A technical overview for security, risk, and procurement teams covering trust boundaries, encryption, access control, product processing, monitoring, and recovery.
Vukorix publishes the controls and limitations needed to evaluate the platform without exposing provider identifiers, internal services, or network configuration.
Last reviewed: 24 June 2026
Vukorix separates the client and recipient experience, product processing, stored data, and service operations into distinct security responsibilities.
Users authenticate to their organisation account. Recipients use controlled links and any required PIN, password, SMS code, expiry, or view limit. Private mode encryption begins in the sender's browser for supported file transfers.
Vukorix applies account access rules, recipient controls, product processing, status updates, and relevant event recording. Standard-processing features can access file contents only where the selected product requires it.
Stored content is encrypted. Operational access is restricted, monitoring and alerts run continuously, and backups and recovery procedures are maintained.
The security model differs according to the product feature being used. Features that need document preparation, previews, signing, forms, or messaging require secure server processing. Supported Private mode transfers keep file contents outside the Vukorix processing boundary.
Standard secure processing supports product features that need access to document contents. Private mode moves supported file encryption into the sender's browser.
| Area | Standard secure processing | Private mode |
|---|---|---|
| Where encryption begins | The connection between the browser and Vukorix is encrypted. | The file is encrypted in the sender's browser before upload. |
| Stored content | Stored file content is protected using AES-256-GCM with server-managed encryption keys. | Vukorix stores encrypted file data and does not have access to the file contents. |
| Content processing | Authorised Vukorix systems can process document contents where required by the selected product feature. | Vukorix systems do not decrypt the supported file contents. |
| Feature support | E-Sign, Smart Forms, Document Library, previews, redaction, and Secure Exchange messaging. | Secure Share, Secure Receive, and supported Secure Exchange file transfers. |
| Recovery | Content remains available through the organisation's authenticated account while retained by the service. | Vukorix cannot recover file contents if the required link information or passphrase is lost. |
| Metadata | Account, recipient, product, and event information may be recorded according to the selected feature. | File contents are protected, but operational metadata may still be retained. |
Private mode protects supported file contents but does not remove all service metadata. Vukorix may retain sender identity, timestamps, file size, and ciphertext integrity information needed to operate and secure the service.
Recipient IP address and user-agent information are not retained on Private mode events.
Filenames can be hidden where the selected product supports that option.
The required decryption information may depend on the share link or passphrase. If it is lost, Vukorix cannot recover the file contents.
| Product | Processing path | Why content processing is needed | Security result |
|---|---|---|---|
| E-Sign | Standard secure processing | Prepare the PDF, place fields, complete signing, and produce the signed document and records. | Encrypted transfer and storage, optional recipient access checks, signed PDF, certificate page, and separate audit-pack PDF. |
| Document Library | Standard secure processing | Store approved PDF templates and create fresh E-Sign drafts. | Encrypted transfer and storage with authenticated organisation access. |
| Smart Forms | Standard secure processing | Prepare the PDF, suggest and place fields, and produce the completed PDF. | Encrypted transfer and storage, with the completed PDF kept with the related request or exchange. |
| Secure Share | Standard secure processing or Private mode | Create controlled links with expiry, view limits, and optional access checks. | Private mode adds browser-side encryption and prevents Vukorix from accessing supported file contents. |
| Secure Receive | Standard secure processing or Private mode | Collect requested client documents and show request status. | Private mode adds browser-side encryption for supported client uploads. |
| Secure Exchange | Standard secure processing and Private mode for supported file transfers | Connect incoming files, outgoing documents, messages, Smart Forms, and E-Sign items. | Messages, Smart Forms, and E-Sign items use Standard processing. Private mode applies only to supported file transfers. |
Vukorix records relevant account and product events and provides product-specific completion records.
Completed E-Sign documents include the signed PDF, a certificate page, and a separate audit-pack PDF.
Completed Secure Exchange items can include a completion certificate and audit pack.
Vukorix does not publicly claim that event records are append-only, HMAC-chained, or independently tamper-proof unless those controls are separately verified.
Manual PDF Redaction is available inside the E-Sign and Smart Forms editors. The selected page is rasterised, opaque areas are applied, and the exported page is produced as an image-based copy.
The underlying PDF text is removed from the selected area in the exported copy. The document owner retains the original source document.
Vukorix service infrastructure is hosted in Australia. Provider identities and internal topology are not published on this page.
Automated monitoring and alerts run around the clock to help identify and investigate operational issues.
Backups and recovery procedures are maintained as part of normal service operations.
Changes are tested before release, with security and reliability reviewed as the service evolves.
When monitoring identifies an issue, Vukorix investigates it, uses available recovery procedures where needed, and applies what is learned to improve the service.
Administrative access is limited to authorised purposes and is not exposed through the public customer experience.
Customer Content is handled according to the selected product and encryption path. Standard-processing features can access file contents where required. Private mode protects supported file contents from Vukorix access.
Vukorix retains the account, product, event, and technical information required to operate, secure, and support the service.
Retention and deletion are governed by the published Privacy Policy and the controls available in the selected product. This page does not publish unverified per-product or backup-deletion timelines.
The categories and purposes of service providers used by Vukorix are listed in the Privacy Policy. Infrastructure-provider names are intentionally not repeated on this page.
Security and privacy are considered when product behaviour and data handling are designed.
Changes are tested before release, with security and reliability included in the review.
Vukorix reviews technical changes, customer feedback, operational events, and recognised security practices to improve the service.
Vukorix reviews its security design and operations against recognised security and privacy guidance. This is not a claim of certification, formal conformance, or independent assurance.
Vukorix is not currently SOC 2 certified and has not completed an independent external cryptographic audit.
Vukorix does not claim that every product uses browser-side encryption, that every event record is independently tamper-proof, or that any online service can guarantee complete security.
This page will be updated as controls are independently reviewed and additional assurance becomes available.
Vukorix service infrastructure is hosted in Australia. Provider names, account identifiers, and internal network configuration are not published on this page.
Files are encrypted during transfer and while stored. Standard secure processing uses AES-256-GCM for stored file content. Private mode adds browser-side encryption for supported file transfers.
E-Sign, Smart Forms, Document Library, previews, redaction, and Secure Exchange messaging require secure server processing. Private mode prevents Vukorix from accessing supported file contents.
Vukorix cannot recover the file contents if the required link information or passphrase is lost.
Private mode protects file contents but does not remove all operational metadata. Sender identity, timestamps, file size, and ciphertext integrity information may be retained to operate and secure the service.
Vukorix accounts use two-factor authentication, including WebAuthn passkeys and authenticator apps.
Automated monitoring and alerts run around the clock. Backups and recovery procedures are maintained, and changes are tested before release.
Vukorix is not currently SOC 2 certified and has not completed an independent external cryptographic audit.
Review the published policies or contact the team operating Vukorix.