Academic writing is often unpublished, in progress, or sensitive. You should know exactly what happens to your draft between the moment you click upload and the moment the edited file lands in your downloads folder. This article explains the data path from end to end.
What we store, and for how long
When you upload a DOCX, two files are stored on our side for the duration of your download window: the original upload, and the edited output once the engine produces it. After the window closes, both files are deleted on a scheduled job. The schedule is short on purpose, because the longer files sit in storage, the more surface there is for things to go wrong.
- Free users: the download window is 24 hours from the moment the edit completes. After 24 hours, the input and the output are deleted.
- Paid users: the download window is 7 days. The longer window exists because paid users tend to review the edit, send it to a co-author or supervisor, and only download the final copy after that pass.
Metadata about the edit, such as the word count, the style guide you picked, and the time the job ran, is kept against your account so the history page can show you what you have run. Metadata does not contain the text of the document and cannot be used to reconstruct it.
Encryption
Two layers of encryption protect your files.
In transit, every connection between your browser and our servers uses TLS 1.3, the current version of the protocol that secures the web. TLS prevents anyone on the network between you and our servers from reading or modifying your upload as it travels.
At rest, stored files are encrypted using AES-256, which is the encryption standard used by banks, governments, and most cloud providers. The encryption keys are managed by the storage platform we run on, not stored alongside the files themselves, so a leaked file blob is unreadable without the corresponding key.
No training on your work
Your documents are not used to train AI models. Not ours, and not the third-party providers we route requests through. The reason is structural rather than a toggle.
The model providers we use offer commercial terms that contractually prohibit using prompts and responses for training. Our own engine never collects training data from user uploads. There is no team running a fine-tune pipeline on customer documents in the background, and there is no hidden permission you granted by signing up. The policy is the same for every user, on every tier, and it is not optional on our side.
If you are working on unpublished research and your supervisor or journal requires confirmation in writing, the support team can supply a short data-handling letter for your records.
Who on the team can read your document
The honest answer is: almost no one, and only in specific situations.
Routine engineering work happens against sample documents that we have written ourselves and against synthetic test data generated for the purpose. The engine is iterated on those, not on real customer uploads. When a customer contacts support about a specific edit that went wrong, and explicitly grants access in the support thread, the on-call engineer can read the document in question for as long as it takes to diagnose the problem. Once the issue is resolved, the access is closed.
For automated error reports, the system records the kind of error and the stage at which it happened, never the contents of the document being edited.
Where data lives
Document storage and account records sit in data centres inside the European Union. EU data-protection law covers data held in EU storage regardless of where the customer is based, which is the strictest of the major data-protection regimes in current use.
Network traffic enters from wherever you are. If you upload from New York, the bytes travel to our compute layer, the document is processed, and the output flows back to you. The compute layer holds your file only for the moments it takes to edit. The durable copy lives in EU storage.
Deleting your account
You can delete your account at any time from the account settings page. Account deletion removes your stored balance, your edit history records, and your sign-in credentials. Document files are already deleted on the schedule described above, so they are gone from storage well before the account deletion runs.
Some records are retained for legal reasons even after deletion. Specifically, invoices and payment records are kept for the period required by tax law, and security audit logs are kept for the period required by our compliance posture. Neither of those records contains the text of your documents.
Compliance posture
RightMyWork operates against the standard set of consumer-data laws that apply to a service like ours. That includes US compliance around honest marketing and email, data-protection requirements around how we handle data we hold, and the operational habits expected of any small company running real production infrastructure: rotation of credentials on a schedule, scoped access for engineers, audited backups, and a defined incident response process.
If you are an institution evaluating RightMyWork against a procurement checklist, the support team can supply a short security overview tailored to your questions.
What you can do on your side
Two habits are worth keeping. First, download your edited file inside the download window and save it somewhere you will find it again. Once the window closes, the file is gone from our storage, and re-running the edit costs the words again. Second, use a strong unique password for your account or sign in with Google. Reused passwords are the single most common cause of account compromise on consumer products.
If you have specific privacy questions that this article does not answer, email privacy@rightmywork.com. The address is monitored by a person, not a script.