RedactRocket LogoRedactRocket

Security & Privacy

Your documents contain sensitive information. Here's how we protect them.

Secure cloud

Encryption in Transit

All data transfers use TLS encryption. Your documents are protected from the moment they leave your device until results are returned.

On‑premises

No Permanent File Storage

Documents are processed in-memory and never written to disk on our servers. Once your session ends, no trace of your document remains in our systems.

Audit trail

Preview Before Export

Review all detected redactions before finalizing. See exactly what will be removed—no surprises when you share the final document.

Language aware

EU / US Processing

Choose your preferred data processing region. EU processing available by default, US processing on request for enterprise customers.

Hidden content

Never Used for Training

Your documents are never used to train AI models. Period. We use enterprise-tier AI infrastructure with strict data handling agreements.

Privacy shield

Permanent Redaction

Redacted pages are flattened to images. The original text is completely removed—it cannot be recovered, selected, or searched.

How We Process Your Documents

1

Upload

Your PDF is uploaded over an encrypted TLS connection directly to our processing infrastructure.

2

Text Extraction

If needed, OCR extracts text from scanned pages. This happens in-memory—no files are written to disk.

3

AI Analysis

Text is analyzed by enterprise AI to identify content matching your instructions. Only text (not the full document) is sent for analysis.

4

Preview & Export

You review and approve redactions in your browser. The final PDF with permanent redactions is generated and downloaded directly to your device.

Session Ends

When you close the page or start a new document, all data from your session is discarded from our systems.

Compliance

GDPR Ready

EU data processing, data subject rights support, and privacy-by-design architecture.

SOC 2 Infrastructure

Our cloud infrastructure providers maintain SOC 2 Type II compliance.

DPA Available

Data Processing Agreements available for enterprise customers with specific compliance requirements.

Security FAQ

Where are my documents processed?

Documents are processed using enterprise cloud infrastructure. By default, we use EU-based processing. US processing is available on request for enterprise customers.

How long do you keep my documents?

We don't keep your documents. They are processed entirely in-memory and discarded immediately after your session. Our AI infrastructure providers may have short-term retention as part of their standard data handling practices—see our Privacy Policy for details.

Are my documents used to train AI?

No. We use enterprise-tier AI services with strict data handling agreements that prohibit using customer data for model training.

Can redacted text be recovered?

No. Pages containing redactions are flattened to images during export. The underlying text layer is completely removed and cannot be recovered by any means.

Do you have SOC 2 / ISO 27001 certification?

Our cloud infrastructure providers maintain SOC 2 Type II and ISO 27001 certifications. For enterprise customers with specific certification requirements, please contact us to discuss your needs.

Enterprise Security Requirements?

Need custom security configurations, DPA, or specific compliance certifications? Let's talk about your requirements.

Contact Us

For full details, see our Privacy Policy and Terms of Service.