Security | SafeRedact - AES-256 Encrypted Document Redaction

Dual-Layer Encryption

Your document text is encrypted twice: once at the application layer with AES-256-GCM, and again in transit with TLS 1.3.

How Encryption Works

1

Key Generation

Your browser generates a unique 256-bit encryption key using the Web Crypto API

2

Encrypt & Send

Document text is encrypted with AES-256-GCM before leaving your browser

3

Process & Encrypt

Server decrypts, processes with AI, then re-encrypts the response

4

Decrypt Locally

Only your browser can decrypt the response using the original key

Technical Specifications

Algorithm	AES-256-GCM
Key Size	256 bits
IV Size	96 bits (random)
Auth Tag	128 bits (GCM)
Key Lifecycle	Ephemeral (per request)
Transport	TLS 1.3

What This Protects Against

Network-level interception (man-in-the-middle)
Edge/CDN layer inspection
Server-side logging of plaintext
Response tampering (GCM authentication)
Key reuse attacks (ephemeral keys)

Zero Data Retention

Your documents are never stored. Processing happens in memory, and all data is purged immediately after redaction.

What Stays in Your Browser

Original PDF file
Rendered page images
Redaction selections
Final redacted output
Encryption keys

What's Sent for AI Detection

Extracted text content (encrypted)
Text coordinates (x, y, width, height)

Note: Text is processed by Anthropic's Claude API, which does not store or train on API inputs. See their privacy policy.

Compliance-Ready Architecture

Our architecture is designed to support compliance with major data protection regulations.

H

HIPAA Considerations

Zero data retention and encryption align with technical safeguards, but we do not currently offer BAAs. Consult your compliance officer.

Learn more →

G

GDPR

Data minimization by design. No personal data is retained beyond the browser session.

Learn more →

S

SOC 2

Architecture designed with SOC 2 trust principles in mind. Certification in progress.

Coming 2026

Security FAQ

Is SafeRedact encrypted?

Yes. SafeRedact uses dual-layer encryption: AES-256-GCM at the application layer (your text is encrypted before it leaves your browser) plus TLS 1.3 for transport encryption. This is the same encryption standard used by banks and government agencies.

Do you store my documents?

No. Your original PDF never leaves your browser. Only extracted text (encrypted) is sent for AI detection, processed in memory, and immediately discarded. Nothing is written to disk or retained.

Is SafeRedact HIPAA compliant?

SafeRedact is not HIPAA compliant and we do not currently offer Business Associate Agreements (BAAs). While our architecture includes security features that align with HIPAA technical safeguards (zero data retention, AES-256 encryption), HIPAA compliance requires BAAs with all vendors in the data flow, including our AI provider. For PHI, consult your compliance officer before use.

What data does Anthropic (Claude AI) receive?

Anthropic receives only the extracted text content and coordinates from your document for PII detection. Per Anthropic's privacy policy, API inputs are not stored or used for model training. The data is processed and immediately discarded.

Can you recover my redacted data?

No. SafeRedact performs true permanent redaction—the sensitive data is completely removed from the output file, not just visually hidden. Once redacted, the data does not exist in any form and cannot be recovered by any method.

Where are your servers located?

SafeRedact runs on Vercel's serverless infrastructure with edge locations globally. Processing happens in memory with no persistent storage. Anthropic's API (used for AI detection) is hosted in the United States.

Ready to redact securely?

AES-256 encryption. Zero data retention. Permanent redaction. Try SafeRedact free.

Start Redacting Free Read the Whitepaper

Bank-Grade Security forYour Sensitive Documents