Security at CleanTably

Your documents contain sensitive data. We built CleanTably with security as a foundation, not an afterthought. Here's exactly how we protect your files.

Auto-Purge Protocol

Files are permanently deleted from our servers after processing completes. No copies. No backups. No exceptions.

Strict Privacy

We never read, share, or monetize your data. You retain 100% ownership of your files and the data they contain.

No-Eyes Policy

Documents are processed entirely by automated systems. No human ever views, opens, or has access to your files.

256-bit TLS Encryption

Every file transfer uses TLS 1.3 with 256-bit encryption — the same standard used by major financial institutions.

Encrypted Pipeline

Your data is encrypted in transit from the moment it leaves your browser until the spreadsheet is delivered back to you.

No Data Retention

We don't build databases of your documents. Once your spreadsheet is ready and delivered, the source file is gone.

What happens to your file

Every document follows the same secure lifecycle — no shortcuts, no variations.

1 Upload TLS 1.3 encrypted

→

2 Process Automated extraction

→

3 Deliver .xlsx returned to you

→

4 Purge File permanently deleted

At no point during this process does a human see your document. The entire pipeline is automated, encrypted, and ephemeral.

Encryption in detail

Security isn't a feature we bolted on — it's built into every layer of the system.

In transit: All connections use TLS 1.3 with 256-bit AES encryption. Your browser verifies our certificate before any data is sent. Downgrade attacks are blocked — we don't support older, weaker protocols.
During processing: Your document is held in an isolated, encrypted memory space. It is never written to persistent disk. Processing completes in seconds.
At rest: There is no "at rest" — files are not stored. The output spreadsheet is generated, delivered to your browser, and the source is immediately purged.

The No-Eyes Policy

Most document processing services have human review steps — for quality assurance, training, or exception handling. We don't.

No employee, contractor, or support agent ever sees your documents. Processing is fully automated. If an extraction fails, the error is logged without the document content — and you're notified immediately.

This applies to every tier — free and paid. Your financial data, medical records, contracts, or personal documents are never viewed by humans at any point in the pipeline.

Auto-Purge Protocol

Deletion is not a background task we run "when we get to it." It's a core system behavior.

Immediate purge: Source files are deleted after processing completes and the output is ready for download.
No backups: Deleted files are not moved to recycle bins, cold storage, or backup systems. The data is wiped.
Stateless design: Our processing pipeline is designed to be stateless — each document is an independent, self-contained operation that leaves no trace.

Infrastructure

CleanTably runs on infrastructure trusted by millions of businesses:

Cloudflare: Global CDN and DDoS protection for the frontend. Your connection is routed through Cloudflare's secure edge network.
Railway: Backend processing on isolated containers with encrypted networking. No shared resources with other tenants.
No third-party document storage: We don't use S3 buckets, Google Drive, or any external storage for your files. Documents exist only in memory during processing.

Free tier vs. Paid tiers

Both tiers receive the same level of encryption, the same auto-purge protocol, and the same no-eyes policy. The only difference is how structural data is handled.

Free tier: Files are purged after processing. To continuously improve accuracy for all users, our system learns from anonymized document structures — layouts, header types, and table patterns. Your actual content (financial data, personal information, text) is never part of this process.

Paid tiers: Files are purged immediately after processing. Zero structural analysis. Your documents are processed and completely erased — nothing is retained in any form.

Full details are in our Terms of Service and Privacy Policy.

Frequently asked questions

Can CleanTably employees see my documents?

No. Documents are processed by automated systems only. No human has access to your files at any point — during upload, processing, or after deletion.

How long do you keep my files?

Files are deleted after processing completes. There is no long-term retention period, no archive, and no way to recover a deleted file.

Is my data used to train AI models?

No. We do not use your documents to train AI models. On the free tier, our system learns from anonymized structural patterns (layouts and formats, not content) to continuously improve extraction accuracy for all users. Paid tier data is never used for any purpose beyond your immediate conversion.

What happens if processing fails?

If extraction fails, the source file is still immediately deleted. We log the error type (e.g., "unsupported format" or "low image quality") without retaining the document content.

Do you comply with GDPR / CCPA?

Yes. We collect minimal personal data (email only), don't store documents, and honor deletion requests. Our data minimization approach means there's very little to delete in the first place. See our Privacy Policy for details.

Can I use CleanTably for sensitive documents?

Yes. Our encryption, auto-purge, and no-eyes policies are designed for exactly this use case. If you handle financial records, medical documents, legal contracts, or any other sensitive data — your files are processed with the same protections a bank would expect.

Still have questions?

Security is too important for vague answers. If you have specific questions about how we handle your data, reach out directly.

Try It Free Contact Us Privacy Policy