Security & Privacy

Enterprise-Grade Security

Your data never leaves your infrastructure. AutonBoard runs as a Docker container on your own servers. We have zero access to your merchants' data, documents, or personal information.

Data Ownership

Your data never leaves your infrastructure. AutonBoard runs as a Docker container on your own servers. We have zero access to your merchants' data, documents, or personal information.

All merchant data stored exclusively on your database

No data is ever transmitted to AutonBoard servers

Full ownership and control over all onboarding records

Delete data at any time — no copies, no backups on our side

Infrastructure

Deployed on your servers (AWS, Azure, GCP, or on-premise)

Your domain, your SSL certificates

Your database (PostgreSQL / Supabase)

TLS 1.3 encryption in transit

AES-256 encryption at rest

Docker container — isolated and portable

AI & LLM Privacy

The AI chat uses OpenAI GPT-4o via API

No conversation data is stored or used for training

Option to use Azure OpenAI for full data residency compliance

All document scanning happens server-side, never client-side

AI prompts contain no personally identifiable information by default

Compliance

GDPR ready — full data subject rights supported

Data Processing Agreement (DPA) available

Audit logs for all user and system actions

Role-based access control (RBAC)

SOC 2 aligned practices

Regular security assessments

How Deployment Works

We provision a Docker container

Configured with your branding, domain, and settings.

You deploy it on your infrastructure

AWS, Azure, GCP, or any Docker-compatible host.

Connect your database and domain

Point to your PostgreSQL/Supabase instance and your custom domain.

We handle all updates remotely

You never touch the code — we push updates to the container image.

Have security questions?

Our team is happy to walk through our architecture and answer any compliance questions.

Talk to our security team