Security

Data Encryption

All data transmitted to and from SafeToSign is encrypted using industry-standard TLS/HTTPS protocols. Your documents and personal information are encrypted both in transit and at rest.

Infrastructure Security

• Database: Hosted on Supabase with automatic backups and encryption
• File Storage: Cloudflare R2 with access controls and encryption
• Hosting: Vercel (frontend) and Render (backend) with DDoS protection
• Payments: Stripe (PCI DSS Level 1 certified)

Access Controls

Your documents and analysis results are private and only accessible to you. We implement strict access controls to ensure that only authorized personnel can access infrastructure, and they can never view your document contents.

AI Processing

Documents are analyzed using Claude AI by Anthropic. Document text is sent to Anthropic's API over encrypted connections. Anthropic does not train models on your data and does not retain your documents after analysis.

Data Retention

You can delete your documents at any time from your dashboard. When you delete a document, it is permanently removed from our storage within 24 hours. If you close your account, all your data is deleted within 30 days.

Vulnerability Reporting

If you discover a security vulnerability, please report it responsibly to: security@safetosign.com

We take security seriously and will respond to all valid reports within 48 hours.

Compliance

We are committed to protecting your privacy and complying with applicable data protection regulations, including GDPR for European users.