PapersIn
How it worksPricingAfter HubdocFree checklist tool
Sign InGet early access

Security · plain English

How we handle your clients' papers

You're a financial institution under the FTC Safeguards Rule. You're required to pick vendors who can protect this data and to bind them by contract. This page is written to survive that reading — and it states clearly what's live in production today versus what's still roadmap.

Status honesty: nothing below is marketing tense. Items marked live are true today, in the running product — not a promise. Items marked roadmapare dated commitments, not things we're pretending already exist. If we ever can't meet a line on this page, we tell you before you find out.

Where documents live

  • Live:every document is stored in an isolated per-firm workspace — your firm's files are keyed to your account, not a shared bucket — on encrypted volumes (AES-256 at rest), with TLS 1.2+ in transit, hosted in US data centers.
  • Live: your data leaves whenever you want. One-click ZIP export of everything is in the product today, and deleting a document removes it from storage immediately, not on a batch schedule. Account-level deletion follows within 30 days of request (immediately on written request).
  • Live:the shutdown promise (the Hubdoc clause) — if PapersIn ever closes, you get 90 days' notice and a working exporter, contractually. The exporter already exists in the product today, so this is a promise we can keep from day one, and our terms state it as a commitment, not an aspiration. We watched Hubdoc die too.

Who can see them

  • Live:your firm's users, and no one else in the product — every query is scoped to your firm's account. Magic links are unguessable tokens and can be rotated per client at any time.
  • Roadmap (before we accept your first real document): founder access to customer documents only with your written permission during support, logged. The policy holds today; the audit log that proves it isn't built yet, so we won't call it live.

Subprocessors (the honest list)

VendorJobSees documents?
Cloud host (AWS or equivalent)compute + encrypted storageencrypted at rest
Anthropic (API)document classificationyes, per-document at ingest; API traffic is not used to train models per vendor terms
Postmark (or equivalent)reminder emailno — emails contain document names, never contents
Stripebillingno

For your WISP file

Roadmap (before we accept your first real document): a signable DPA template and a security-practices summary you can attach to your Written Information Security Plan. The subprocessor list above is published now. Roadmap (first 12 months):SOC 2 Type I — we won't claim it before an auditor says it.

What we ask of you

Don't email us documents during evaluation; use test files. Use a password manager. Tell clients the drop link is for them alone. Security is a two-party sport and we'll say so even when it costs us a signup.

Final version, with the operating entity's legal name and postal address, publishes with the founding cohort opening. Questions or holes: hello@papersin.com — finding a hole in this page is the fastest way to get our attention and our gratitude. See also Privacy and Terms.

PapersIn© 2026
After Hubdoc guideChecklist generatorChase calculatorPricingSecurityPrivacyTermshello@papersin.comBuilt withIndie Kit