FileDigest

Your data control

How FileDigest keeps your documents yours: per-user isolated storage, signed-download access control, automatic deletion, and an engine that cannot train on your files.

Summary: Your documents stay yours. They live in per-user isolated storage, every download passes an ownership check and a short-lived signed URL, files auto-delete on a retention clock you can shorten, and the converter is open-source and deterministic, so there is nothing for us to train on your data.

We are an independent product without compliance badges yet, so we do not wave SOC 2 or HIPAA logos around. Instead, here is exactly how your data is handled, with mechanisms you can verify.

No model training on your documents

We do not run our own AI models. FileDigest converts documents with Docling, a deterministic open-source engine. There is no proprietary model in the loop and therefore nothing to train on your files. Most document-AI tools run their own models and have to promise not to train on your data; we architecturally cannot.

Per-user isolated storage

Every file and artifact is stored under a path scoped to your account. The download route checks that the job belongs to you and then issues a short-lived signed URL. Artifacts cannot be listed, guessed, or shared by link, and the engine API key never reaches the browser.

Automatic deletion

Your files auto-delete on a retention clock:

  • Free: 72 hours
  • Pro: 30 days
  • Business: 90 days
  • Enterprise: custom, including zero-retention

Shorter or zero retention is available on request.

Processing model

  • You upload to a private storage path; the browser never holds the engine key.
  • A server route registers the job and enforces your plan limits.
  • Docling runs on Modal GPU workers and writes outputs under your job path.
  • Downloads require an authenticated ownership check and a signed URL.

Subprocessors

We use a small, named set of vendors: Modal (processing), Supabase (auth and storage), Stripe (billing), Resend (email), and Sentry (error monitoring). Credentials are server-side environment variables and are not shipped to client bundles.

Self-host the same engine

Because the converter is open-source Docling, an air-gapped or regulated team can run the exact same engine in its own environment. Talk to us if you want a self-hosted or dedicated-region deployment.

Enterprise

Custom DPA, SSO, dedicated or regional processing, custom or zero retention, and an SLA are available on the Enterprise plan. Email support@filedigest.dev to start.