Search index appears after first production build.

All users and security reviewers

Security & Data Handling

How DecoDocs handles documents by default (Open vs Upload), what we aim for in revocation/audit trails, and security expectations for read-only cloud drive integrations.

About this documentation

  • Official product documentation for DecoDocs (operated by Snap Sign Pty Ltd).
  • Written for end users, evaluators, and integration teams.
  • For support or to request corrections, use the footer support links or email support@decodocs.com.
  • DecoDocs provides informational analysis and is not legal advice.

Related

Security principles

DecoDocs is designed to reduce accidental exposure and keep review workflows controlled. Our security philosophy is built on 'Least Privilege' and 'Data Minimization'.

  • We only request access to documents you explicitly select.
  • We distinguish between 'Open' (ephemeral) and 'Upload' (saved) analysis.
  • Documents are encrypted both in transit and at rest.
  • We never use your private documents to train public AI models.

Payment Security & Stripe

We take the security of your financial data as seriously as your documents. DecoDocs does not store or process your credit card information directly.

  • **PCI-DSS Compliance**: All payment processing is handled by Stripe, a certified PCI Service Provider Level 1—the most stringent level of security in the payments industry.
  • **Zero-Knowledge Payments**: Your payment details are entered into Stripe-hosted elements or checkout pages. DecoDocs only receives a secure 'token' representing your subscription status.
  • **Encryption**: All payment communication happens over secure, encrypted TLS (HTTPS) channels.
  • **Secure Portal**: You can manage your payment methods and view invoices through the Stripe Customer Portal, ensuring your data never touches our application servers.

Open vs Upload — the product contract

We separate 'opening a file' from 'saving a file'. This is an explicit design choice to preserve user control.

  • **Open (Local Analysis)**: The document text is extracted and analyzed ephemerally. The file is not stored in our persistent cloud storage.
  • **Upload (Cloud Vault)**: When you choose to save, the document is moved into your private vault, enabling history, search, and collaboration.
  • **Encryption at Rest**: Uploaded documents are encrypted using AES-256 for maximum protection.

Reporting Security Concerns

We encourage responsible disclosure of security vulnerabilities. If you suspect an issue, please contact us immediately.

  • Email **security@decodocs.com** for direct security escalations.
  • Include a description of the issue and steps to reproduce.
  • We aim to acknowledge all reports within 24 hours.