Security is not a feature.
It's the foundation.

AES-256-GCM encryption at rest for all documents and PII

Every document is encrypted before it touches disk. Decryption keys are managed via a dedicated KMS.

TLS 1.3 encryption in transit

All data transmitted between your browser and our servers is encrypted with the latest TLS standard.

EU data residency (Frankfurt) — GDPR compliant by default

Your data is stored in Supabase-managed infrastructure in Frankfurt, Germany (eu-central-1).

Per-organisation encryption keys — your data is isolated

Each organisation has a unique encryption key. Even in the unlikely event of a breach, data from other organisations remains inaccessible.

Supabase PostgreSQL with row-level security

Database-level policies ensure that queries can only access rows belonging to the authenticated organisation.

Your documents are NEVER used to train AI models

We have zero-retention data processing agreements with all AI providers. Your data is processed and discarded.

AI processing happens in isolated, stateless sessions

Each AI query runs in an ephemeral context that is destroyed after the response is generated.

No cross-organisation data mixing — ever

Organisation boundaries are enforced at every layer: database, API, and AI context.

Anthropic's Claude API processes queries without retaining data

Under our enterprise agreement, Anthropic does not store, log, or train on any data sent through the API.

Local-only processing option for the most sensitive documents

Choose to process documents entirely in your browser. Only AI-generated insights are stored — the raw file never leaves your device.

Role-based access: Owner, Admin, Member, Viewer

Fine-grained permissions ensure team members only see what they need.

SSO/SAML for enterprise (Okta, Azure AD, Google Workspace)

Centralise authentication through your existing identity provider.

Multi-factor authentication

Add a second factor via authenticator app or hardware key for all user accounts.

IP allowlisting for enterprise

Restrict access to Raven from approved IP ranges only.

Session timeout and re-authentication for sensitive actions

Sensitive operations (e.g. deleting documents, changing billing) require re-authentication.

SOC 2 Type II (in progress)

Our SOC 2 Type II audit is underway with a target completion in Q3 2026. Contact us for our current security questionnaire.

GDPR — full data sovereignty and right to erasure

EU-hosted infrastructure, data processing agreements, and immediate deletion on request.

CCPA compliant

California Consumer Privacy Act compliance for US-based users.

FCA/SEC awareness for financial promotions

Built-in guardrails help ensure outreach content aligns with financial promotion regulations.

Immutable audit trail for every action

Every document upload, deletion, AI query, and access event is logged in a tamper-proof audit trail.

You own your data. Always.

Raven claims no ownership or license over your uploaded documents or generated content.

Full data export at any time (GDPR Article 20)

Download all your documents, embeddings, and campaign data in standard formats at any time.

Immediate deletion on request — no 30-day holds

When you delete a document, it is removed from all storage and indexes immediately. No grace period, no backups retained.

Configurable data retention policies

Enterprise customers can define custom retention windows for documents, campaigns, and audit logs.

Local-only processing option — your most sensitive documents never leave your device

For the highest level of privacy, process documents in your browser. Raven extracts insights locally and only stores the AI-generated summary.