Security
Security Architecture
Enterprise-grade privacy with zero-retention processing and strong encryption.
Zero Retention
Documents are processed in-memory and deleted post-download. No persistent storage of content.
Transport Security
All traffic uses TLS. Sensitive operations are protected against MITM and replay attacks.
Access Controls
Session-based access, hashed passwords, and subscription gating for watermark-free exports.
Operational Practices
- Keys read from environment; never hard-coded in templates.
- Uploads limited to `pdf`; validated and sanitized via `secure_filename`.
- Local LLM runs offline; no external provider keys or outbound requests.
- Redactions applied natively with `fitz` to remove content, not overlay.
- Public endpoints watermark results; authenticated users require active subscription.