Trust is our number one priority. We are actively building our infrastructure and operational processes to meet the highest industry standards. We are on track to achieve both SOC 2 Type II and HIPAA compliance by 2026.
We are aligning our internal controls with the AICPA Trust Services Criteria (Security, Availability, and Confidentiality) to ensure your data is protected against unauthorized access.
We are preparing our architecture to fully support the handling of Protected Health Information (PHI) by implementing strict access controls, audit logs, and encryption protocols necessary for healthcare organizations.
All data sent to and from our infrastructure is encrypted in transit via TLS 1.2/1.3. Furthermore, all customer documents, parsed data, and credentials are encrypted at rest using industry-standard AES-256 encryption.
Our services are hosted on enterprise-grade cloud providers (AWS) that maintain their own SOC 2 and ISO 27001 certifications. We utilize private networking, VPCs, and strict firewalls to isolate our processing environments.
We understand the sensitivity of financial and medical documents. You have full control over your data lifecycle, including options to immediately delete documents from our servers once the extraction is complete.
Access to production environments is strictly limited to authorized personnel on a need-to-know basis, protected by multi-factor authentication (MFA) and granular role-based access controls (RBAC).
Beyond infrastructure security, we are deeply committed to data privacy. We comply with major international privacy frameworks including:
For more information about how we handle personal data and your rights, please review our Privacy Policy.