Data Privacy

Your Data, Your Control

We believe you should decide where your data lives, how it is processed, and who can see it. Our platform is designed with privacy at every layer — and we give you the tools to verify that yourself.

Read our full Privacy Policy for complete details on data handling, third-party services, and your rights.

Five Levels of Data Control

Choose the level that fits your organization. Each tier gives you more control over where your data lives and how it is processed.

Level 1Coming Soon

Bring Your Own Storage

Keep documents in your own cloud

Configure your own S3-compatible storage in Settings. Your documents are processed by our conversion engine but stored only in your bucket. Without storage configured on our side, we have no access to your data after processing completes.

How It Works

  1. 1Go to Settings and open the Storage tab
  2. 2Enter your S3 endpoint, access key, secret key, bucket name, and region
  3. 3We verify the connection and encrypt your credentials at rest
  4. 4All converted files are written directly to your bucket
  5. 5Delete your data from our platform at any time with one click

Your documents never persist on our infrastructure. We process them in memory and write the output straight to your storage.

Level 2Available Now

Use Our API

Build your own frontend

Access the same conversion engine we use through our public REST API. Build your own application, integrate into your existing workflow, or create a fully custom experience. Your documents go from your system to our API and back — they never touch our web interface.

How It Works

  1. 1Generate an API key from your account dashboard
  2. 2Send documents to our conversion endpoint via HTTPS
  3. 3Receive accessible output as a response or via webhook callback
  4. 4Documents are processed in a stateless pipeline — nothing is stored
  5. 5Full API documentation with interactive examples at /docs/api

Complete control over your data flow. Documents travel from your infrastructure to our API and back without persisting on our systems.

Level 3Coming Soon

Run on Your AWS

Our stack, your cloud account

Deploy the full Accessible platform into your own AWS account using our Infrastructure as Code (CDK) scripts. We provide a coordination layer for updates and licensing. Your data never leaves your AWS environment — we never see it.

How It Works

  1. 1We provide an AWS CDK deployment script tailored to your account
  2. 2Run the CDK deployment in your AWS environment (including GovCloud)
  3. 3All resources — Lambda, S3, DynamoDB, SQS — are created in your account
  4. 4A lightweight coordination layer handles version updates and license validation
  5. 5We provide monitoring templates for CloudWatch and alerting

Full data sovereignty. Every byte of your data stays within your AWS account boundary. We provide the software; you own the infrastructure.

Level 4Coming Soon

Run with Docker

Complete air-gap capability

Run the entire Accessible stack on your own hardware using Docker Compose. This includes the API, database, storage, job queue, and monitoring — everything needed for a fully self-contained deployment. No internet connection required after initial setup.

How It Works

  1. 1Pull container images from our private registry (one-time authentication)
  2. 2Run the accessible-server CLI to bootstrap configuration and secrets
  3. 3Start the full stack with a single command: docker compose up
  4. 4Built-in management CLI handles upgrades, backups, rollbacks, and health monitoring
  5. 5Operates fully offline — no phone-home, no telemetry unless you opt in

Maximum isolation. Your data never leaves your physical premises. Suitable for classified environments, air-gapped networks, and strict regulatory requirements.

Level 5Coming Soon

Bring Your Own AI

Use your own LLM provider keys

Provide your own API keys for vision-capable AI models. Our platform works with Google Gemini, Anthropic Claude, and OpenAI GPT-4o. As long as one vision AI provider is configured, the full conversion pipeline works. Your AI traffic goes directly from your deployment to your provider — we are never in the path.

How It Works

  1. 1Go to Settings and open the AI Providers tab
  2. 2Enter API keys for one or more supported providers (Gemini, Claude, GPT-4o)
  3. 3We validate each key with a lightweight test call before saving
  4. 4The conversion pipeline uses your keys — AI requests go directly to your provider
  5. 5Your conversion reports show which provider was used for each step

Complete control over AI processing. Your documents are analyzed by AI services under your own accounts and billing. We never proxy or observe the AI traffic.

What We Do on Our End

Regardless of which tier you choose, we follow these practices for every document we handle.

Encryption Everywhere

All data encrypted in transit (TLS 1.3) and at rest (AES-256). API keys and credentials are encrypted before storage.

No AI Training

Your documents are never used to train AI models. We use AI for conversion only, and nothing is retained after processing.

Minimal Retention

Processed documents are retained only as long as you need them. Temporary files are purged immediately after conversion completes.

FERPA Ready

Our architecture supports FERPA compliance for educational institutions. Student data handling follows established subprocessor agreements.

Access Controls

Role-based access, team isolation, and audit logging ensure that only authorized users can access your organization's data.

SOC 2 Path

We are building toward SOC 2 Type II certification. Our infrastructure and processes are designed with SOC 2 controls in mind from day one.

Need Enterprise-Grade Privacy?

Talk to our team about on-premises deployment, custom data residency requirements, or FERPA compliance for your institution.