Security at Capsule
Security is not a feature we added — it is the foundation we built on. Every architectural decision at Capsule starts with the question: how do we protect our users' most sensitive documents?
End-to-End Encryption
AES-256-GCM
Every document is encrypted in your browser using AES-256-GCM before it leaves your device. This is the same encryption standard used by governments and financial institutions worldwide.
Zero-Knowledge Architecture
Capsule servers never see your unencrypted content. Encryption keys are derived client-side and embedded in the share link. We physically cannot access your documents.
In transit, all data is protected with TLS 1.3. At rest, encrypted document blobs are stored on infrastructure that provides an additional layer of server-side encryption (AES-256).
Compliance
GDPR
Full compliance with EU data protection regulations, including data subject rights and lawful processing.
Encryption Standards
AES-256-GCM encryption, TLS 1.3 in transit, and zero-knowledge architecture ensure your data stays private.
Infrastructure Security
Capsule is deployed on Vercel and trusted cloud infrastructure providers. Our architecture includes:
- Isolated compute environments with no shared tenancy for document processing
- Automated infrastructure provisioning with immutable deployments
- Geographic redundancy with encrypted backups across multiple regions
- Network-level isolation with strict firewall rules and private subnets
- Real-time intrusion detection and anomaly monitoring
Data Handling
We follow the principle of minimal data retention. Expired capsule content is automatically and permanently purged from our servers. Account deletion removes all associated data within 30 days.
Access to production systems is restricted to a minimal set of engineers, requires multi-factor authentication, and is logged in an immutable audit trail. All access is reviewed on a regular cadence.
Penetration Testing
We are committed to regular third-party penetration testing of our application, API, and infrastructure. Findings are triaged and resolved according to severity, with critical and high-severity issues addressed within 48 hours.
We also maintain an internal security review process for all code changes that touch authentication, encryption, or access control logic.
Responsible Disclosure
We take security vulnerabilities seriously and appreciate the work of researchers who help us keep Capsule safe. If you discover a potential security issue, please report it responsibly.
Report vulnerabilities to: security@capsule.technology
Please include a detailed description of the vulnerability, steps to reproduce, and any supporting evidence. We aim to acknowledge reports within 24 hours and provide an initial assessment within 72 hours.
We ask that you do not publicly disclose vulnerabilities until we have had a reasonable opportunity to address them. We do not pursue legal action against researchers acting in good faith.
Questions?
If you have questions about our security practices or need documentation for your compliance review, contact us at security@capsule.technology.