Doc-Genie
EN

Security & Data Handling

How Doc-Genie protects your documents with in-memory processing, encryption, and secure infrastructure.

Our Commitment

Data security is central to how Doc-Genie is built. Your documents are sensitive, and our architecture is designed so that file content passes through the system without ever being persisted.

In-Memory Document Processing

When you upload a file, it is read into server memory, parsed, and sent for processing in a single request. The original file content is never written to disk, saved to a database, or placed in cloud storage. Once the request completes, all temporary data is automatically discarded by the framework. This is not a policy - it is how the code works.

What We Store

We store only the structured results generated from your document - text summaries, extracted tables, or data fields. The original file binary, its raw content, and its upload path are never persisted. Your account data (email, subscription status, usage counts) is stored in an encrypted database.

Encryption and Transport

All connections to Doc-Genie use TLS (HTTPS). Data sent to third-party processing services is transmitted over encrypted channels. Database contents are encrypted at rest. Session tokens and credentials are handled through secure, industry-standard mechanisms.

Authentication and Access Control

Passwords are hashed using modern algorithms and never stored in plain text. Sessions are managed with secure, HTTP-only cookies. All forms are protected against cross-site request forgery (CSRF). Access to processing tools respects plan-level permissions.

Payment Security

All payment processing is handled by Stripe, a PCI-DSS Level 1 certified provider. Doc-Genie never receives, transmits, or stores credit card numbers or banking details. Subscription management happens entirely within Stripe's secure environment.

Infrastructure

Doc-Genie runs on a hardened LEMP stack with regular security updates. Server access is restricted to key-based authentication. Application dependencies are monitored for known vulnerabilities.

Responsible Disclosure

If you discover a security vulnerability, please report it to security@doc-genie.com. We take all reports seriously and will respond within 48 hours. We ask that you give us reasonable time to address the issue before public disclosure.

Last updated: March 2026