Built to be defensible.
Encryption, granular access control, watermarking, and a tamper-evident audit trail — so you can prove who saw what, and when.
Control, trace, and prove.
Access by folder and file
Grant view-only or download per person, per folder, per document. Permissions are revocable in a click and take effect immediately.
Watermarking on every page
A forensic per-user fingerprint is bound to every page, alongside a visible overlay. A leaked screenshot or printout traces back to one session.
A record you can prove
Every view, download, and permission change is sealed into a hash-linked, tamper-evident audit trail. Altering or deleting an entry breaks the chain.
We separate the keys from the data.
Files are encrypted at rest with AES-256 and decrypted only to render a page. Keys are managed apart from storage, so the data alone is never readable.
Security across the platform.
AES-256 encryption
Documents are encrypted in transit (TLS) and at rest (AES-256), decrypted only to render a page.
Read-only rendering
Sensitive documents are streamed as rendered pages, not raw files — no download unless you permit it.
Separated key management
Encryption keys are held apart from the encrypted data, so storage alone never yields readable files.
Regional hosting
Data can be hosted in-region to meet POPIA and GDPR residency requirements.
Tamper-evident audit
A Merkle-style hash chain links every log entry to the last, making silent edits detectable.
Least-privilege by default
Users see only what they are granted. Access expires, and nothing is shared implicitly.
Encrypted in transit and at rest · watermarked · audit-sealed
Compliance & certifications.
We host data in-region to meet POPIA and GDPR residency requirements. SOC 2 Type II and ISO 27001 are on our roadmap; reach out for our current posture and documentation.
Put it to the test.
Walk through the security model on a live room with our team.