Core controls
- Tenant isolation in API and storage paths
- Authenticated access with role-aware controls
- Login lockout policy for repeated failed attempts
- Immutable audit events for critical operations
- Encryption in transit and at rest
Security
Security-first architecture for confidential engineering drawings.
Tolr is designed for organizations that need controlled handling of technical prints, role-aware access, and auditable processing operations.
Security content last updated: 2026-02-19
Data handling commitments
- Customer files are not sold or shared
- Customer drawing files are not used for model training
- Default OCR path does not require third-party OCR SaaS
- Infrastructure providers may act as contracted subprocessors
- Retention policies are tenant-admin configurable
Retention and deletion
Uploaded drawings and extracted results are retained for 90 days by default. Tenant admins can set a custom retention period. When retention expires, cleanup jobs remove expired files and related processing records, typically within 24 hours.
Manual deletion can be requested through [email protected] before the retention window ends.
Sensitive Programs
ITAR-oriented deployment options
Tolr supports deployment patterns designed for controlled environments, including private network configurations and U.S.-controlled processing options for sensitive workflows.