Terms of Service

Last updated: March 12, 2026

1. Acceptance of Terms

By accessing or using Dokai's services, including our document parsing API, dashboard, documentation, and any associated tools, you agree to be bound by these Terms of Service and our Privacy Policy. If you are using the service on behalf of an organization, you represent that you have authority to bind that organization to these terms. If you do not agree, do not use our services.

2. Service Description

Dokai provides an AI-powered document parsing API that extracts structured JSON data from ASEAN identity documents including MyKad, KTP, NRIC, passports, driving licenses, and other supported document types.

Our services include:

  • Document parsing API: Submit document images and receive structured data extraction results.
  • Batch processing: Submit multiple documents in a single request for bulk parsing (subject to plan limits).
  • Identity verification: Face matching, liveness detection, and scam checking services.
  • Dashboard: A web application for managing your organization, API keys, team members, parse history, webhooks, and billing.
  • Webhooks: Real-time notifications for parse completions, batch results, and verification outcomes.

Service features and availability may change over time. We will provide reasonable notice of material changes.

3. Accounts and Organizations

3.1 Registration

You must create an account to use Dokai. You may register with your email and password, or sign in via Google or GitHub. You must provide accurate and complete registration information and keep your account details up to date.

3.2 Organizations and Teams

API access is scoped to organizations (workspaces). You may create multiple organizations and invite team members with role-based access controls. Organization owners are responsible for the actions of all team members.

3.3 Security Responsibilities

  • You are responsible for maintaining the confidentiality of your credentials and API keys.
  • API keys must not be shared publicly, committed to version control, or embedded in client-side code.
  • You are responsible for all activity under your account and API keys, including activity by team members.
  • You must promptly notify us if you suspect unauthorized access to your account.
  • Organizations may enforce two-factor authentication for all team members. When enabled, members must set up 2FA within the configured grace period or lose access.

4. API Keys and Access

  • Key types: Live keys for production use and test keys for development with mock data.
  • Key visibility: API key plaintext is shown only once at creation. Keys are cryptographically hashed and cannot be retrieved after creation. You may rotate keys at any time.
  • IP restrictions: You may optionally restrict API key usage to specific IP addresses.
  • Key expiration: You may set an expiration date on API keys. Expired keys are automatically rejected.
  • Revocation: You may revoke any API key at any time through the dashboard. Revoked keys are immediately invalidated.

5. Acceptable Use

You agree not to:

  • Use the service for any unlawful purpose or in violation of any applicable laws or regulations.
  • Submit documents without proper authorization or consent from the document holder.
  • Submit fraudulent, altered, or synthetically generated documents with intent to deceive.
  • Attempt to reverse-engineer, decompile, or extract our source code, models, or algorithms.
  • Exceed your plan's rate limits, batch size limits, or attempt to circumvent usage restrictions.
  • Attempt to inject malicious content through document submissions or API requests.
  • Use the service to build a competing document parsing product.
  • Interfere with or disrupt the integrity or performance of the service.
  • Access or attempt to access other customers' data, organizations, or resources.

We employ automated security measures that detect and block malicious submissions. Repeated violations may result in immediate account suspension.

6. Billing and Payments

6.1 Subscription Plans

Dokai offers multiple subscription tiers with different usage quotas, data retention periods, and feature access. Plans are billed monthly or annually. Annual billing provides a discount.

6.2 Payment Processing

All payments are processed securely through Stripe. We do not store your full credit card information. You authorize us to charge your payment method for your subscription and any applicable overage charges.

6.3 Overage Billing

If you exceed your plan's monthly parse quota, additional parses are billed at your plan's overage rate. Overage charges are metered and billed at the end of each billing cycle.

6.4 Free Trials

New organizations may receive a free trial period. At the end of the trial, you must subscribe to a paid plan to continue using the service. We will send reminders before your trial expires.

6.5 Payment Failures

If a payment fails, we provide a grace period during which you can update your payment method. We will send email reminders during this period. If payment is not recovered within the grace period, your organization may be suspended.

6.6 Cancellation and Refunds

You may cancel your subscription at any time through the dashboard. Your access continues until the end of the current billing period. Refunds are provided at our discretion. We reserve the right to change pricing with 30 days written notice.

7. Data Processing

  • By submitting documents through our API, you represent and warrant that you have the legal right and proper consent to process those documents.
  • We process documents solely to provide the parsing and verification services you request.
  • Document images and extracted data are retained according to your plan's data retention period, after which they are automatically and permanently deleted.
  • Documents may be processed using an appropriate AI model for data extraction. When OCR text is available, only the text is sent — not the original image. Images are resized before processing.
  • We do not use your submitted documents to train AI models.
  • You are responsible for complying with all applicable data protection laws (including PDPA, PDPD, and other ASEAN data protection regulations) when submitting personal identity documents.

Please refer to our Privacy Policy for full details on data handling, security measures, and retention.

8. Webhooks

  • You may configure webhook endpoints to receive real-time notifications for parse completions, batch results, and verification outcomes.
  • All webhook payloads are cryptographically signed with your organization's webhook secret. You should verify webhook signatures to ensure authenticity.
  • Webhook delivery is attempted multiple times with automatic retries. Delivery attempts and responses are logged for debugging.
  • You are responsible for securing your webhook endpoints and processing payloads appropriately.

9. Service Level

We strive for 99.9% API uptime but do not guarantee uninterrupted service. Scheduled maintenance windows will be communicated in advance through the dashboard and status page. Custom SLAs with defined uptime guarantees, response times, and support levels are available on Business plans.

We reserve the right to place the service in maintenance mode, during which API access may be limited to read-only operations or temporarily unavailable.

10. Intellectual Property

  • Dokai and its underlying technology, APIs, documentation, and trademarks are our intellectual property.
  • You retain all rights to the documents you submit and the extracted data you receive.
  • We grant you a limited, non-exclusive, revocable license to use the service in accordance with these terms and your subscription plan.

11. Limitation of Liability

Dokai is provided "as is" and "as available" without warranties of any kind, express or implied, including but not limited to warranties of merchantability, fitness for a particular purpose, and accuracy of parsed results.

  • We are not liable for any indirect, incidental, special, consequential, or punitive damages arising from your use of the service.
  • We are not liable for decisions made based on data extracted by our service. You are responsible for verifying extracted data before relying on it.
  • Our total aggregate liability is limited to the amount you paid for the service in the preceding 12 months.

12. Suspension and Termination

12.1 By Us

We may suspend or terminate your account if you violate these terms, fail to pay for the service, engage in abusive or fraudulent activity, or if required by law. We will provide notice where practicable.

12.2 By You

You may close your account at any time through the dashboard settings. Active subscriptions will continue until the end of the current billing period.

12.3 Effect of Termination

Upon termination, your API keys are immediately invalidated, active sessions are ended, and your data is deleted in accordance with our Privacy Policy and your plan's retention period. Certain data (audit logs, billing records) may be retained as required by law.

13. Governing Law

These terms are governed by the laws of Malaysia. Any disputes arising from these terms or your use of the service shall be resolved in the courts of Malaysia.

14. Changes to These Terms

We may update these terms from time to time. We will notify you of material changes by email or through a notice on our dashboard at least 30 days before the changes take effect. Continued use of the service after changes constitutes acceptance.

15. Contact

For questions about these terms, please contact us at [email protected].