Terms of Service
Privacy Policy
Cookie Policy

Privacy Policy

Last updated: April 29, 2026

This Privacy Policy explains how SenseTask collects, uses, discloses, stores, and protects personal data when you access or use our websites, applications, software-as-a-service platform, document processing tools, workflow automation tools, APIs, support services, and related services.

This Privacy Policy applies to personal data processed by SourceTask Solutions SRL, doing business as SenseTask (“SenseTask,” “we,” “us,” or “our”).

This Privacy Policy applies to:

  • visitors to our websites;
  • customers and prospective customers;
  • users of our applications and services;
  • customer administrators and authorized users;
  • business partners and suppliers;
  • people who contact us;
  • job applicants; and
  • other individuals whose personal data we process.

This Privacy Policy should be read together with our Terms of Service and Cookie Policy.

Our Services are primarily intended for business and professional use. Where our customers upload, submit, or process personal data through the Services, the customer is generally responsible for determining the purposes and lawful basis for that processing, and SenseTask processes that data on the customer’s behalf.

Our websites and Services may contain links to third-party websites, applications, or services. We are not responsible for the privacy practices, content, or data processing activities of third parties.

1. Who We Are

SenseTask is operated by SourceTask Solutions SRL, a company based in Iași, Romania.

For privacy questions or requests, you may contact us at:

SourceTask Solutions SRL
Doing business as SenseTask
Iași, Romania
Email: privacy@sourcetask.com
Website: https://sensetask.com

2. Our Role: Controller and Processor

Depending on the context, SenseTask may act either as a controller or as a processor of personal data.

2.1 SenseTask as Controller

SenseTask acts as a controller when we determine the purposes and means of processing personal data, including when we process personal data for:

  • operating and securing our websites;
  • managing business contacts, prospects, and customers;
  • creating and administering accounts;
  • handling billing, invoicing, and payments;
  • providing customer support;
  • sending service communications;
  • sending marketing communications where permitted;
  • managing events, demos, webinars, or product updates;
  • analyzing website and service usage;
  • improving our products and business operations;
  • recruiting and hiring;
  • complying with legal obligations; and
  • protecting our rights, users, systems, and services.

2.2 SenseTask as Processor

SenseTask acts as a processor when we process personal data on behalf of a customer through the Services, including personal data contained in uploaded documents, extracted data, workflows, integrations, audit logs, and customer-managed user accounts.

In this case, the customer is generally the controller, and SenseTask processes the data according to the customer’s instructions, the applicable agreement, and any applicable Data Processing Addendum.

If you are an end user of a customer account, your organization controls much of the personal data processed through the Services. You should contact your organization first if you have questions about personal data processed in that account.

3. Personal Data We Collect

We collect personal data in several ways, depending on how you interact with us.

3.1 Information You Provide to Us

You may provide personal data directly to us when you:

  • create an account;
  • request a demo, trial, or proposal;
  • contact us by email, phone, form, chat, video call, or social media;
  • subscribe to communications;
  • participate in webinars, events, or product discussions;
  • use the Services;
  • upload or submit documents and data;
  • request support;
  • enter into a contract with us;
  • provide feedback;
  • apply for a job; or
  • otherwise communicate with us.

This information may include:

  • first and last name;
  • business email address;
  • phone number;
  • job title;
  • company name;
  • business address;
  • account credentials;
  • communication preferences;
  • messages and support requests;
  • meeting notes and call recordings, where notice is provided;
  • billing and invoicing details;
  • contract and order information;
  • feedback and survey responses;
  • resumes, cover letters, recruitment information, and job application materials; and
  • any other information you choose to provide.

3.2 Account and Application Data

When you use the Services, we may collect personal data related to your account and activity, including:

  • user profile information;
  • workspace and organization information;
  • roles and permissions;
  • authentication data;
  • login and access records;
  • audit logs;
  • workflow activity;
  • support interactions;
  • configuration settings;
  • API usage;
  • document processing activity;
  • processing volumes;
  • error logs;
  • metadata;
  • user actions within the Services; and
  • other information generated through your use of the Services.

3.3 Customer Data and Uploaded Documents

Customers may upload, import, transmit, or process documents and other data through the Services.

Uploaded documents may include personal data contained in:

  • invoices;
  • purchase orders;
  • delivery notes;
  • shipment documents;
  • contracts;
  • forms;
  • emails;
  • attachments;
  • business records;
  • identification details;
  • contact details;
  • payment-related information;
  • employee or representative names;
  • customer, supplier, or partner information; and
  • other document content selected by the customer.

Customers are responsible for ensuring that they have the necessary rights, notices, permissions, consents, and lawful bases to upload and process personal data through the Services.

3.4 Information We Collect Automatically

When you visit our websites or use the Services, we may collect information automatically, including:

  • IP address;
  • device identifiers;
  • browser type and version;
  • operating system;
  • language settings;
  • approximate location derived from IP address;
  • referring and exit pages;
  • pages viewed;
  • links clicked;
  • search terms;
  • access times;
  • session information;
  • cookie identifiers;
  • usage events;
  • performance data;
  • error reports; and
  • security logs.

We collect this information through cookies, logs, analytics tools, and similar technologies. For more information, please see our Cookie Policy.

3.5 Information from Third Parties

We may receive personal data from third parties, including:

  • customers who create accounts for their employees, contractors, or partners;
  • business partners;
  • integration providers;
  • payment processors;
  • analytics providers;
  • marketing and sales tools;
  • publicly available sources;
  • event organizers;
  • recruitment platforms; and
  • service providers.

This information may include names, business contact details, job titles, company information, billing information, recruitment information, and information necessary to provide or improve the Services.

4. How We Use Personal Data

We use personal data for the purposes described below.

4.1 Providing and Operating the Services

We use personal data to:

  • create and manage accounts;
  • provide access to the Services;
  • authenticate users;
  • process documents and workflows;
  • extract, validate, classify, and structure data;
  • operate integrations and APIs;
  • provide search, storage, audit, and workflow functionality;
  • provide support and troubleshooting;
  • deliver implementation, configuration, and training services;
  • manage subscriptions and usage limits;
  • process billing and payments; and
  • communicate about service-related matters.

4.2 Customer Support and Communications

We use personal data to:

  • respond to questions and support requests;
  • investigate and resolve technical issues;
  • provide onboarding and training;
  • send administrative messages;
  • notify you about changes to the Services, Terms, or policies;
  • send security alerts;
  • schedule demos or meetings; and
  • manage customer relationships.

4.3 Security, Fraud Prevention, and Service Integrity

We use personal data to:

  • monitor and secure the Services;
  • detect and prevent fraud, abuse, malware, unauthorized access, and security incidents;
  • investigate suspicious activity;
  • enforce our Terms of Service and contracts;
  • protect the rights, property, and safety of SenseTask, customers, users, and third parties;
  • maintain audit logs; and
  • comply with security and legal requirements.

4.4 Product Improvement and Analytics

We use personal data, usage data, aggregated data, and de-identified data to:

  • analyze how our websites and Services are used;
  • monitor performance and reliability;
  • troubleshoot errors;
  • improve user experience;
  • develop and improve features;
  • understand customer needs;
  • measure product effectiveness;
  • improve documentation and support; and
  • support internal reporting and business operations.

Where possible, we use aggregated or de-identified data for analytics and product improvement.

4.5 AI, OCR, and Workflow Automation

SenseTask uses artificial intelligence, machine learning, optical character recognition, automated document processing, rules-based workflows, and similar technologies to provide the Services.

These technologies may be used to:

  • extract data from documents;
  • classify documents;
  • detect fields and labels;
  • match documents and records;
  • identify duplicates or exceptions;
  • route documents through workflows;
  • support approval processes;
  • improve customer-specific configurations; and
  • assist customers in automating business processes.

SenseTask does not use Customer Data or uploaded documents to train general-purpose AI models or models used for other customers unless the customer expressly agrees in writing.

SenseTask may use Customer Data to configure, operate, support, secure, and improve the Services for that specific customer, including customer-specific extraction templates, validation rules, workflows, and configurations.

SenseTask may use aggregated or de-identified data that does not identify a customer, user, individual, or reveal Customer Data for analytics, security, benchmarking, product improvement, reporting, and business operations.

4.6 Marketing and Sales

We may use personal data to:

  • respond to demo and trial requests;
  • send product updates;
  • send newsletters or marketing communications;
  • invite you to events, webinars, or product discussions;
  • personalize sales communications;
  • measure marketing campaign performance;
  • manage leads and opportunities; and
  • promote our Services.

You can opt out of marketing emails at any time by using the unsubscribe link in our emails or by contacting us.

Even if you opt out of marketing communications, we may still send you non-marketing messages, such as account, security, billing, support, or legal notices.

4.7 Recruitment

If you apply for a job, we use your personal data to:

  • evaluate your application;
  • communicate with you;
  • schedule interviews;
  • assess qualifications;
  • conduct recruitment administration;
  • comply with legal obligations; and
  • consider you for future opportunities, where permitted by law or with your consent.

4.8 Legal Compliance and Protection

We may use personal data to:

  • comply with applicable laws and regulations;
  • respond to lawful requests from authorities;
  • maintain business records;
  • resolve disputes;
  • collect amounts owed;
  • enforce agreements;
  • protect legal rights; and
  • support audits, compliance, and legal processes.

5. Legal Bases for Processing

Where GDPR or similar laws apply, we process personal data only where we have a valid legal basis.

5.1 Website Operation and Security

We process IP addresses, device data, logs, cookie data, and similar technical information to operate, secure, and maintain our websites and Services.

The legal basis is our legitimate interests in operating and securing our websites and Services. Where required by law, we rely on consent for non-essential cookies and similar technologies.

5.2 Account Creation and Administration

We process names, email addresses, company information, roles, login data, and account information to create, administer, and manage user accounts.

The legal basis is the performance of a contract or steps taken before entering into a contract. We may also rely on our legitimate interests in administering customer accounts and maintaining secure access to the Services.

5.3 Providing the Services

We process account data, usage data, support data, workflow data, and related information to provide, operate, maintain, and improve the Services.

The legal basis is the performance of a contract and our legitimate interests in delivering and improving the Services.

5.4 Processing Customer Data Through the Services

We process uploaded documents, extracted data, workflow data, integrations, audit logs, and other Customer Data through the Services.

Where SenseTask processes this data on behalf of a customer, we act as a processor and process the data according to the customer’s instructions. The customer is responsible for determining the lawful basis for processing.

5.5 Customer Support

We process contact details, messages, files, account information, and support-related information to respond to questions, investigate issues, provide assistance, and improve support quality.

The legal basis is the performance of a contract and our legitimate interests in supporting customers and users.

5.6 Billing and Payments

We process billing contacts, invoice data, payment status, transaction records, and related information to manage invoicing, payments, accounting, and financial records.

The legal basis is the performance of a contract and compliance with legal obligations.

5.7 Security and Fraud Prevention

We process logs, audit events, IP addresses, account activity, and technical records to detect, prevent, and investigate fraud, abuse, unauthorized access, malware, and security incidents.

The legal basis is our legitimate interests in protecting the Services, customers, users, and our business, and compliance with legal obligations where applicable.

5.8 Product Analytics and Improvement

We process usage data, diagnostics, performance data, error reports, and similar information to understand how the Services are used, improve reliability, troubleshoot issues, and develop product improvements.

The legal basis is our legitimate interests in improving and securing the Services. Where required by law, we rely on consent for analytics cookies or similar tracking technologies.

5.9 Marketing Communications

We process names, business email addresses, company information, job titles, preferences, and engagement data to send product updates, newsletters, event invitations, and other marketing communications.

The legal basis is consent or our legitimate interests, where permitted by applicable law.

5.10 Events and Webinars

We process names, email addresses, company information, attendance data, and related information to manage event registrations, webinars, demos, and product discussions.

The legal basis is consent, performance of a contract, or our legitimate interests, depending on the context.

5.11 Recruitment

We process CVs, contact details, application materials, interview notes, and related recruitment information to evaluate candidates and manage the recruitment process.

The legal basis is taking steps before entering into a contract, our legitimate interests in recruitment, and consent where applicable.

5.12 Legal Compliance

We process records, contracts, communications, billing records, and other relevant information to comply with legal obligations, respond to lawful requests, maintain business records, and meet regulatory requirements.

The legal basis is compliance with legal obligations and our legitimate interests.

5.13 Legal Claims and Dispute Resolution

We process contracts, logs, communications, billing records, and related information to establish, exercise, or defend legal claims, resolve disputes, collect amounts owed, and enforce agreements.

The legal basis is our legitimate interests and compliance with legal obligations.

Where we rely on consent, you may withdraw your consent at any time. Withdrawal of consent does not affect processing that took place before withdrawal.

Where we rely on legitimate interests, you may object to processing as described in Section 13.

6. Customer Data and Uploaded Documents

SenseTask processes Customer Data and uploaded documents primarily to provide the Services according to customer instructions.

This may include:

  • receiving uploaded or imported documents;
  • extracting data from documents;
  • validating extracted data;
  • classifying documents;
  • matching document data with other records;
  • splitting, routing, or organizing documents;
  • supporting approval workflows;
  • exporting data to customer systems;
  • providing audit trails;
  • storing and retrieving documents;
  • providing customer support; and
  • maintaining security and service integrity.

Customers control what documents and data they upload to the Services.

Customers are responsible for ensuring that:

  • they have the right to submit documents and data to SenseTask;
  • affected individuals receive any required privacy notices;
  • a valid lawful basis exists for processing;
  • personal data submitted to the Services is accurate and lawful;
  • the Services are configured appropriately; and
  • access permissions are properly managed.

SenseTask does not sell Customer Data.

SenseTask does not use Customer Data or uploaded documents for marketing or public display unless the customer expressly agrees in writing.

SenseTask does not use Customer Data or uploaded documents to train general-purpose AI models or models used for other customers unless the customer expressly agrees in writing.

7. Cookies and Similar Technologies

We use cookies and similar technologies to operate our websites, remember preferences, analyze traffic, improve user experience, secure our Services, and support marketing activities where permitted.

Cookies may include:

  • strictly necessary cookies;
  • functional cookies;
  • analytics cookies;
  • performance cookies; and
  • marketing or advertising cookies.

Where required by law, we request your consent before using non-essential cookies.

You can manage cookies through your browser settings and, where available, through our cookie consent tool.

For more information, please see our Cookie Policy.

8. How We Share Personal Data

We do not sell personal data.

We may share personal data in the circumstances described below.

8.1 Service Providers and Subprocessors

We may share personal data with trusted service providers and subprocessors who help us operate, provide, secure, support, and improve the Services.

These may include providers of:

  • cloud hosting and infrastructure;
  • database and storage services;
  • security tools;
  • monitoring and logging tools;
  • analytics tools;
  • customer support tools;
  • email and communication tools;
  • payment processing;
  • CRM and sales tools;
  • OCR and AI infrastructure;
  • integration services;
  • professional services; and
  • legal, accounting, and compliance support.

These providers are authorized to process personal data only as necessary to provide services to SenseTask or our customers and are subject to confidentiality, security, and data protection obligations.

8.2 Customer Administrators and Authorized Users

If you use the Services through an account provided by your employer or another organization, that organization and its administrators may access information related to your account and use of the Services, including activity logs, workflow activity, documents, comments, and account information.

8.3 Business Partners and Integrations

If a customer connects the Services to third-party systems, such as ERP systems, email systems, storage systems, or other applications, personal data may be shared with those systems according to the customer’s instructions and the configuration selected by the customer.

8.4 Legal Disclosures

We may disclose personal data if we believe disclosure is reasonably necessary to:

  • comply with applicable law;
  • respond to lawful requests, court orders, subpoenas, or legal processes;
  • enforce our Terms of Service or contracts;
  • protect the rights, property, or safety of SenseTask, customers, users, or third parties;
  • detect, prevent, or investigate fraud, abuse, or security incidents; or
  • establish, exercise, or defend legal claims.

Where legally permitted and appropriate, we will attempt to notify the relevant customer or individual before disclosing personal data in response to a legal request.

8.5 Business Transfers

If SenseTask is involved in a merger, acquisition, financing, reorganization, sale of assets, or similar transaction, personal data may be disclosed or transferred as part of that transaction.

Any acquiring or successor entity will be required to process personal data in accordance with applicable law.

9. International Data Transfers

SenseTask is based in Romania and primarily operates within the European Union and European Economic Area.

Depending on the Services used, customer configuration, subprocessors, integrations, and support needs, personal data may be processed in countries other than the country where you are located.

Where personal data is transferred outside the European Economic Area, United Kingdom, Switzerland, or another jurisdiction with data transfer restrictions, we use appropriate safeguards where required by law, such as:

  • Standard Contractual Clauses;
  • adequacy decisions;
  • data processing agreements;
  • transfer impact assessments where required; and
  • technical and organizational safeguards.

Customers may contact us for additional information about international transfers related to their use of the Services.

10. Security

We implement technical and organizational measures designed to protect personal data against unauthorized access, loss, alteration, disclosure, or destruction.

These measures may include, as appropriate:

  • encryption in transit;
  • access controls;
  • authentication controls;
  • role-based permissions;
  • logging and monitoring;
  • backup and recovery procedures;
  • vulnerability management;
  • infrastructure security controls;
  • internal security policies;
  • confidentiality obligations for personnel; and
  • vendor security reviews.

However, no system is completely secure. We cannot guarantee absolute security of personal data.

If you believe your account or data has been compromised, please contact us immediately at privacy@sourcetask.com.

11. Retention

We retain personal data only for as long as reasonably necessary for the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.

Retention periods depend on the type of data, the purpose of processing, contractual requirements, legal obligations, security needs, and customer instructions.

11.1 Customer Data and Uploaded Documents

Customer Data and uploaded documents are retained for the duration of the applicable customer agreement, subscription, Order, or retention period selected by the customer.

Unless otherwise agreed in writing or required by law, after termination or expiration of the applicable Services, SenseTask may retain Customer Data for up to thirty (30) days to allow export, transition, backup, or deletion.

After this period, Customer Data may be deleted or anonymized, unless longer retention is required by law, agreed in an Order, requested by the customer, or necessary for legitimate legal, billing, security, or dispute-resolution purposes.

11.2 Account and Business Records

We retain account, billing, contract, and transaction records for as long as necessary to manage the customer relationship, comply with accounting and tax obligations, resolve disputes, and enforce agreements.

11.3 Marketing Data

We retain marketing contact information until you unsubscribe, object, withdraw consent, or until the data is no longer necessary for the purpose for which it was collected.

We may retain limited suppression records to ensure we do not send you further marketing communications after you opt out.

11.4 Recruitment Data

Recruitment data is retained for the duration of the recruitment process and, where permitted, for a reasonable period afterward to consider you for future opportunities or comply with legal obligations.

11.5 Logs and Security Records

Security logs, audit logs, and technical records may be retained for a period necessary to secure the Services, investigate incidents, comply with legal obligations, and maintain operational integrity.

11.6 Aggregated and De-Identified Data

We may retain aggregated or de-identified data that no longer identifies an individual or customer for analytics, reporting, product improvement, benchmarking, and business purposes.

12. Automated Decision-Making and AI

SenseTask’s AI, OCR, and workflow automation features may assist customers in extracting, classifying, routing, validating, and organizing data.

SenseTask does not use the Services to make solely automated decisions about individuals that produce legal or similarly significant effects.

Customers are responsible for determining whether their own use of the Services involves automated decision-making or profiling under applicable law and for implementing any required notices, lawful bases, human review, safeguards, and rights-management processes.

Outputs generated by AI, OCR, or automation technologies may be incomplete, inaccurate, or unexpected. Customers and users are responsible for reviewing and validating outputs before relying on them.

13. Your Privacy Rights

Depending on your location and applicable law, you may have rights regarding your personal data, including the right to:

  • access your personal data;
  • receive information about how your personal data is processed;
  • correct inaccurate or incomplete personal data;
  • request deletion of personal data;
  • request restriction of processing;
  • object to processing based on legitimate interests;
  • object to direct marketing;
  • withdraw consent where processing is based on consent;
  • request portability of personal data;
  • not be subject to certain solely automated decisions; and
  • lodge a complaint with a supervisory authority.

To exercise your rights, contact us at privacy@sourcetask.com.

If your personal data is processed by SenseTask on behalf of a customer, we may need to refer your request to that customer or ask you to contact the customer directly. We will support customers in responding to data subject requests as required by applicable data protection laws and the applicable agreement.

We may need to verify your identity before responding to your request.

We will respond to requests within the timeframe required by applicable law.

14. Supervisory Authority

You have the right to lodge a complaint with your local data protection authority if you believe your personal data has been processed unlawfully.

In Romania, the competent authority is the National Supervisory Authority for Personal Data Processing (“ANSPDCP”).

You may also contact the data protection authority in your country of residence, workplace, or the place where the alleged infringement occurred.

15. Marketing Communications

We may send marketing communications where permitted by law.

You can opt out of marketing emails at any time by:

  • clicking the “unsubscribe” link in our emails; or
  • contacting us at privacy@sourcetask.com.

Opting out of marketing communications does not affect our ability to send non-marketing communications, such as service notices, billing messages, security alerts, legal notices, and support responses.

16. Children’s Privacy

The Services are not intended for children and are not directed to individuals under the age of 18.

We do not knowingly collect personal data from children.

If you believe that a child has provided personal data to us, please contact us at privacy@sourcetask.com, and we will take appropriate steps to delete the information where required.

17. Sensitive Personal Data

The Services are not intended for the processing of special categories of personal data, such as health data, biometric data, genetic data, religious beliefs, political opinions, trade union membership, or data concerning sex life or sexual orientation, unless expressly agreed in writing and subject to appropriate safeguards.

Customers are responsible for ensuring that they do not upload or process sensitive personal data through the Services unless they have a valid legal basis and have implemented appropriate safeguards.

18. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, Services, technologies, legal requirements, or business operations.

If we make material changes, we will provide notice by posting the updated Privacy Policy on our website, through the Services, by email, or by other reasonable means.

The updated Privacy Policy will take effect when posted or on the date stated in the updated policy.

19. Contact Us

For questions about this Privacy Policy, privacy requests, or data protection matters, please contact us at:

SourceTask Solutions SRL
Doing business as SenseTask
Iași, Romania
Email: privacy@sourcetask.com
Website: https://sensetask.com

AI Agents for Document Processing & Workflow Automation
Turn Complex Documents into Validated, System-Ready Data
Start Free TrialTalk to an Expert