Your data is yours. Period.
Orkom is built for teams that handle sensitive business documents. Security isn't a feature — it's the foundation.
Infrastructure & Hosting
Hosted on Google Cloud Platform, Europe region. All data encrypted at rest (AES-256) and in transit (TLS 1.2+). Automated database backups with server-side encryption on all stored files.
All data stays in Europe.
Data Isolation
Strict multi-tenant architecture — every organization's data is fully isolated. No cross-tenant data access is possible, by design. No Orkom employee accesses customer documents or extracted data.
Your data is invisible to everyone except your team.
AI & Confidentiality
Documents are sent to the AI model for real-time extraction only — they are not stored, cached, or retained by the provider. Your documents are never used to train, fine-tune, or improve any model. Orkom works with providers like Anthropic and Google under enterprise data processing agreements, and also offers open-source models. You choose which model to use per workspace.
Zero data retention by AI providers. Model choice is yours.
Authentication & Access Control
Email/password authentication with two-factor authentication (2FA) available. API keys are hashed (SHA-256) and never stored in plain text. Role-based access control (RBAC) with granular permissions per organization. Custom roles control who can upload, extract, export, and manage teams.
You decide who sees what, down to the action level.
GDPR Compliance
Orkom is fully GDPR compliant. Right to access, right to deletion, right to data portability. Data Processing Agreement (DPA) available on request for enterprise customers. All data processing happens within the EU.
DPA available on request.