BopDocs is built to handle sensitive client documents — tax records, legal files, financial statements. Security isn't a feature we added later. It's how we built the platform from day one.
AES-256
Encryption
SOC 2
Infrastructure
99.9%
Uptime target
HTTPS
TLS 1.2+ always
All data stored in our database and file storage is encrypted using AES-256 — the same standard used by banks and government agencies.
Every connection uses TLS 1.2+. Data is never transmitted in plaintext — not between your browser and our servers, and not between our services.
Every database query is filtered by organization at the database level. One org can never access another's data, even in the event of an application bug.
Passwords are hashed with bcrypt and unique per-user salts. We never store plaintext passwords. Resets use time-limited, single-use tokens.
BopDocs runs on Vercel (application) and Supabase (database and storage), both SOC 2 Type II compliant with redundancy and automated backups.
Role-based access (Owner, Admin, Member) controls who can manage team settings, send requests, and review submissions.
Invites use 7-day expiring tokens sent to specific emails. Only the exact recipient can accept. Owners can revoke access at any time.
Files stored in isolated, access-controlled buckets. Types validated server-side. 25 MB limit. Only authenticated org members can access files.
Your clients access their upload portal through a unique, unguessable URL. No account creation required.
Found a vulnerability? Email security@bopdocs.com. We ask that you:
Security questions? Contact security@bopdocs.com. For data and privacy questions, see our Privacy Policy.
Join professionals who’ve automated document collection and reclaimed their time.