Security & Privacy

Your data security is our priority. Learn how we protect your files and what happens to your information.

Local-First Processing

Files are processed directly in your browser. Document content stays on your device until sent to AI for analysis.

Client-Side Encryption

Your files are encrypted with AES-256 before being stored locally. Only you have access to the encryption key.

Transparent Architecture

We're open about our data flow. You can verify our claims using browser DevTools to inspect network requests.

How Your Data Flows

1

File Upload

You upload files to our application. Files are processed locally in your browser using OCR and PDF parsing.

2

Local Encryption

Processed files are encrypted with AES-256 and stored in your browser's IndexedDB. The encryption key is generated and stored locally.

3

AI Analysis

Document text and images are sent to Groq AI for one-time analysis to generate intelligent filenames and metadata. Groq does not train on your data.

4

Authentication & Usage

User authentication and usage tracking are handled by Supabase, which provides enterprise-grade security for your account data.

5

Download

You download your renamed files. The processed data remains encrypted in your browser until you clear it.

Groq AI

Our AI provider for document analysis. Groq's Trust Center includes:

  • Enterprise-grade encryption for data in transit and at rest
  • SOC 2 Type II certified for security controls
  • HIPAA/GDPR compliant for healthcare and privacy regulations
  • Does not train on customer API data
Visit Groq Trust Center →

Supabase

Our backend provider for authentication and data storage. Supabase provides:

  • Row Level Security (RLS) for data access control
  • Encryption at rest for all stored data
  • TLS 1.2+ encryption for data in transit
  • Built on PostgreSQL with enterprise security
Visit Supabase Security →

What We Don't Do

We don't store your files on our servers permanently

We don't sell your data to third parties

We don't use your files to train AI models

We don't access your files without your permission

We don't claim certifications we don't have

We don't hide our data processing practices

Verify for Yourself

We believe in transparency. You can verify our security claims using your browser's developer tools:

Step 1: Open Developer Tools

Press F12 or right-click and select "Inspect" to open browser DevTools

Step 2: Go to Network Tab

Click on the "Network" tab to see all HTTP requests

Step 3: Upload a File

Upload a file and observe that processing happens locally - no file upload requests except to Groq AI for analysis

Step 4: Check IndexedDB

Go to Application/Storage → IndexedDB to see your encrypted files stored locally

Your Data, Your Control

Data Deletion

You can delete your data at any time:

  • • Clear browser storage to remove local files
  • • Delete your account to remove Supabase data
  • • Contact us for complete data removal

Data Export

You can export your data:

  • • Download your processed files anytime
  • • Export your usage history
  • • Request a full data export from us

Last updated: 5/29/2026

Questions about security? Contact us at smartrenameai@gmail.com