Preflight

Security & data handling

Your documents are statements, EOBs, and mail files — they deserve specifics, not badges.

The short version: files purge fast, tenants are isolated, logs never contain document content, and nothing leaves the infrastructure without your explicit opt-in.

Retention — deletion is the default

Anonymous uploads auto-purge within 24 hours — the file, the parsed result, and the preview. Result pages are token-gated and never indexed. Workspace documents live until you delete them or close the account; account closure purges everything — documents, results, audit trail, analytics rows — leaving a single content-free deletion tombstone.

Isolation

Storage keys, database rows, and every query are tenant-scoped; isolation is enforced in the application layer with database row-level security as a backstop. Share links for workspace results are not public resources — anonymous share tokens exist only for anonymous checks.

Logs that can’t leak your documents

Parser and system errors are redacted before they are stored — a crash while parsing a statement never writes names, addresses, or account numbers into a log line. This is tested behavior, not policy intent.

No content egress

Analysis runs inside Preflight’s infrastructure. Document content is never sent to third parties without an explicit opt-in (e.g. choosing to email yourself a report link). Marketing pages use first-party, cookie-less analytics; there are no third-party trackers.

Infrastructure

Managed, boring, and few: Fly.io (compute) · Neon (Postgres, point-in-time recovery) · Tigris (object storage) · Upstash (queues) · Clerk (authentication — we never see passwords) · Stripe (payments — card data never touches our servers) · Resend (transactional email) · Sentry (errors, redacted). TLS everywhere with HSTS; internal service hops authenticate with dedicated secrets; outbound webhooks are signed and destination-allowlisted.

What we don’t claim

No SOC 2 audit yet — Preflight is an early-stage product and we won’t rent a badge to imply otherwise. What you get instead is the same rule the product itself follows: precise claims about what actually happens, and a direct line to ask anything — support@preflightdocs.com. Security disclosures welcome at the same address.

Privacy policy →Terms →Questions before a pilot? We answer them in writing.

Security & Data Handling — Preflight · Preflight