Significant upgrade: May 8, 2026. Optimised for AU/NZ English borehole logs
BoreholeAIDocs
Back to site
OverviewQuickstartWeb AppPython SDKAPI KeySecurity & Privacy

Security & Privacy

BoreholeAI is built for professional geotechnical engineering firms that handle sensitive project data. This page describes how we protect your documents, data, and account.

How Your Data Is Processed

BoreholeAI uses a multi-stage pipeline that combines OCR, computer vision, spatial reasoning, and AI-assisted document understanding. Understanding how this pipeline works is important for evaluating the privacy implications.

OCR-First Architecture

Your original documents are never sent directly to any AI model. Instead, BoreholeAI first applies an OCR (Optical Character Recognition) intermediary layer to extract text and spatial layout information from each page. AI models only work with this extracted text and coordinate data — never with your original PDF, image, or scan files.

This architecture means that any AI processing only ever sees small extracted text fragments and bounding box coordinates — never your original documents, uploaded files, or application logs.

On-Premises OCR

The OCR stage runs entirely on BoreholeAI’s own infrastructure using PaddleOCR, an open-source OCR engine. Your document images are processed locally within our secure environment and are not sent to any third-party OCR service (such as Google Vision, AWS Textract, or Azure Computer Vision).

Deterministic Processing

The majority of the extraction pipeline is deterministic — depth extraction, material boundary detection, table structuring, and AGS formatting are all driven by spatial reasoning and rule-based algorithms, not generative AI models. AI is used selectively for document understanding tasks where pattern recognition is required, such as identifying column layouts and classifying material descriptions.

Minimal AI Exposure

AI models play a narrow, final-parser role in our pipeline. They never receive your original documents, uploaded files, or BoreholeAI application logs.

  • Final parser only: By the time AI is invoked, the document has already been processed by our deterministic OCR and spatial reasoning stages. The AI only sees small, pre-extracted text fragments or image crops — for example, a single material description, a column header, or a cropped symbol — for classification and structuring.
  • No documents, no logs: Your PDFs, scans, images, and any application or processing logs are never transmitted to any AI provider. AI providers only receive the narrow text fragments described above.
  • No training on your data: We do not use your data to train, fine-tune, or improve any AI model.

Encryption

In Transit

All data transmitted between your browser (or API client) and BoreholeAI servers is encrypted using TLS 1.2 or higher. This includes file uploads, API requests, authentication tokens, and result downloads. All HTTP traffic is automatically redirected to HTTPS.

At Rest

Uploaded files and processing results are stored in Supabase Storage, which uses AES-256 server-side encryption for all stored objects. Database records (job metadata, credit transactions, account information) are stored in a PostgreSQL database with encryption at rest enabled.

Authentication & Access Control

Account Security

BoreholeAI uses Supabase Auth for identity management. Passwords are hashed using bcrypt with salt. Session tokens are issued as JWTs with configurable expiry. We support email/password authentication.

API Key Security

API keys are generated with a bhai_ prefix for easy identification. When you create an API key, the full key is shown only once — after that, only the last 4 characters are displayed. API keys are stored as salted hashes in the database; the plaintext key is never stored.

You can revoke any API key at any time from the Settings → API Keys page. Revoked keys are immediately invalidated and cannot be used for further API requests.

Row-Level Security

All database tables use Supabase Row-Level Security (RLS) policies. This means that even at the database level, each user can only access their own data — jobs, files, credit transactions, and settings. There is no application-level access control that could be bypassed; the database itself enforces isolation.

Internal Access

We don’t browse, audit, or use your data for training or analytics. BoreholeAI engineer access is limited to specific operational needs — incident response, refunds, or support requests.

File Storage & Isolation

Uploaded files and processing results are stored in separate Supabase Storage buckets:

  • Uploads bucket: Contains original files uploaded by users. Each file is stored under a path prefixed with the user’s unique ID, ensuring complete isolation between users.
  • Results bucket: Contains processing output files (Excel, AGS, annotated PDFs). Files are stored under {userId}/{jobId}/ paths with storage policies that restrict access to the owning user only.

Storage bucket policies enforce that users can only read and write files within their own user ID directory. There is no shared storage or cross-user file access.

Data Deletion

Automatic 10-Day Retention

Uploaded files and processing results are automatically deleted 10 days after a job completes (or after a job fails). A scheduled cleanup runs every night and permanently removes the original uploaded documents, intermediate processing artifacts, and result files (Excel, AGS, annotated PDFs) from storage.

The job record itself is retained — filename, page count, status, timestamps, and credit usage stay on your account history for billing and audit purposes. Only the underlying file blobs are purged.

When you open a job whose data has been auto-deleted, the app shows a clear “Results No Longer Available” notice. To regenerate outputs, simply re-upload the original document.

Manual Job Deletion

You can delete individual jobs or batch-delete multiple jobs from the Jobs page at any time before the 10-day window. Deleting a job permanently removes the uploaded files, all processing results, and the job metadata from BoreholeAI’s systems. This action cannot be undone.

Account Deletion

You can delete your account from Settings → Account. Account deletion permanently removes:

  • All uploaded files and processing results
  • All job records and metadata
  • All credit transactions and balance
  • All API keys
  • Your user profile and authentication credentials

Account deletion is irreversible. Any remaining credit balance is forfeited. You will be asked to confirm before the deletion proceeds.

Infrastructure

BoreholeAI’s infrastructure is hosted on industry-standard cloud providers:

  • Frontend & API: Deployed on Vercel with automatic HTTPS, DDoS protection, and edge caching for static assets.
  • Database & Storage: Hosted on Supabase (backed by AWS) with automated backups, point-in-time recovery, and encryption at rest.
  • Processing Workers: Run on dedicated compute instances with no shared tenancy. Each job is processed in an isolated environment.

Responsible Disclosure

If you discover a security vulnerability in BoreholeAI, please report it responsibly by emailing support@boreholeai.com with a description of the issue. We take all security reports seriously and will respond promptly.

Summary

  • OCR-first: AI never sees your original documents — only extracted text and coordinates.
  • Minimal AI exposure: AI acts only as a final parser on small extracted text fragments or image crops — never your full documents or logs.
  • Encrypted: TLS in transit, AES-256 at rest.
  • Isolated: Row-level security and user-scoped storage paths.
  • 10-day retention: Uploaded files and results auto-deleted after 10 days; only billing metadata is kept.
  • Deletable: Full control to delete jobs and your account at any time.