Enterprise-Grade Security
Our platform is built on AWS infrastructure with comprehensive security measures to protect your sensitive construction data. This page outlines our approach to security, compliance, and privacy.
Infrastructure & Architecture
Enterprise-grade infrastructure built on AWS
Regional Deployment
Primary region: AWS US-East-2 (Ohio)
Data residency: All customer data remains in the United States
High availability architecture with automatic failover
Database & Storage
Document Storage: Amazon S3 for scalable, durable object storage
Metadata Storage: Amazon DynamoDB for fast, secure access to project metadata
Backup Strategy: Automated daily backups with 30-day retention
Authentication & Access Control
Enterprise-grade identity management and access control
Identity Management
Powered by Auth0, an industry-leading identity platform:
Multi-factor authentication (MFA) available
Single Sign-On (SSO) for enterprise customers
RS256 JWT tokens with automatic expiration
Role-Based Access Control (RBAC)
Project-level permissions ensure users only access their own data
Team member access can be granted and revoked instantly
Audit logs track all data access and modifications
AI & Machine Learning
Intelligent document processing with privacy at the forefront
Document Processing
We use OpenAI's GPT models to extract and analyze data from construction documents. This enables:
Automated Schedule of Values (SOV) extraction
Contract analysis and compliance checking
Change order processing
Data Privacy in AI Processing
Your data is never used to train AI models
AI providers do not store or retain your documents (per enterprise agreements)
All processing happens in real-time with immediate data deletion
Encryption
Industry-standard encryption protecting your data at all times
Encryption at Rest
All data stored in AWS S3 is encrypted using AES-256 encryption with server-side encryption (SSE-S3). Database metadata in DynamoDB is also encrypted at rest.
Even if unauthorized access occurs, data cannot be deciphered without proper encryption keys.
Encryption in Transit
All communication is secured using TLS 1.2 or higher encryption protocols. This includes:
API communications between client and server
Data transfers to/from AWS services
Third-party integrations (Auth0, OpenAI)
Data Usage & Privacy
Complete transparency about how we handle your data
What We Collect
How We Use Your Data
Your data is completely encrypted and used exclusively for providing our service: document parsing, analytics, insights generation, and system performance monitoring.
What We DON'T Do
Data Retention
We maintain secure backups of your project data while you maintain an active subscription. Upon account closure or data deletion requests, all associated data is permanently removed from our systems within 30 days.
Compliance & Standards
Meeting industry standards and regulatory requirements
Privacy Regulations
GDPR Compliant
European data protection standards
CCPA Compliant
California privacy requirements
Security Compliance
SOC 2 Compliant Architecture
Official certification processing in progress
Infrastructure Partners
Trusted service providers that help us deliver secure services
| Provider | Service | Location |
|---|---|---|
| Amazon Web Services (AWS) | Cloud Infrastructure | United States |
| Microsoft Azure | Cloud Infrastructure, Artificial Intelligence | United States |
| Auth0 | Authentication & Identity | United States |
| OpenAI | Artificial Intelligence | United States |
| Google Gemini | Artificial Intelligence | United States |
Last updated: November 2025
© 2025 Structo Inc. All rights reserved.