MasterFile AI operates on a 100% Microsoft Azure cloud platform.

Customer data is stored and processed within secure Azure infrastructure located in the United States. Uploaded files, processing results, and reports are maintained in isolated environments designed for enterprise workloads.

Data is logically separated by customer and is not shared across tenants. Infrastructure components are maintained and updated to support availability, resilience, and security best practices.

Access to customer data is restricted based on role and function.

Key principles include:
- Logical isolation of customer data
- Least-privilege access controls
- Separation between application services and administrative functions

Only authorized processes and authenticated users can access uploaded data and processing results.

Data is protected during transmission and storage using industry-standard security practices.

- Data in transit is protected using encrypted connections
- Stored data is protected using encryption mechanisms appropriate for cloud-based storage
- Access credentials and secrets are managed securely

These measures help protect data from unauthorized access or interception.

Encryption and key management leverage Azure-supported security mechanisms appropriate for cloud-based environments.

Customer data is retained only as long as necessary to support processing, review, and download of results.

Retention periods are designed to balance operational needs with data minimization principles. Data is automatically deleted in accordance with retention policies unless otherwise agreed.

Customers may request early deletion of their data at any time.

All customer data processed by MasterFile AI is stored and handled within the United States.

MasterFile AI does not transfer or store customer data outside the U.S. unless explicitly agreed in writing.