust your cookies preferences at any time through the Manage Cookies/Your Privacy Choice button in the Site. There are different types of cookies that serve different purposes. Some cookies stored on your browser are essential for enabling the website’s basic functions, are ladled as “Necessary” and cannot be disabled. Other types of cookies such as Functional, Analytics, Performance, and Advertisement cookies help us analyze how to use our website, store your preferences, and provide relevant content and targeted advertising to you. These cookies will only be stored in your browser with your prior consent.

However, if you choose to block cookies, some of the services may not be available to you or you may be required to re-enter your personal information every time you enter the Website.

You can also opt out from some of the cookies during your browsing, for example by adjusting the settings in your browser. If the browser or extension that you (or your authorized agent) are using supports Global Privacy Control (GPC), you may utilize the GPC opt out preference signal to instruct us to not sell or share any of your personal information collected online. The GPC opt out preference signal will apply to the device, platform, or browser in which you utilize it. You can utilize the opt out preference signal by turning on the signal in your device, platform, or browser settings. Please note that you must opt out of each device and each browser.

  • Particular third-party cookies to note on our website include Google Analytics. We use Google Analytics to collect information on your use of the Website for its improvement. To collect this information, Google Analytics installs cookies on your browser or reads cookies that are already there. Google Analytics also receives information about you from applications you have downloaded or services that you use that partner with Google. Google’s ability to use and share information collected by Google Analytics about your visits to our Website or to another application which partners with Google is restricted by the Google Analytics Terms of Use and Privacy Policy. To prevent your data from being used by Google Analytics, you can download the Google Analytics opt-out browser add-on. You can also adjust your Ad Settings or change settings in your Google My Activity if you are signed into your Google Account. To opt out, please visit Manage Cookies/ Your Privacy Choices.
  • Google Tag Manager. Google Tag Manager is a tag management system to manage tags used for tracking and analytics on our Website. Tags are small code elements that, among other things, are used to manage traffic and visitor behavior and to test and optimize websites. We utilize Google Tag Manager to manage and organize all third-party tags on our Website and to control when those tags are triggered. 
  • DoubleClick. We utilize DoubleClick by Google to serve ads based on a user’s prior visits to our Website. Each visitor to our Website receives a different cookie, and the information collected by the cookie is used to generate conversion statistics and allows us to see the total number of individuals who clicked on our ads. DoubleClick enables Google and its partners to serve ads to you based on your visits to our Website in addition to other websites on the Internet. Please review Google’s Privacy Policy for additional information on how Google uses the information collected. Such sharing may be deemed a sale under the California Consumer Privacy Act. To opt out of targeted advertising by Google and this sharing, you can go to Google’s Ad Settings, or you can install the DoubleClick opt-out browser plugin. To opt out, please visit Manage Cookies/ Your Privacy Choices.
  • Meta Pixel. We use Meta Pixel to serve you ads on your social media based on your browsing behavior. Meta Pixel sets a cookie on your device that allows your behavior to be tracked after you have been redirected to the Website by clicking on a Facebook ad. This enables us to measure the effectiveness of Facebook ads for statistical and market research purposes and to provide targeted advertising. We do not have access to the information collected through the Meta Pixel. The information collected via Meta Pixel is stored and processed by Meta. Meta may link this information to your Facebook account and use it for its own promotional purposes in accordance with Facebook’s Data Usage Policy. You can opt out of displaying Facebook ads and sharing by visiting your Facebook Ad Settings.
  • Microsoft ClarityWe partner with Microsoft Clarity and Microsoft Advertising to capture how you use and interact with our website through behavioral metrics, heat maps, and session replay to improve and market our products/services. Website usage data is captured using first and third-party cookies and other tracking technologies to determine the popularity of products/services and online activity. Additionally, we use this information for site optimization, fraud/security purposes, and advertising. For more information about how Microsoft collects and uses your data, visit the Microsoft Privacy Statement. To opt out, please visit Manage Cookies/ Your Privacy Choices

You can also opt out from these third-party cookie tools during your browsing, for example by using the following websites:

http://www.aboutads.info/choices/

http://www.youronlinechoices.eu/

HOW WE USE OF PERSONAL INFORMATION AND LEGAL BASES

We use your Personal Information for the following purposes:

  • To set up and register an account to the Services.
  • To provide the Services, Copyleaks will process the content that you provide, in connection with your use of the Services.
  • to manage the accounts of Copyleaks Users.
  • to improve the content of the Services, enhance the operation of the Services, improve our marketing and promotional efforts, statistically analyse use of the Services and in certain regions also for overall improvement of our product and Services offerings, based on Content of the scans submitted to the Services, after we filter out direct identifiers from the content. We will not use your credentials and contact details to train our models and improve our services.
  • to fulfill any transactions.
  • provide you with updates about our products and Services, if you consent to receive  our marketing communications.
  • provide technical support
  • send you notices about our Privacy Statement and Terms and enforce our Terms.
  • to comply with any legal requirements and judicial and governmental orders, issued by national or foreign authorities, if we believe we are required to comply with them.
  • to invoice and process payments.
  • to test and monitor the Services, diagnose or fix technical issues, and to train our models. You can opt out of the training at any time by contacting customer support at [email protected].
  • to gain a better understanding of how you use and interact with our Services, to utilize such information to continuously improve our Services and user-experience.
  • to enhance information security and protect your privacy, inter alia, by filtering out identifiers from the Content or scans you submit, if you choose to enable “Hide Sensitive Data” in your settings.
  • for contextual, behavioral and interests-based advertising, and to optimize our marketing campaigns in connection with the tracking for the purpose of  delivering advertisements for our Services.
  • prevention of fraud and/or illegal activities, and protection of legal rights and legitimate interests of ours and of others, all subject to the provisions of applicable laws.
  • respond to your support requests and provide customer service.
  • evaluate your candidacy for a job opening if you are an applicant, including by using third-party service providers tools to manage recruitment operations.

Legal basis of processing:

Some data protection laws, such as the General Data Protection Regulation (“GDPR”), require that that processing of personal information shall be relied on legal bases for the collection and processing. If you are located in a jurisdiction where data protection laws acknowledges or requires “consent” as the primary or most suitable legal basis for processing personal information — as outlined in this Privacy Statement — your agreement or continued use of the Services and the Site, along with your acceptance of our Terms and this Privacy Statement will constitute your consent to the collection and processing purposes described in this Privacy Statement. This applies whether the requirement for consent as a legal basis is general, based on the types of personal data you choose to provide through the Services, or due to the nature of the processing itself.

If at any point you wish to withdraw your consent, you can do so by contacting us at [email protected] (see further details in chapter “Your Rights” below).

Otherwise, and if you reside in one of the European Union (EU) or European Economic Area (EEA) countries, United Kingdom (UK) or Switzerland, we use your Personal Information for the purposes set out above where:

  1. Our use of your Personal Information is necessary to perform a contract or to take steps to enter into a contract with you (e.g. to provide you with      our Services, to provide you with our customer assistance and technical support, and to consider your job applications when you apply to Copyleaks);
  2. Our use of your Personal Information is necessary to comply with a relevant legal or regulatory obligation that we have; or
  3. Our use of your Personal Information is necessary to support our legitimate interests and business purposes (for example, to maintain and improve our Services and the effectiveness of Copyleaks by identifying technical issues; troubleshooting or security purposes; anonymous personal information for internal operations and improvements of Services) provided it is conducted in a way that is proportionate and that respects your privacy rights.
  4. With your freely given consent (e.g., to send you promotional communications)

SHARING OF PERSONAL INFORMATION

To provide you with our Services, we may share personal information about you within Copyleaks, or with our service providers and business partners for analytics, marketing, and other business purposes, as follows:

  • for the purposes of the objectives set out in this Privacy Statement
  • for the purpose of realizing the objectives that we have been authorized to perform by law, and for the realization of legitimate business interests that we have, such as the prevention of fraud. Such transfer of information will be subject to the third party’s undertaking to protect the privacy and information security at a level that is appropriate for the type of information being transferred. When transferring the information among the Copyleaks entities, for the purpose of US data protection laws, the recipient entity constitutes a service provider/data processor.
  • As part of our engagement with subcontractors and suppliers that provide us with services (such as companies processing payments, cloud service providers, companies that provide support and maintenance for equipment, software providers, accountants, lawyers, banks, customer service centers).
  • Subject to the law, we may transfer information as part of the sale of our business (including in the negotiations of such sale), and within the framework of a reorganization, merger, joint ventures and other transactions related to our business, including, without limitation, bankruptcy and liquidation. We will make reasonable efforts to let you know if this occurs and how it impacts your personal information to the extent required by law.
  • Under a court order instructing the company to do so or as required by law.
  • For the purpose of defence in legal claims.
  • In accordance with the law, we may sometimes transfer aggregate information to third parties for various purposes, such as research or for the purposes of those parties. In these cases, we will take steps to make this information transfer in a manner that makes it difficult to identify you or others. We will not attempt to re-identify the data unless it is necessary to determine whether our de-identification processes satisfy applicable data protection laws.

We may transfer and store your personal information outside of the country or region where you live, including in countries where data protection laws may be considered less protective than the laws in the place where you live, for example, in the United States. If we transfer personal information outside the location where it was collected, we will ensure to have appropriate safeguards and ensure that such transfers meet applicable local legal requirements.

Among other service providers, we use Google Workspace. Google Workspace APIs are not used to develop, improve, or train generalized AI and/or ML models.

Shared Data Hub and Private Data Hub

Our services include features that, if activated by the Enterprise Customer, allow users under that Enterprise Customer account to compare Contents you scan with a private hub of documents you or your organization has created (“Private Data Hub” or “Private Cloud Hub”) or with a large database of documents and texts shared by other users that enabled their scans to be included in the Copyleaks database of scans (““Shared Data Hub””). In Private Cloud Hub, the Content submitted will be visible only within the organization and its Admins Account or organization personnel who created the Private Cloud Hub account, which operates the Service on behalf of the organization. Your Admins Accounts or organization personnel who created the Private Could Hub account can delete any file from the Private Cloud Hub at any time.

Shared Data Hub enables you to compare scans you have submitted against other submissions uploaded to our Service by other users. Thus, it adds user submitted content to the universe of content that our Service scans for potential violations or plagiarism in content you submit. Note, that your credentials and personal information will not be viewable by others when using this feature. The Content you submit to the Service will not be visible to others, unless the Content contains identical elements to the content that another user submitted, in which case, only the identical parts of the Content that were identified will be visible.

You can disable the Shared Data at any time, and any files can be permanently deleted from the Shared Data Hub here.

MEDIA, ADVERTISEMENTS AND DIRECT MAILING

In accordance with the applicable laws, if you used or expressed interest in our Services, we may send you promotional communications in relation to our services or similar products and services, through any means of communication, including via e-mail, social media and, if you opted into such communication – by SMS messaging.

If you join our marketing communications, we will send you emails and advertisements regarding our Services. As mentioned above, note that our marketing emails may contain tracking pixels, subject to your consent. We may create a profile to serve your better targeted advertisements. We may contact you by e-mail, telephone, mobile phone (including SMS messages), social networks and other means. To opt out and stop receiving commercial communications, please contact [email protected]. Even if you do not agree to receive promotional communications, you may still receive service-related communications.

YOUR RIGHTS

Depending on the law where you reside, you may have certain rights under applicable privacy laws, such as – the right to know/request access personal information collected (including the categories of personal data collected, categories of sources from whom the personal data was collected, purpose of collecting personal data, categories of third parties with whom we have disclosed personal data), to request rectification or erasure of your personal information, to restrict or object to personal information processing (including the right to direct us not to sell your personal data to third parties now or in the future), or to obtain a copy or to port your personal data. You can exercise your rights by contacting us at [email protected].

If the GDPR applies, you also have the right to lodge a complaint with the relevant supervisory authority in the EEA or the UK, as applicable.

Subject to legal considerations, we will make reasonable efforts to fulfil your request in accordance with applicable laws. In order to comply with your request, we may ask you for additional information to verify your identity and for security purposes.

If you are a student, parent/legal guardian of a student, or other individual whose personal information is being processed by our services through any of our Enterprise Customers, such as an educational institution, or if any of our Users shared personal information about you while using our Services – you should contact those Enterprise Customers or Users if you would like to exercise any of your rights in relation to your personal data that is being processed by Copyleaks as a service provider to an Enterprise Customer and its data processor.

SECURITY

As set forth in our Security Practices page, we follow appropriate industry standards to protect information which is in our possession, in accordance with applicable law. For this purpose, we use reasonable security measures which comply with the standards of the Internet industry, including encryption and other protections. We have adopted strict measures for the protection of privacy and the confidentiality of the information which safeguard against errors in the use of information provided by you or against unauthorized access to such information. Despite the aforementioned, there is a risk of unauthorized access to our databases and systems. You are requested to protect your credentials to minimise any breaches.

RETENTION

We retain your personal information for as long as necessary for us to provide our services, according to the purposes outlined in this Privacy Statement, or as required by law. In addition, we will retain your personal information for as long as we need it for resolving disputes and legal defences, conducting audits, pursuing legitimate business purposes, enforcing agreements and in order to comply with our legal obligations. However, you may ask to permanently delete your account at any time, as explained in the chapter “Your Rights” above. With regard to Content uploaded to the Shared Data Hub, you can opt out from Shared Data Hub and remove Content you submitted to Shared Data Hub by contacting customer support at [email protected], , or delete it through your account. Note that if you have an account associated with an Enterprise Customer, we will delete your account within 90 days after the expiration or termination of our agreement with the Enterprise Customer.

LINKS TO OTHER WEBSITES

Our provision of the Service which enables you to access third party services or links to other websites or locations (“Third Party Services”) is for your convenience only and does not signify our endorsement of such Third Party Services, other websites, locations or their contents. We have no control over, do not review, and cannot be responsible for these Third Party Services or outside websites or their content. This Statement does not apply to these Third Party Services or outside websites. We strongly recommend that you learn about the privacy and security practices and policies of Third Party Services before providing them with any personal information.

CHILDREN PRIVACY

We are committed to protect children’s privacy and comply with children privacy and data protection laws. In accordance with our Terms of Use, you may not use our Services unless you have reached the age of majority according to the law applicable to you in your jurisdiction. If you are underaged, you can only use our Services and Site with parental/legal guardian supervision and permission. 

Our Enterprise Customers are responsible to obtain any necessary prior consents from parents or legal guardians if they offer our Services to children under the age of majority. 

Parents/legal guardians of a child under the age of majority wishing to exercise any of the rights in relation to their child’s personal information should contact our Enterprise Customers or the Users who share their personal information with us. 

Otherwise, If we learn that children under the age of majority use our Services, or If you think that your underaged child is or has been using our Services in violation of our terms and/or without your guardian consent, please contact us at [email protected]. We will take reasonable steps to promptly remove such personal information from our Services.

CONTACT US

If you have any questions or comments about this Statement or the practices relating to the way we process personal information through the Site and Services, or wish to exercise your rights detailed above please contact us at [email protected]  and we will make an effort to reasonably respond to your inquiry.


For account deletion and customer support requests please contact: [email protected].

You can also contact our office at:
Copyleaks Inc
115 East 23rd Street, New York, NY 10010.

Table of Contents