Security at PlainDoc
Your employment contracts contain sensitive information. Here's how we protect it.
No document storage
Your contracts are processed entirely in memory during analysis. After the response is generated, the document text is immediately discarded. Nothing is saved to disk, database, or cache.
No AI training on your data
PlainDoc uses Anthropic's Claude API, which does not retain or train on API inputs. Your employment contracts are never used to improve AI models.
Encrypted in transit
All data is transmitted over HTTPS/TLS. Your contract text is encrypted between your browser and our servers, and between our servers and the AI provider.
Authentication by Clerk
User authentication is handled by Clerk, a SOC 2 Type II certified identity platform. We never store your password — Clerk handles all credential management.
Minimal data retention
We store only what's necessary: your email (for auth), credit balance (for billing), and rate-limit counters (for abuse prevention). No contract content, no analysis results, no document metadata.
Infrastructure security
Hosted on Vercel (SOC 2 Type II, ISO 27001). Payments processed by PayMongo (PCI DSS compliant). Rate limiting via Upstash Redis with encrypted connections.
In summary: we process your document, show you the results, and forget it ever existed. No storage. No training. No exceptions.