Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.meetdoris.com/llms.txt

Use this file to discover all available pages before exploring further.

Customer data is protected using encryption and access controls across key production systems and supported service paths.

Encryption at Rest

Database Encryption

  • Transparent Data Encryption (TDE) with AES-256 protects data stored in primary production databases
  • Encryption is applied at the storage layer for database pages, indexes, and backups managed by the platform

Field-Level Encryption

Selected sensitive credentials (such as OAuth tokens, API keys, and refresh tokens) receive an additional application-level protection layer:
  • Application-level encryption is used for selected high-sensitivity secrets
  • Key rotation support is built into secret-handling workflows
  • Defensive handling helps avoid accidental re-processing or corruption of protected values

Storage Encryption

  • Managed storage is encrypted at rest
  • HTTPS-only access is enforced for supported storage endpoints

Encryption in Transit

  • Minimum: Supported service connections require TLS 1.2 or higher
  • Preferred: Newer transport protocols and modern cipher suites are used where available
  • Certificate management: Certificate renewal and expiry monitoring are automated where supported
  • Outbound traffic: External service integrations are expected to use industry-standard transport encryption
Unencrypted external access is not supported for production service endpoints.

Key Management

Encryption keys and secrets are managed through dedicated secret-management services:
  • RBAC-controlled access — Only authorized identities can retrieve secrets
  • Recovery protections — Secret-management services support recovery and retention safeguards
  • Access logging — Secret access is logged for audit and investigation purposes
  • Runtime injection — Sensitive values are intended to be provided at runtime rather than embedded in application code

Data Residency

  • Primary hosting: Core production workloads are primarily hosted in Microsoft Azure UK South (London)
  • AI-assisted processing: Where enabled, customer content may be processed by approved enterprise model providers under commercial terms and configured service controls
  • International transfers: Where cross-border transfers are required, appropriate contractual safeguards are used as applicable

Data Retention & Deletion

  • Customer data is retained in line with service needs, legal requirements, and applicable contract terms
  • Data export may be available during an active subscription, subject to product capabilities
  • Deletion is performed in accordance with contractual commitments and operational retention safeguards
  • Backup data may persist until it is aged out through the applicable backup lifecycle