Security & Data Handling

Secure Transmission

All data transmitted to and from NDOR is protected using TLS encryption. Documents and analysis results remain confidential during transit.

Document Processing

Documents uploaded to NDOR are processed solely to deliver the requested analysis. Document content is processed in memory and is not written to permanent storage. NDOR does not retain uploaded documents or extracted document text after processing completes.

User Control

You maintain control over your account data. You decide whether analysis results are saved to your account or discarded after viewing. You can delete saved analyses or your entire account at any time.

AI Providers

NDOR uses third-party AI providers strictly to deliver decision intelligence. Document content is sent only to the processors required to perform the analysis you request. These providers operate under enterprise API agreements with no-training clauses. Your data is not used to train AI models.

Infrastructure & Access Controls

NDOR runs on secure cloud infrastructure provided by vendors with certifications such as SOC 2 and ISO 27001. Access is controlled through role-based permissions. Authentication endpoints and the async job execution pipeline are rate-limited. Strict browser security headers are enforced on all responses. Authentication and session validity are managed by Supabase using standard token expiry and refresh controls.

Security Reporting

If you discover a security vulnerability or have concerns about data handling, please contact us immediately. We take all security reports seriously and will investigate promptly.

Contact: support@ndor.app