Renamed.to logorenamed.to
LoginSign Up

Security & Compliance

Enterprise-grade security and compliance controls designed for businesses handling sensitive documents. Your data is protected with industry-leading security measures.

Security Overview

At renamed.to, security is fundamental to our service. We implement comprehensive security measures across all aspects of our platform to ensure your documents and data remain protected. Our security program follows industry best practices and is regularly audited and updated.

Data Security

End-to-End Encryption

All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption. Files are processed in memory and never stored permanently.

Data Residency

Processing occurs in secure US-based data centers. No cross-border data transfers for US customers. EU customers' data stays within EU infrastructure.

File Processing Security

Documents are processed in isolated environments with no persistent storage. Metadata extraction uses secure AI models with data isolation.

Secure File Storage

Temporary file storage uses encrypted volumes with automatic cleanup. No original files are retained after processing completion.

Access & Authentication

Multi-Factor Authentication

Two-factor authentication (2FA) is available for all accounts. We support authenticator apps, SMS, and hardware security keys.

Role-Based Access Control

Granular permissions ensure users only access files and features appropriate to their role. Admin controls for team management.

SSO Integration

Enterprise SSO support via Google Workspace, Microsoft 365, and SAML 2.0. Centralized user management and access control.

Audit Logging

Comprehensive audit logs track all user actions, file accesses, and system events. Logs retained for compliance and security monitoring.

Infrastructure Security

Secure Hosting

Hosted on industry-leading cloud providers with SOC 2 Type II compliance. Regular security assessments and penetration testing.

24/7 Monitoring

Continuous security monitoring and alerting for threats, unauthorized access attempts, and system anomalies.

Incident Response

Established incident response procedures with dedicated security team. Customers notified within 24 hours of security incidents.

Regular Security Updates

Automated security patching and updates. Dependencies regularly scanned for vulnerabilities using industry-standard tools.

Compliance & Certifications

SOC 2 Type I Aligned

Our security controls are aligned with SOC 2 Type I requirements, covering security, availability, and confidentiality. We undergo regular third-party assessments to maintain compliance.

GDPR & Privacy Shield

Fully compliant with EU General Data Protection Regulation (GDPR). We implement privacy-by-design principles and provide data processing agreements for enterprise customers.

CCPA Ready

California Consumer Privacy Act compliant with data minimization, access rights, and deletion capabilities. Clear privacy notices and user control over personal data.

Third-Party & Integration Security

Limited OAuth Scopes

We request only the minimum permissions required for file processing. For example:

  • Google Drive: Files access limited to specific folders
  • Dropbox: Scoped access to designated team folders
  • Microsoft 365: Site-level permissions for SharePoint libraries

Token Management

API tokens and OAuth credentials are encrypted at rest and in transit. Automatic token rotation and immediate revocation capabilities. No permanent storage of user credentials.

Data Retention & Deletion

What We Store

  • Extracted metadata (vendor, amount, date, invoice #) for 90 days to improve AI accuracy
  • User account information and preferences
  • Integration settings and connection metadata
  • Audit logs for security and compliance (1 year retention)

Your Control

  • Delete metadata anytime from your dashboard
  • Disconnect integrations to revoke all access instantly
  • Full account deletion with complete data removal
  • Data export available before account deletion

Security Contact

If you discover a security vulnerability or have security concerns, please contact us immediately:

Security Team

Email: security@renamed.to

We appreciate responsible disclosure and will acknowledge your report within 24 hours. Our security team will work with you to understand and resolve the issue.

Security Updates

Latest Security Improvements

Regular security updates and improvements are documented in our changelog. Recent enhancements include enhanced encryption protocols, improved access controls, and regular security audits.