Skip to content
Menu
How it works Developers Use cases Pricing Security Docs Login Get API access

GDPR

Technical and Organizational Measures

These measures describe how exdata protects customer data across account isolation, API security, document processing, retention, incident response, and subprocessor governance.

1. Scope

These Technical and Organizational Measures (“TOMs”) apply to the exdata service, including the public API, document processing workers, workspace, billing workflows, webhook delivery, support tooling, and operational systems used to provide the service.

The measures are designed to support confidentiality, integrity, availability, and resilience in line with the type of document extraction processing exdata performs.

2. Access Control

  • Customer data is scoped to accounts and workspaces.
  • Workspace permissions use role-based access for owner, admin, developer, billing, support, and member workflows.
  • Support access is limited to authorized personnel with an operational reason and is logged through account audit records.
  • Administrative access is limited to personnel with an operational need.
  • Customer API tokens are account-scoped, stored as hashes, and shown only once at creation.

3. Authentication And API Security

  • API requests require bearer-token authentication for protected endpoints.
  • Rate limits protect upload, read, write, and authentication paths.
  • Idempotency keys help customers retry uploads without creating duplicate processing work.
  • Request IDs are included in API responses and error envelopes for support tracing.
  • Webhook secrets are revealed once and used to sign outbound webhook deliveries.

4. Encryption And Transport Security

  • Production traffic is served over HTTPS/TLS.
  • Secrets, API tokens, and webhook secrets are never stored in plaintext where a hash or reveal-once value is sufficient.
  • Managed infrastructure, database, storage, and backup encryption are used where available from the deployed infrastructure provider.

5. Document Processing Controls

  • Uploads are checked against supported file extensions, MIME signals, content signatures, scanner status, and size limits before processing work starts.
  • Processing is asynchronous so API acceptance is separated from extraction completion.
  • Extraction runs record schema, extractor, AI prompt, and normalization versions so behavior can be traced over time.
  • Blocked documents carry machine-readable reasons such as unsupported file, scanner failure, credit state, or policy checks.

6. Logging, Monitoring, And Auditability

  • Account audit logs track security-relevant account actions.
  • Operational logs and error traces are used for reliability, debugging, abuse prevention, and incident response.
  • Webhook delivery records include event type, response status, attempt count, and delivery status.
  • Credit reservations and ledger entries provide traceability for billing-impacting extraction work.

7. Availability And Resilience

  • Application, queue, worker, storage, and database health are monitored through operational checks.
  • Document processing uses queues so transient failures can be retried and investigated.
  • Backups and restore procedures are part of the operational readiness process.
  • Incident runbooks cover queue backlog, failed jobs, extraction failures, billing issues, webhook failures, upload pausing, rollback, and customer communication.
  • Security and operational controls are reviewed, tested, and evaluated periodically, including access reviews, restore readiness, incident procedures, and checks after material infrastructure or product changes.

8. Retention And Deletion

  • Account settings can control retention periods for source files, previews, extracted metadata, and operational logs.
  • Retention jobs remove eligible files, previews, extracted text, metadata, and related processing records.
  • Billing, credit, audit, security, legal, and backup records may be retained longer where necessary.

9. Subprocessor Governance

  • Subprocessors are selected for a defined service purpose such as infrastructure, payments, email, monitoring, or AI-assisted extraction.
  • Subprocessors are listed publicly on the Subprocessor List.
  • exdata requires subprocessors to provide appropriate confidentiality, security, and data protection commitments for their processing role.

10. Review And Changes

exdata reviews and evaluates these measures as the service, infrastructure, legal requirements, and customer risk profile evolve. Measures may be updated to improve security, support new product capabilities, or reflect changes in deployed subprocessors or infrastructure.