Sorto is built for teams that handle sensitive documents. Here's how we keep your data safe.
Sorto runs as a desktop application on your machine. Your PDF files, images, and documents are processed locally and are never uploaded to our servers or any third party.
When Sorto processes a file, it extracts text using OCR and renders page images locally. The extracted text and page images are sent to OpenAI's API for analysis. Your original files — PDFs, scans, documents — are never uploaded or stored on any server.
We don't store your documents on any server. Sorto doesn't have a cloud storage component. Your files live on your hard drive, exactly where you put them.
We use OpenAI's API with zero data retention (ZDR) requested. Your data is not used to train any AI models. It is processed and discarded immediately after analysis.
User accounts are managed through Supabase Auth with industry-standard security practices. Passwords are hashed and salted. We never have access to your plain-text password.
All payments are processed by Paddle, a Merchant of Record. We never see, store, or process your credit card details. Paddle handles all billing, invoicing, and tax compliance.
When Sorto encounters an error, we collect a crash report to help us fix it. Filenames, file paths, document content, and personal information are automatically scrubbed before the report is sent. You can opt out of crash reporting anytime in the app under Settings → Privacy.
Have security questions? Contact us at support@sorto.ca