Security
How Saff protects customer documents, extracted data, and retained originals.
Security posture
Saff is designed to limit how much original document data is kept and to protect the data customers choose to process. The main controls are workspace separation, encryption before saving sensitive data, signed-in access, activity records, and conservative file retention.
This page describes current security practices. It does not claim a formal external certification unless Lenouar publishes that certification separately.
Workspace separation
Each workspace is designed to keep its extraction tables, rows, corrections, batches, and storage records in a separate workspace database.
Account, membership, and billing records are kept separately from values extracted from documents.
Before workspace data is accessed, Saff checks that the user is signed in and allowed to use that workspace.
Encryption before saving
Saff encrypts sensitive extracted values, supporting snippets, corrections, retained-file keys, and storage secrets before saving them.
The encryption design is built so Lenouar can improve key management over time without changing how users work in the product.
Database and storage providers may also encrypt their systems, but Saff adds its own encryption for sensitive extraction data before it is stored.
Upload and file handling
Supported documents are uploaded to temporary encrypted storage for processing. The upload links are short-lived.
Temporary uploads are deleted after successful processing, final failure handling, cancellation, or expiry cleanup.
In extract-only mode, original files are not kept after processing. Preview stays disabled when no retained original exists.
Retained originals and preview
Retained original files require customer-owned S3-compatible storage. Saff saves retained originals to the connected bucket in encrypted form and keeps storage credentials encrypted.
Preview happens through Saff after sign-in. Saff does not expose direct bucket download links or storage credentials in normal product screens.
Access protection and activity records
Sensitive actions go through centralized checks for sign-in status, workspace access, request safety, usage limits, and expected input formats.
Saff records activity for important actions such as storage changes, uploads, extraction processing, wallet changes, exports, previews, corrections, row review, table archival, and batch cancellation.
Activity records are designed to avoid raw extracted values, document bytes, storage secrets, direct file links, payment card data, and other sensitive content.
| Area | Lenouar responsibility | Customer responsibility |
|---|---|---|
| Workspace access | Provide sign-in, workspace access checks, and account controls. | Invite only authorized users and remove access when it is no longer needed. |
| Extraction tables | Store table and extraction data in the appropriate workspace database. | Define accurate fields, review extraction results, and correct values before relying on exports. |
| Temporary uploads | Use encrypted temporary object storage and cleanup processes. | Upload only documents that the workspace has the right to process. |
| Connected storage | Encrypt retained originals before writing them to the connected bucket. | Manage bucket access, lifecycle rules, encryption settings, compliance, and storage provider costs. |
| Payments | Use embedded payment processing and maintain wallet balance records. | Use authorized payment methods and monitor wallet use by workspace users. |
Reporting security concerns
Report suspected security concerns to services@lenouar.ae with enough detail for Lenouar to investigate. Do not include unnecessary sensitive customer data in the initial report.