❓ Frequently Asked Questions

Privacy. Security. Trust.

Your documents never leave your browser. Here's everything you need to know about how we protect your data.

Privacy & Architecture

Does SuperSecureDoc upload my documents to a server?

No. All processing — PDF conversion, compression, redaction, encryption, and digital signing — happens entirely in your browser using the Web Crypto API. Your files never leave your device. We architecturally cannot access your data.

Do you store my files on your servers?

Never. We have no file storage system. When you use any tool, the file stays in your browser's memory, is processed locally, and is discarded when you close the tab. We don't have a database of your documents.

What information do you collect?

Only what's necessary for authentication (email, name) if you create an account. We don't collect document contents, signatures, or private keys. Anonymous usage metrics help us improve performance.

Do you sell or share my data?

Never. We don't have your documents to sell. We don't share authentication data. Your privacy is our product differentiator.

Security & Encryption

What encryption do you use?

We use Web Crypto API with AES-256-GCM and ChaCha20-Poly1305 for encryption. For digital signatures, we support RSA (2048/4096) and ECDSA (P-256, P-384). All operations happen locally in your browser.

Can I use my own encryption keys?

Yes. Our Browser HSM (BYOK) lets you generate and store your own RSA/EC keys in your browser using WebCrypto. Your private keys never touch our servers.

What hardware tokens do you support?

YubiKey, smart cards, USB tokens, and any PKCS#11-compliant HSM. Private keys never leave the physical device — they can't be extracted or copied.

Is my data encrypted during transmission?

Yes. All communication uses TLS 1.3 (HTTPS). But since your files never leave your browser, there's no document data to intercept in transit — only authentication and metadata.

Blockchain & Legal Compliance

Are SuperSecureDoc signatures legally binding?

Yes. Our digital signatures comply with ESIGN Act (US), UETA, eIDAS (EU), and IT Act 2000 (India). Each signature captures consent, intent, and is anchored to Hedera blockchain for tamper-proof evidence.

What is Hedera blockchain anchoring?

Every signature generates a cryptographic hash that's submitted to the Hedera Consensus Service. This creates an immutable timestamp and tamper-proof audit trail that anyone can verify — no central authority can alter or dispute it.

Is SuperSecureDoc GDPR compliant?

Yes. Because your data never leaves your browser, there's no cross-border data transfer. We don't store personal data in documents. You maintain full control under GDPR principles.

Is SuperSecureDoc HIPAA compliant?

Our architecture is HIPAA-ready. We don't store PHI on our servers. Documents are processed locally. For formal HIPAA compliance, we sign BAAs with enterprise customers.

What about eIDAS qualified signatures?

SuperSecureDoc supports qualified electronic signatures when you use a qualified certificate on your hardware token (YubiKey, smart card). The private key stays on your device.

Account & Pricing

Do I need an account to use the tools?

No. All basic tools are free with 5 operations per day — no sign-up required. Create a free account only if you need unlimited operations, sequential/collective workflows, or hardware HSM support.

What's included in the free tier?

15+ document tools, 5 operations per day, browser-based processing, digital signatures, basic encryption, and document verification. No credit card required.

What's in the paid plans?

Unlimited operations, sequential/collective workflows, Hedera blockchain anchoring, hardware HSM support (YubiKey/smart card), priority support, and enterprise SLAs.

Technical Support

Which browsers are supported?

Chrome, Firefox, Safari, Edge — latest versions. Web Crypto API and WebAssembly are required for local processing.

Do you offer enterprise support?

Yes. Enterprise customers get dedicated support, SLAs, SOC2 reports, and compliance assistance. Contact our sales team.

How do I report a security issue?

Email security@supersecuredoc.com. We respond within 24 hours and have a responsible disclosure policy.

Still have questions?

Our team is here to help.