Security at PlainDoc
Your employment contracts contain sensitive information. Here's how we protect it.
No document storage
Your contracts are processed entirely in memory during analysis. After the response is generated, the document text is immediately discarded. Nothing is saved to disk, database, or cache.
No AI training on your data
PlainDoc uses Anthropic's Claude API, which does not retain or train on API inputs. Your employment contracts are never used to improve AI models.
Encrypted in transit
All data is transmitted over HTTPS/TLS. Your contract text is encrypted between your browser and our servers, and between our servers and the AI provider.
Authentication by Clerk
User authentication is handled by Clerk, a SOC 2 Type II certified identity platform. We never store your password — Clerk handles all credential management.
Minimal data retention
We store only what's necessary: your email (for auth), usage counters for billing, and rate-limit counters (for abuse prevention). If you opt in, AI-generated analysis results are saved to your dashboard (encrypted at rest, auto-deleted after 1 year, deletable any time). Original contract text is never stored.
Infrastructure security
Hosted on Vercel (SOC 2 Type II, ISO 27001). Payments processed by PayMongo (PCI DSS compliant). Rate limiting via Upstash Redis with encrypted connections.
In summary: we process your document and show you the results. Your original contract is never stored. You choose whether to save analysis results. No training on your data. Ever.