# Redact PDF AI — Security

> Built on Microsoft Azure infrastructure (SOC 2 Type II, ISO 27001, ISO 27017, ISO 27018, HIPAA-eligible). Swiss / EU data residency. Documents are never used to train AI models.

**Live security page:** https://www.redact-pdf.ai/security

## Infrastructure: Microsoft Azure

Your documents are processed on Microsoft Azure infrastructure, which holds:

- **SOC 2 Type I, II, and SOC 3** — security controls audited by independent third parties
- **ISO 27001** — information security management
- **ISO 27017** — cloud-specific security controls
- **ISO 27018** — protection of PII in public cloud environments
- **HIPAA-eligible** — usable under Microsoft's Business Associate Agreement (BAA)
- **GDPR-compliant infrastructure** — EU data residency available

Note: these certifications belong to Azure, not to Redact PDF AI itself. Redact PDF AI is not independently audited for SOC 2 / HIPAA / GDPR. Customers seeking full HIPAA compliance need a BAA arrangement (contact us) and must combine our pipeline with their own controls.

## Data residency

All data is processed and stored in:

- **Europe (Frankfurt)** for primary processing
- **Switzerland North** for Swiss-resident customers

No data leaves the EEA or Switzerland for processing.

## Encryption

- **At rest:** AES-256 encryption (Azure Blob Storage)
- **In transit:** TLS 1.2+ for all API and web traffic

## No AI training on your documents

Documents uploaded to Redact PDF AI are never used to train AI models — neither our own models nor any third-party models. Azure AI services we use are configured with logging disabled for content; only telemetry and operational metrics are collected.

## Retention and deletion

- **Default retention:** 30 days
- **Manual deletion:** delete any document immediately after download
- **API `ephemeral` mode:** originals are deleted automatically after processing
- **API `studio` mode:** originals and masks are kept for Studio review (you control when to delete)

Demo-mode uploads have the original file deleted after the redacted preview is generated.

## Authentication and access

- Account authentication via Clerk (SOC 2 Type II)
- API key authentication for programmatic access (`X-API-Key` header, keep server-side)
- Optional SSO / SAML on Enterprise plan
- Multi-user organizations with role-based access

## Audit and logging

- Application logs in our monitoring stack (Sentry)
- API request logs for security auditing
- No logs contain document content — only metadata (filename, size, processing status)

## Subprocessors

- **Microsoft Azure** — hosting, blob storage, OCR (Document Intelligence), PII detection (AI Language)
- **Clerk** — authentication and account management
- **Stripe** — payments and billing
- **Mixpanel** — product analytics (after user consent only; EU data residency)
- **Sentry** — error monitoring
- **Loops** — email delivery for demo flow notifications

Full list and details in https://www.redact-pdf.ai/privacy

## Reporting security issues

For security questions or vulnerability disclosure: **security@redact-pdf.ai**