Security

Security & Encryption

Learn how your data is protected with industry-standard security practices.

Normain is built with enterprise-grade security at its core. We know our customers work with sensitive business information such as contracts, financial data, HR records, and proprietary internal documentation. Protecting that data is a responsibility we take seriously.

Security is not a feature added later. It is embedded into how Normain is built and operated. From encryption and access controls to auditability and compliance, every layer of the platform is designed to help customers work confidently with confidential data.

Certifications & Trust Center

Normain maintains a structured security and compliance program that customers can review transparently. We are ISO27001 and SOC 2 Type II certified

Customers can review Normain’s security posture in the Vanta Trust Center, including:

  • Security controls and policies

  • Compliance documentation

  • Penetration test summaries

  • Data processing agreements

You can also request security questionnaires and internal review materials through the Trust Center.

Data Ownership & IP

Your data remains yours.

  • You own all data you provide to Normain, including documents, files, and URLs

  • You own all results generated in Normain, including extracted data and insights

  • You own your templates, frameworks, and extraction logic

Normain does not reuse customer business logic and does not lock you in. You can export your data and outputs at any time, and your workflows remain yours. 

  • Normain will never use any of your data to train AI models

  • Normain will never share your data with other customers

  • Normain only processes your documents when a user in your organisation initiates an action, like uploading files, running an extraction, exporting results, or connecting an integration.

  • Only users with the right organisation or team access can view or work with the data inside that workspace.

  • Normain staff will not be able to open, browse, or review customer documents unless you explicitly approve it.

Hosting & Deployment

Normain is hosted on Microsoft Azure and designed to meet enterprise security requirements. The platform runs in a multi-tenant environment with strong logical separation between customers, combined with encryption, strict access controls, and continuous monitoring.

Shared hosting (Azure)

  • Multi-tenant architecture with logical tenant isolation

  • Encryption in transit (TLS) and encryption at rest

  • Role-based access control (RBAC) and least-privilege access principles

  • Controlled access paths and restricted administrative access

  • Centralized monitoring, audit logging, and security event tracking

Contact Security

To request security documentation or review materials, contact security@normain.com


Previous

Support & Contact

Previous

Support & Contact

Previous

Need help? Contact Support

On this page

Title

© 2026

Normain · All rights reserved