Security First, Always
Your documents contain sensitive business data. We've built Extract from the ground up with enterprise-grade security, privacy, and compliance in mind.
Built for Enterprise Security
Comprehensive protection for your most sensitive documents
Data Encryption
AES-256 encryption for all data at rest. TLS 1.3 for all data in transit. Your documents are never stored unencrypted.
No Model Training
Your documents are NEVER used to train our AI models. Your data remains yours—period.
Access Control
Role-based permissions, SSO integration, and detailed audit logs for complete visibility.
Data Residency
Choose where your data is stored. Available regions include US, EU, and Australia.
Desktop App
Desktop app for batch processing from local and network drives. Documents are encrypted during upload and automatically deleted after processing.
Regular Audits
Third-party security audits, penetration testing, and continuous vulnerability scanning.
Infrastructure Security
Cloud Infrastructure
Hosted on AWS with enterprise-grade security controls, auto-scaling, and multi-AZ redundancy for 99.99% uptime.
Network Security
VPC isolation, WAF protection, DDoS mitigation, and IP whitelisting for enterprise customers.
Backup & Recovery
Automated encrypted backups with point-in-time recovery. Disaster recovery across multiple regions.
Monitoring & Alerting
24/7 infrastructure monitoring with automated alerting and incident response procedures.
Application Security
Secure Development
Security-first development practices including code reviews, static analysis, and dependency scanning.
API Security
OAuth 2.0 authentication, rate limiting, request validation, and encrypted API keys.
Penetration Testing
Regular third-party penetration testing and bug bounty program for responsible disclosure.
Session Management
Secure session handling with automatic timeout, device management, and concurrent session limits.
Data Protection
Encryption at Rest
All data encrypted using AES-256. Database encryption with customer-managed keys available for enterprise.
Encryption in Transit
TLS 1.3 for all communications. Certificate pinning available for mobile and desktop applications.
Data Isolation
Complete tenant isolation with dedicated encryption keys. Your data is never co-mingled with other customers.
Secure Deletion
Cryptographic erasure ensures complete data deletion. Configurable retention policies for compliance.
Compliance & Certifications
We meet the highest industry standards
SOC 2 Type II
Verified security, availability, and confidentiality controls
GDPR
Full compliance with EU data protection regulations
ISO 27001
International standard for information security management
CCPA
California Consumer Privacy Act compliance
Enterprise Security Features
Additional security capabilities for enterprise customers
Single Sign-On (SSO)
SAML 2.0 and OIDC integration with your identity provider. Support for Okta, Azure AD, Google Workspace, and more.
Advanced Threat Protection
Real-time threat detection, anomaly detection, and automated response to suspicious activities.
Detailed Audit Logs
Complete audit trail with SIEM integration. Export logs to Splunk, Datadog, or your preferred platform.
Custom Security Policies
Define IP restrictions, session policies, password requirements, and document handling rules.
Dedicated Infrastructure
Private cloud deployment option with dedicated compute, storage, and networking resources.
Dedicated Support
Named security contact, priority incident response, and quarterly security reviews.
Request Security Documentation
Need more details for your security review? Request our security whitepaper, SOC 2 report, or complete a security questionnaire.
Request Documents