Data Privacy Impact Assessment
1. Purpose
This assessment identifies and evaluates the privacy risk associated with each data flow in the DocWright application, for use by institutional customers and their own data protection review processes.
2. Solution Overview
DocWright is a locally installed desktop application that remediates accessibility issues in DOCX, PPTX, and PDF documents. Processing occurs entirely on the end user's machine. The assessment below identifies every point at which data leaves that machine.
3. Data Flow Risk Assessment
| Data Flow | What Data | Where It Goes | Risk Level | Mitigation / Notes |
|---|---|---|---|---|
| Document upload & processing | Document content, potentially including FERPA-covered student data | Local only — never transmitted | None | No action needed; this is the default, lowest-risk path |
| License validation | License key only (no document data) | DocWright backend (Vercel), HTTPS | Low | None required |
| Optional AI alt-text | Individual extracted images, which could incidentally contain identifiable information (e.g., a photo, a name in a screenshot) | Anthropic Claude API, via institution's own API key, HTTPS | Low–Moderate | Institution can decline to provide an API key to disable this path entirely; review Anthropic's commercial data terms |
| License/contact administration | Institution name, contact name/email/phone, license tier and term | Stored by Docwright Software LLC (administrative records) | Low | Retained only as long as needed to administer the license relationship |
4. Overall Risk Determination
DocWright's overall privacy risk profile is low relative to a typical cloud-hosted SaaS tool, because the highest-volume and most sensitive data — full document content, which may include FERPA-covered student work — is never transmitted off the local device under any circumstance. The two limited data flows that do leave the device (license validation, and the optional AI image-description feature) are narrow in scope, and the AI flow specifically is both opt-in and governed by the institution's own agreement with Anthropic rather than a relationship controlled by DocWright.
5. Recommended Institutional Controls
- If the institution wishes to eliminate the AI-related data flow entirely, simply do not provide an Anthropic API key during deployment — all other accessibility remediation functions operate fully without it.
- If the AI feature is used, review Anthropic's commercial API data retention and processing terms directly, since that relationship is between the institution and Anthropic.
- Apply standard device-level security controls (disk encryption, endpoint management) to machines running DocWright, consistent with the institution's existing device policy, since DocWright relies on the security of the local machine rather than a central server.
6. Related Documents
7. Contact
Gregory Buthusiem, Founder & Managing Member
Docwright Software LLC
(856) 817-5100