How MonthlyDocs protects your data
MonthlyDocs is committed to protecting your personal data in compliance with the General Data Protection Regulation (GDPR) and applicable data protection laws.
We collect only the minimum data necessary to provide our service: your email address, name, company name, and the documents your clients upload through their secure portal links.
All data is stored on secure European servers (Germany). Documents are stored with unique cryptographic identifiers. Database connections use SSL encryption. Authentication tokens use industry-standard secure cookies.
Uploaded documents are automatically and permanently deleted after 45 days. This ensures compliance with data minimization principles and reduces storage liability for both you and your clients.
You can export all your client data as CSV at any time from your dashboard. You can also download all approved documents for any client as a ZIP archive. This ensures full data portability as required by GDPR Article 20.
You or your clients can request complete data deletion at any time by contacting us. We will process deletion requests within 30 days as required by GDPR Article 17.
We use the following sub-processors: Stripe (payments, USA with EU data processing), Resend (transactional emails, EU). All sub-processors are GDPR-compliant with appropriate data processing agreements in place.
The data controller is ONE MARKET LTD, a company registered in England and Wales (Company #11161336). For any GDPR-related inquiry, contact us at:
legal.service@onemarket-ltd.comLast updated: February 2026