Security Architecture

Bank-Grade Security for
Your Sensitive Documents

Browser-only document processing, TLS 1.3 transport, zero data retention, and a privacy-first architecture designed for professionals who handle confidential information.

TLS 1.3
Transport
Zero Retention
No Storage
Privacy-First
Architecture
TLS 1.3
In Transit

Browser Isolation + TLS 1.3

Your source documents never leave your browser. Only the extracted text needed for PII classification is transmitted, over TLS 1.3, to a no-retention LLM.

How Your Data Flows

1

Browser Extraction

PDF, Word, and Excel files are parsed entirely in your browser. The source file is never uploaded.

2

Text-Only Transmission

Only extracted text strings (not file binaries) leave your browser, over TLS 1.3.

3

Zero-Retention Classifier

Anthropic's API receives the text with no-retention headers — no training, no logging of content.

4

Redaction in Browser

PII coordinates come back; your browser applies the redactions locally and produces the output file.

Technical Details

Source files Browser-only
Transport TLS 1.3
LLM provider Anthropic Claude
LLM retention Zero (no-train)
Server-side storage None
CORS Origin-locked

Why This Matters

  • No file binary ever crosses our infrastructure — eliminates entire categories of breach exposure.
  • Zero-retention LLM headers mean Anthropic doesn't store or train on your text.
  • TLS 1.3 provides confidentiality and integrity for text in transit.
  • Origin-locked CORS prevents cross-site abuse of our APIs.
  • Nothing persists server-side; nothing to subpoena, breach, or leak.

Zero Data Retention

Your documents are never stored. Processing happens in memory, and all data is purged immediately after redaction.

What Stays in Your Browser

  • Original PDF file
  • Rendered page images
  • Redaction selections
  • Final redacted output
  • Encryption keys

What's Sent for AI Detection

  • Extracted text content (encrypted)
  • Text coordinates (x, y, width, height)

Note: Text is processed by Anthropic's Claude API, which does not store or train on API inputs. See their privacy policy.

Security Architecture

Our architecture is designed to support compliance with major data protection regulations.

H

Regulatory Compliance

SafeRedact is not HIPAA compliant and does not offer BAAs. It is the user's responsibility to determine whether SafeRedact meets their regulatory requirements. Consult your compliance officer.

Learn more →
G

GDPR

Data minimization by design. No personal data is retained beyond the browser session.

Learn more →
S

SOC 2

Architecture designed with SOC 2 trust principles in mind. Certification in progress.

Coming 2026

Security FAQ

How is my data protected in transit?
All communication with SafeRedact uses TLS 1.3, the same transport encryption standard used by banks and government services. More importantly, your source documents never leave your browser at all — only the extracted text needed for PII classification is transmitted, and only over TLS, to a zero-retention LLM API.
Do you store my documents?
No. Your original document never leaves your browser. Only extracted text is sent for AI detection over TLS, processed in memory by Anthropic's zero-retention API, and immediately discarded. Nothing is written to disk or retained server-side.
Is SafeRedact HIPAA compliant?
No. SafeRedact is not HIPAA compliant and does not offer Business Associate Agreements (BAAs). Users are solely responsible for determining whether SafeRedact is appropriate for their use case and regulatory requirements. If you handle Protected Health Information (PHI), consult your compliance officer before using any redaction tool.
What data does Anthropic (Claude AI) receive?
Anthropic receives only the extracted text content and coordinates from your document for PII detection. Per Anthropic's privacy policy, API inputs are not stored or used for model training. The data is processed and immediately discarded.
Can you recover my redacted data?
No. SafeRedact performs true permanent redaction—the sensitive data is completely removed from the output file, not just visually hidden. Once redacted, the data does not exist in any form and cannot be recovered by any method.
Where are your servers located?
SafeRedact runs on Vercel's serverless infrastructure with edge locations globally. Processing happens in memory with no persistent storage. Anthropic's API (used for AI detection) is hosted in the United States.

Ready to redact securely?

Browser-only processing. TLS 1.3 transport. Zero data retention. Permanent redaction. Try SafeRedact free.

Start Redacting Free Read the Whitepaper