DocsCanary processes raw diffs in memory and immediately purges them. We store only the semantic insight — never the code itself. You control exactly what we see.
Security is not a feature we bolted on. It is the foundation every line of DocsCanary is built upon.
Raw diffs are held in memory for seconds during analysis, then permanently purged. No disk writes, no caching, no traces. Our architecture makes it impossible for code to persist.
Choose from three granularity tiers: metadata only, diff only, or contextual diff. Upgrade or downgrade per repository, at any time, with a single toggle.
Every API call, every data access, every model invocation is logged with timestamp, actor, and IP address. You can export your full audit trail at any time.
Code enters, insight exits. Nothing else stays. Here is the exact lifecycle of every piece of data we process.
GitHub/GitLab sends a webhook when a PR is merged. We receive metadata only at this stage.
Diffs are fetched into volatile memory, analyzed by AI in seconds. Never written to disk.
Only the semantic result is persisted: which docs are affected, severity, and suggested edits.
All raw code data is permanently erased from memory. Zero residual. The only thing that persists is the derived insight.
Every repository has its own access tier. Change it anytime. Downgrade with zero data retention from the previous level.
DocsCanary receives only PR titles, descriptions, commit messages, and file paths. Absolutely zero code access of any kind.
Best for: Teams with strict compliance requirements or repos containing highly sensitive IP.
Only the changed lines from each PR are analyzed. Processed in volatile memory in seconds, never written to disk. Ideal balance of accuracy and privacy.
Best for: Most teams. Gives DocsCanary enough signal to accurately detect documentation impact without exposing full file contents.
Changed lines plus a configurable window of surrounding context. Enables the highest-fidelity understanding of what changed and why.
Best for: Complex codebases where changes require surrounding context to understand impact on docs accurately.
Built on AWS with defense-in-depth security at every layer.
DocsCanary is built to satisfy the strictest enterprise security and privacy requirements.
Audit in progress
EU data residency options
Every action logged
Right to be forgotten
Our controls are designed to meet SOC 2 Type II requirements across all five trust service criteria: security, availability, processing integrity, confidentiality, and privacy. We are currently undergoing formal third-party audit and are happy to share our controls matrix and architecture documentation under NDA.
We support Data Processing Agreements (DPAs), right to access, right to deletion, and data portability. EU data residency is available on request for teams with regulatory requirements. Sub-processors are disclosed and contractually bound to equivalent data protection standards.
No. Raw diffs and code snippets are processed entirely in volatile memory (RAM). They are never written to disk, never cached, and never persisted in any database. Once analysis completes — typically within seconds — all code data is permanently purged from memory.
DocsCanary stores only the semantic insights derived from analysis: which documentation pages may be affected by a code change, the severity of the drift, and AI-generated edit suggestions. We also store metadata you have shared (PR titles, commit messages, etc.) and your configuration preferences.
Absolutely not. We use Anthropic Claude under a Data Processing Agreement that explicitly prohibits training on customer data. We also leverage Anthropic's zero-retention API options, meaning your data is not logged or retained by our AI provider either.
Yes. Every API call, data access event, and model invocation is logged with a timestamp, the acting user, and the originating IP address. You can export your complete audit trail at any time from your account settings, or request it from our team.
DocsCanary infrastructure runs on AWS with VPC isolation. By default, data is hosted in US regions. For GDPR compliance, we offer EU data residency options where all data processing and storage occurs within EU-based AWS regions.
We have implemented all controls required for SOC 2 Type II certification and are currently undergoing our formal audit. We are happy to share our controls matrix, security architecture documentation, and penetration test results under NDA. Contact security@docscanary.com to request access.
Yes. Under GDPR and our own data governance policies, you can request complete deletion of all your data at any time. This includes all stored insights, metadata, configuration, and audit logs. Deletion is processed within 30 days and is cryptographically verified.
We maintain a responsible disclosure program. Security researchers can report vulnerabilities to security@docscanary.com. We commit to acknowledging reports within 24 hours, providing an initial assessment within 72 hours, and resolving critical issues within 7 days.
From the moment a GitHub webhook fires to the moment results appear in your dashboard — every transition is secured and audited.
TLS 1.3 on every network hop
HMAC secret on all webhooks
No disk writes ever
Code erased post-analysis
Built to satisfy enterprise procurement requirements. Documentation available under NDA.
All five trust service criteria: security, availability, processing integrity, confidentiality, and privacy. Formal audit underway — controls matrix available under NDA.
Full GDPR compliance with EU data residency options. We support right to access, right to deletion, and data portability out of the box.
A standard DPA is available for all Business and Team plan customers. Required for GDPR-regulated teams in the EU or those handling personal data.
Source code and diffs are never written to disk or persisted in any database.
All persisted insights and metadata are encrypted with unique per-tenant keys.
Every connection is encrypted with modern TLS. HTTP is redirected to HTTPS.
Encryption keys are unique per organization, rotated automatically via AWS KMS.
Anthropic processes data under a signed DPA with zero-retention options available.
Every data access and API call is logged with actor, timestamp, and IP address.
DocsCanary only requests read permissions on selected repositories — never write.
Clerk-powered SSO available on Team plan. Enterprise SSO with custom IdP on request.
The questions your security team will ask. Answered precisely.
No. Diffs and code snippets are processed entirely in volatile memory (RAM). They are never written to disk, never cached, and never stored in any database. Once analysis completes — typically within seconds — all code data is permanently purged from memory. The only thing persisted is the derived semantic insight: which doc pages are affected and the suggested edits.
DocsCanary requests read-only access on the specific repositories you select during setup. We use GitHub's fine-grained repository permissions: contents:read and pull_requests:read. We never request write permissions, webhook management permissions, or org-level access unless you explicitly choose a GitHub App installation that grants it.
DocsCanary infrastructure runs on Supabase (backed by AWS), hosted in US-East regions by default. All persisted data is encrypted at rest using AES-256-GCM with per-tenant encryption keys managed via AWS KMS. For GDPR compliance, EU data residency is available — all data processing and storage occurs within EU-based AWS regions upon request.
Yes. Repository selection is per-repo and fully granular. During the GitHub App installation flow, you choose exactly which repositories DocsCanary can access — you can start with one and add more at any time. You can also revoke access for individual repos from your GitHub settings at any time without affecting your other connected repos.
Yes. Authentication is powered by Clerk, which supports SAML 2.0 and OIDC-based SSO. SSO is available on the Team plan and above. Enterprise customers can configure a custom identity provider (Okta, Azure AD, Google Workspace, etc.). SCIM provisioning for automated user lifecycle management is available on Enterprise.
No. We use Anthropic Claude under a Data Processing Agreement that explicitly prohibits training on customer data. We also use Anthropic's zero-retention API options, meaning your data is not logged or retained by our AI provider either. Your code never contributes to model improvements.
Yes, under NDA. We conduct third-party penetration tests quarterly and are happy to share the most recent report with enterprise prospects and customers. Contact hello@docscanary.com to request access. We also welcome coordinated security research — see our responsible disclosure policy.
Upon cancellation, your account data is soft-deleted immediately (no longer accessible via the product) and hard-deleted within 30 days. This covers all stored insights, metadata, configuration, audit logs, and any associated backups. We will provide a written confirmation of deletion upon request.
Our security team will walk through our architecture, share documentation under NDA, and answer any questions from your procurement or InfoSec team.
Our security team is available to discuss your requirements, share documentation under NDA, or walk through our architecture in detail.
security@docscanary.com — PGP key available on request