Skip to content
LOCRAI

Security & GDPR

Your documents, handled the way you'd handle them.

Security isn't a marketing page: it's the sum of concrete choices about where data lives, for how long, and who can see it. Here are ours.

  1. 01

    Isolation for every customer

    Each organization sees only its own documents. Isolation is enforced deeply at every data access and covered by mandatory automated tests.

  2. 02

    EU infrastructure

    Hosting, storage and AI processing are entirely within the European Union. No data leaves the European perimeter to be stored or analyzed.

  3. 03

    Configurable retention

    You decide how long to keep documents. Beyond the window you set, deletion is automatic and permanent — minimization by design.

  4. 04

    Protected files

    Private storage, short-lived file links and non-enumerable identifiers: no one can guess a document's address.

  5. 05

    Secure integrations

    Hashed API keys, HMAC-signed webhooks with delivery logs, source credentials encrypted at rest.

  6. 06

    Verifiable accuracy

    Data reliability comes from objective checks on numbers and identifiers, not from an AI self-assessment. You always know what has been verified.

Our principles

Four non-negotiable ideas.

  1. 01Data minimization: keep only what's needed, for as long as it's needed.
  2. 02Transparency: roles and responsibilities put in writing in a clear DPA.
  3. 03Defense in depth: isolation, encryption and tracked access, not a single barrier.
  4. 04Verifiability: key security controls are covered by automated tests.

Have a security questionnaire?

We're used to answering IT and DPOs. Write to us: we'll send you details, a DPA and whatever your due diligence needs.

Contact us