A missed error in a signed document can cost thousands. Recensa catches the kind that slip past a final read.

See what it catches
Recensa

Trust & Security at Recensa

An honest account of how Recensa protects your documents and where our compliance program stands: encryption, access controls, named subprocessors, AI data handling, and SOC 2 status—including what isn't finished yet.

Last updated 2026-06-30

Recensa is a verification layer for documents people cannot afford to get wrong. Trust is the product, so we hold ourselves to the standard we ask our customers to expect. This page is a plain, honest account of how we protect your data and where our compliance program stands — including what we have not finished yet.

Your documents and AI

Your documents are never used to train any AI model — ours or any third party's. Document text is processed to produce your review and then handled under a strict retention and deletion policy. Our public verification records store a cryptographic hash, never your document's contents.

Full details: How Recensa Handles Your Documents and AI.

How your data is protected

All traffic to recensa.ai and api.recensa.ai is encrypted in transit with TLS, all Recensa infrastructure runs in the United States, and access to systems that hold customer data is limited to authorized personnel. For the full description of our security practices, see our Data security page.

Who we share data with

We use a small, named set of subprocessors and disclose every one, what they touch, and where they process it.

Full list: Recensa Subprocessors.

Legal and privacy

Compliance status

We believe in stating exactly where we are, not where we wish we were.

  • SOC 2: Recensa is pursuing a SOC 2 Type I report, scoped to the Security and Confidentiality Trust Services Criteria, with a target of Q1 2027. A Type II report will follow. We do not yet hold a completed SOC 2 report, and we will say so plainly until we do. (SOC 2 is an independent attestation, not a certification.)
  • What we have today: the data-handling, encryption, access, and subprocessor practices described on this page, plus our verification and integrity-seal mechanism.
  • What we are building: the formal controls, policies, and independent audit behind a SOC 2 report. We are happy to share our current status and timeline with prospects under review.

Contact

Last updated: June 29, 2026