ocRithm
HomePricingDownloadFAQAbout

Security & privacy

Read the fine print.
We made it short.

You're trusting us with invoices, bank statements and client documents. Here is exactly what happens to them — nothing more, nothing less.

The life of a document

Six steps. Zero retention.

Every document follows the same path through DocRithm. The only durable artifacts are the renamed file on your disk, the extracted data in your local database, and the voucher in your Tally.

1. You drop a fileStays on your disk
2. Sent for extractionTLS-encrypted, in memory only
3. Fields extractedStructured data returned to you
4. File renamed & filedOn your machine
5. Voucher postedDirect to Tally on your LAN
6. Document on our serversDeleted — nothing retained

The four pillars

Security that holds up to an audit

No document storage

Documents are transmitted over TLS, processed in memory, and immediately discarded — whether processing succeeds or fails. Your history and extracted data live in a local database on your machine.

Native credential storage

API keys are stored in the macOS Keychain or Windows Credential Manager — never in plain-text config files. Keys are bcrypt-hashed server-side and can be revoked per machine from the dashboard.

Books never leave your network

The Tally integration talks to Tally Prime over your own LAN using Tally’s HTTP interface. Ledgers, stock masters and vouchers never transit our servers.

Payments handled by Razorpay

Checkout runs entirely through Razorpay. We never see or store card numbers, UPI handles or banking credentials.

Questions about security?

Ask us anything — including the hard ones.

Enterprise security review, data processing questions, or compliance requirements for your firm — we answer directly, in writing.