How do I share a Claude artifact with someone?

Upload the HTML to DocViewer.One, get a link like docviewer.one/s/abc123, send the link. The recipient sees a rendered page, not raw HTML.

How do I share ChatGPT canvas HTML output?

Copy the HTML from ChatGPT canvas, save as .html, upload to DocViewer.One, share the link.

Can I password-protect an HTML file I got from Claude?

Yes, on the Pro plan ($5/month). Enable password on the share config page.

How do I host an HTML file online without GitHub Pages?

Upload it to DocViewer.One — one upload, one URL. No git, no build step, no deploy config.

Can I restrict an HTML share to my team's email domain?

Yes, on Pro. Add your domain (e.g. acme.com) to the allow-list. Anyone signed in with an @acme.com email can view.

Does the recipient need an account to view a shared HTML page?

Not unless you've enabled email/domain access control. Public shares work for anyone with the URL.

What AI tools does DocViewer.One work with?

Any tool that outputs HTML: Claude artifacts, ChatGPT canvas, Gemini, v0, Cursor, hand-written HTML. If it's a valid HTML file, you can share it.

How is this different from Netlify Drop?

DocViewer.One adds password protection, email/domain access control, custom expiry, and analytics. Netlify Drop is public-only with no access control.

How is this different from Claude's built-in share link?

Claude's share link requires the recipient to have a Claude account. DocViewer.One URLs work for anyone, and you control who can view.

Can I set an expiry on a shared HTML link?

Yes, on Pro. Choose 1 day / 7 days / 30 days / custom / never.

Can I see who viewed my shared HTML?

Pro plan shows view counts, timestamps, and viewer emails (when access-control is enabled).

Effective April 12, 2026

Privacy Policy

DocViewer.One ("we," "us," or "our") operates docviewer.one. This Privacy Policy explains what information we collect, why we collect it, and how we handle it. We wrote this to be readable, not to obscure what we actually do.

1. What Information We Collect

Account data via Google OAuth. When you sign in with Google, we receive your Google email address, display name, and Google account ID. We do not receive your Google password, contacts, Gmail messages, or any other Google service data — only what is needed to identify you and access your Drive files.

Google Drive access tokens. To fetch and render your HTML files from Google Drive, we store your Google OAuth access token and refresh token. These tokens are encrypted at rest using AES-256-GCM before being stored in our database. We use the drive.file scope only. We only access files you explicitly select via the Google Picker or upload directly — we cannot see the rest of your Drive.

Share link view logs. When someone views a document via a share link, we log the timestamp and a hashed version of the viewer's IP address. We hash the IP so it cannot be reversed to identify individuals, but the hash lets us detect abuse patterns (e.g., repeated hits from the same source). If you have a Pro plan, these view counts are surfaced in your analytics dashboard.

Usage data. We store metadata about your share links: which Drive file they point to, creation date, expiry date, whether password protection is enabled, and view counts. We do not store the HTML content of your files permanently; see "Data Storage and Security" below.

2. How We Use Your Information

Authentication. Your Google account data identifies you, creates your DocViewer.One account, and maintains your session.
File proxying. Your stored tokens allow us to fetch HTML files from your Drive on demand when a share link is accessed, and render them for viewers.
Share link management. We use your account data to associate share links with your account, enforce Free plan limits, and display your dashboard.
Analytics. View log data is used to power the per-link analytics visible on your dashboard (Pro plan).
Abuse prevention. Hashed IP logs and request patterns help us identify and block abusive use of share links.
Service communications. We may email you about important account events (e.g., subscription changes, policy updates). We do not send marketing email.

3. Data Storage and Security

Encrypted token storage. Google OAuth tokens are encrypted using AES-256-GCM before being written to our database. The encryption keys are managed separately from the database itself.

HTML content is not stored permanently. When a share link is accessed, we fetch the HTML file from Google Drive, render it, and serve it to the viewer. The rendered output may be cached at the CDN edge for up to 15 minutes to reduce latency and Drive API calls. It is not stored in our primary database.

Hashed IP addresses. IP addresses in view logs are one-way hashed (SHA-256 with a server-side salt) before storage. We cannot recover the original IP from the stored hash.

Infrastructure. Our server infrastructure is hosted on a VPS with encrypted storage. We apply security updates promptly and follow standard hardening practices for production systems.

4. Third-Party Services

Google APIs. Authentication and file access are powered by Google OAuth 2.0 and the Google Drive API. When you sign in, Google's authentication servers process your credentials — DocViewer.One never sees your Google password. Your use of Google services is subject to Google's Privacy Policy.

Payment processor (Merchant of Record). Billing for the Pro plan is handled entirely by a third-party Merchant of Record. DocViewer.One never receives, processes, or stores your credit card numbers or payment details. The MoR is responsible for PCI compliance on all payment data.

We do not use third-party analytics tools (such as Google Analytics), advertising networks, tracking pixels, or social media trackers. There are no third-party scripts on DocViewer.One pages beyond what is described above.

5. Cookies

DocViewer.One uses two types of cookies:

Session cookie (NextAuth). When you sign in, a session cookie is set that keeps you logged in across page loads. This cookie is HTTP-only (not accessible to JavaScript), scoped to docviewer.one, and expires when you sign out or after an extended period of inactivity.
Unlock token cookie. When you enter the correct password for a password-protected share link, an HMAC-signed unlock token is stored in a cookie. This lets you view the document without re-entering the password on the same browser. The token is scoped to that specific share link and expires when the link expires or when you clear your cookies.

We do not use advertising cookies, cross-site tracking cookies, or cookies from third-party analytics services.

6. Data Retention

Account data. Your Google account data (email, name, Google ID) and encrypted tokens are retained as long as your DocViewer.One account exists. If you delete your account, all account data and associated share links are permanently deleted from our database within 30 days.

Share link view logs. View logs are retained to power your analytics dashboard. Logs for a share link are deleted when that link is deleted. If you delete your account, all associated view logs are also deleted.

CDN cache. Cached HTML content at the CDN edge expires automatically after 15 minutes. There is no persistent storage of your file content on our servers.

7. Your Rights

Regardless of where you are located, you can:

Access your data. Email us and we will tell you what data we hold about your account.
Delete your data. You can delete your account from your dashboard settings, or email us to request deletion. We will delete your data within 30 days.
Revoke Drive access. You can revoke DocViewer.One's access to your Google Drive at any time via your Google Account permissions. After revocation, your share links will stop working until you reconnect your account.
Export your data. Email us to request an export of your account data (share link metadata, view counts) in JSON format.

To exercise any of these rights, email us at support-docviewer-one@googlegroups.com.

8. Children's Privacy

DocViewer.One is not designed for or directed at children under the age of 13. We do not knowingly collect personal information from anyone under 13. If you believe a child has provided us with personal information, please contact us and we will delete it promptly.

9. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the effective date at the top of this page. If you have an account, we will also notify you by email before material changes take effect. Continuing to use DocViewer.One after a policy change constitutes acceptance of the updated terms.

10. Contact

Questions or concerns about this Privacy Policy? Email us:

support-docviewer-one@googlegroups.com

We are a small indie project and aim to respond within 48 hours.