We care about privacy. The Accessible Org should be usable in a way that matches your security, compliance, and deployment requirements.
This page explains how customers can use the service securely today, what stronger privacy controls we intend to support, and the implementation plan required to deliver them.
Customers can choose increasing levels of control. Some of these options are available now and some are roadmap items. The point is to make the tradeoffs explicit instead of pretending every deployment has the same privacy needs.
Under Settings, customers will be able to provide credentials for compatible S3 storage so source files and outputs live in their own bucket. Without hosted storage enabled, we should have no access to documents after processing completes.
Teams that need tighter control can use the API directly and build their own front end, workflow, or portal on top of the same conversion backend we use internally.
For organizations with stricter controls, we will provide a CDK deployment and coordination layer so the full processing path runs inside the customer’s AWS environment and we never see the data.
For self-managed environments, we plan to offer a Docker-based deployment option so customers can run the service in their own infrastructure and manage network, storage, and retention locally.
Customers will be able to provide their own model keys. As long as one compatible vision-capable AI model is available, the pipeline can route image and layout analysis through customer-controlled providers.
Even in the hosted model, our privacy posture should follow standard secure SaaS practices.
These are the product and platform changes needed to make the privacy model real.