# Security

Last updated June 2, 2026

**Short version:** your document is isolated from every other document on the platform, encrypted while it travels over the network, encrypted at rest by Cloudflare, and protected by unguessable share tokens plus authenticated owner checks. We don't sell document data, run ads, or train Comment.io models on it. Voice Notes beta uses your configured BYOK speech-to-text provider and uploads raw transcripts to your selected Comment.io destination. Security reports go to [max@comment.io](mailto:max@comment.io) and are reviewed promptly.

Your documents are private by default, encrypted on the way to us and while we hold them, and isolated from every other document on the platform. This page explains what that means, what we do with the data you give us, and what we don't. If you're trying to decide whether to put a draft, a memo, or your team's notes here — this is for you.

**Isolated by document**
Each document gets its own private container with storage no other document can reach.

**Encrypted in transit**
Browser, live-collaboration, and API traffic uses HTTPS/TLS.

**Encrypted at rest**
Cloudflare-managed storage encrypts persisted values and uploaded images.

**Token-gated access**
Reading or writing a private document requires a valid token or signed-in owner.

## Core commitments

- **Your documents are yours.** We use document content only to provide the editor, collaboration, comments, suggestions, authorship history, storage, and API features you ask us to provide.

- **No ads, no data brokers.** We don't sell, rent, or share document content with advertisers or data brokers — there's no one to sell it to.

- **No model training by Comment.io.** We don't train AI models on your documents or voice notes. If you choose to give a third-party agent, AI tool, or Voice Notes beta provider access to content, that provider's own terms apply to what it receives.

- **Hashed secrets at rest.** If our database leaked tomorrow, the secrets in it would be useless. Agent API keys are stored as one-way hashes — even we can't read the original — and sessions are signed so a copy of a database row can't be used to log in as you.

- **Clear security contact.** If you find a security bug, email [max@comment.io](mailto:max@comment.io). Good-faith reports are triaged promptly, and reproduction happens on test documents rather than user data.

## What we don't do, and what we can see

**Can Comment.io operators read your documents?** Operational access to production storage exists for incident response and bug investigation — that's a fact of running any hosted service. We don't browse user documents for product, marketing, or curiosity reasons, and we don't train models on them. If we ever need to access a specific document to debug a reported issue, we'll tell you.

**What we log.** We log request paths, status codes, request timings, and errors. We don't log the contents of your documents, the keystrokes you type, the text of your comments, voice-note transcript text, raw audio, signed audio URLs, provider raw JSON, or OAuth refresh tokens. Logs are retained for up to 30 days in Axiom.

**Deletion.** Archived documents are retained for up to 30 days so they can be restored. When an archived document is deleted forever, its private container, uploaded images, and access tokens are removed. Edge caches and operational logs may retain references for a short period before they roll over. We don't keep archived copies for analytics.

**Voice Notes beta retention.** Mobile recordings save locally first. In the current BYOK workflow, the app sends audio directly to your configured Deepgram or AssemblyAI account and uploads raw transcript documents to Comment.io. Comment.io does not upload voice-note audio to cloud transcription storage or run server-side transcript cleanup for this workflow. Transcript documents, encrypted provider-key settings, destination metadata, and sync records are retained until document/account deletion or a future granular mobile delete/export control removes them.

**Inactivity expiry.** Document access tokens auto-expire after 30 days of inactivity. A forgotten share link stops working on its own.

**Data export.** You can export any document as Markdown at any time. Leaving Comment.io is straightforward by design.

**If Comment.io shuts down.** If we ever wind the service down, we'll give at least 30 days' notice and provide a way to export your documents as Markdown before data is removed.

**OAuth provider compromise.** If your Google, Microsoft, or Apple account is taken over, anyone who can sign in as you can access your documents — Comment.io trusts the provider's answer. Use a strong password and two-factor authentication on the provider, and contact us if you suspect a takeover so we can revoke active sessions.

_Document requests are routed into a per-document execution and storage boundary._

```mermaid
flowchart LR
  B[Browser editor: REST + live sync]
  A[Agent or API client: REST API]
  W[Comment.io Worker]
  ACL[Token/session + role check]
  B --> W
  A --> W
  W --> ACL
  ACL --> D1[Document A container]
  ACL --> D2[Document B container]
  D1 --> S1[(Private storage for Document A)]
  D2 --> S2[(Private storage for Document B)]
  D1 -.-> B2[No access to Document B storage]
  D2 -.-> B1[No access to Document A storage]
  classDef blocked fill:#fff7ed,stroke:#ea580c,color:#7c2d12
  class B1,B2 blocked
```

## How document access works

Every document has a URL identifier and access tokens. A person or agent needs a valid token, or a signed-in owner session, to read or modify private document content through the app, the live-collaboration connection, or the REST API. There is no listing or directory that exposes documents publicly — a document's existence does not make it discoverable.

Treat share links and API credentials like passwords. Anyone who receives a valid token can use the access that token grants until you rotate or revoke it from the document's Share menu. Public previews show only the title and timestamps — the actual text never appears in a preview.

Each private document has a permissions list mapping people, browser visitors, and registered agents to one of four roles. Permissions are checked on our servers, not just in the browser — the UI can't be "inspected" to grant yourself extra access.

- **Owner.** Manage the document and its sharing settings, invite collaborators, change roles, use owner-only controls.

- **Editor.** Change document content and participate in collaboration.

- **Commenter.** Add comments and suggestions without broad document-management powers.

- **Viewer.** Read the document without changing it.

- **Agent access.** Registered agents are added to the permissions list by handle and receive only the role they were granted for that document.

Comments and suggestions carry author metadata. The server rejects unauthorized edits to a comment owned by someone else — your comments can't be silently rewritten by another person or agent.

## Encryption

### In transit

- Browser, live-collaboration, and REST API traffic is served over HTTPS. This encrypts data while it travels between your browser or API client and Comment.io's servers.

- Production session cookies are marked `Secure` and `HttpOnly`.

- State-changing browser requests carry a second hidden token to make sure they come from the real Comment.io app, not a hostile site.

### At rest

- All stored data — document text, comments, uploaded images, voice-note transcript documents, encrypted provider-key settings, and operational records — is encrypted at rest by Cloudflare. See [Cloudflare's encryption documentation](https://developers.cloudflare.com/r2/reference/data-security/) for the technical specifics.

- Registered agent secrets are stored as one-way hashes. We can't recover the original secret for you; if it is lost or exposed, generate a new one and the old one stops working.

_Encryption covers both the network path and the storage layer for document operations._

```mermaid
flowchart TD
  C[Client] -->|HTTPS/TLS| W[Comment.io Worker]
  W -->|authorized operation| D[Document container]
  D -->|persistent state| DS[(Encrypted storage)]
  W -->|uploaded images| R2[(Cloudflare R2, encrypted)]
  D -->|comments, history, sync| C
```

## AI agents and third-party access

Comment.io is designed so humans can invite agents into documents. That doesn't mean every document is automatically sent to an AI provider.

- Comment.io doesn't send your document to an AI model by default.

- An agent can only read or write a document after it receives a valid document token or registered-agent authorization.

- If you paste a Comment.io token into another tool, install an agent, or configure a webhook, you're granting that external system the access represented by the token or integration.

- Webhook URLs are checked so they can't be pointed at internal addresses or loopback. Notification payloads are scoped to the event being delivered.

Voice Notes beta is different because transcription is the feature: when online transcription is configured, the Android app sends local audio directly to your selected Deepgram or AssemblyAI account using your API key, then uploads the raw transcript to the Comment.io folder you selected in Botlets settings. Comment.io does not run server-side LLM cleanup for voice notes.

## Authentication and sessions

- **OAuth login.** Human accounts sign in through Google, Microsoft, or Apple OAuth. Comment.io receives only the identity information needed for login and display.

- **Browser sessions.** The session cookie is HttpOnly, secure in production, expires after 30 days, and can be renewed while active for up to 90 days.

- **Cross-site request protection.** State-changing browser requests require a second token derived from your session, checked on the server before the request is accepted.

- **Agent credentials.** Registered agents use permanent `as_` secrets. We store hashes of these secrets and show the original value only when it's created.

- **Rate limits.** OAuth, handle registration, handle lookups, mobile voice-note mutations, and other sensitive endpoints are rate-limited per IP or account.

## How we run the service

We keep the moving parts small on purpose.

- **Vendors.** Cloudflare (Workers, private containers, R2, KV, CDN, DDoS protection, TLS); Axiom (operational logs, retained up to 30 days); Sentry (frontend and backend error reporting and source map processing); Resend (email delivery, bounce, complaint, and unsubscribe handling); Google, Microsoft, and Apple for OAuth login when you choose that provider; AssemblyAI and Deepgram for Voice Notes beta speech-to-text when you configure your own provider key. That's the entire list.

- **Logs.** Structured logs for status codes, request timings, and errors. Tokens, passwords, OAuth refresh tokens, voice-note transcript text, raw audio URLs, signed audio URLs, and provider raw JSON are not written to logs.

- **Input validation.** REST endpoints validate expected input shapes and reject unexpected fields that could confuse identity handling.

- **Code review.** Security-sensitive code paths — auth, token handling, document access, storage migrations, and comment authorship — are reviewed before deployment.

- **Environment separation.** Staging and production deployments are separate. Production deploys require explicit human approval through GitHub Actions.

- **No investors, no acquisition pipeline.** Comment.io is bootstrapped. We have no plans to sell user data to fund a pivot.

See the [Privacy Policy](/privacy) for the current data collection, retention, and vendor disclosure. If we add a new vendor that handles document data, we'll update this page and the privacy policy and date the change.

## Incident response

If we confirm a security incident that affects user documents or account data, we'll prioritize containment, revoke or rotate affected credentials where possible, preserve evidence, and notify affected users with what happened, what data was involved, and what action they should take.

## Responsible disclosure

Found a security bug? Email [max@comment.io](mailto:max@comment.io). We triage good-faith reports promptly. Please don't access, modify, or exfiltrate data that isn't yours — describe the issue and we'll reproduce it on a test document.

No service can promise that a breach is impossible. We've tried to describe honestly what we do to make one unlikely, and what we'd do if one happened. If you're storing regulated, legally privileged, or extremely sensitive material, evaluate whether these controls match your requirements. This page is a companion to the [Terms of Service](/terms), not a substitute for them.