Data security is important. We want to make sure you understand where your data goes when you use Appian document extraction features. Document extraction provides data privacy and protection because it secures your data with Appian as well as Google Cloud.
This page describes how your data moves within Appian, as well as how it moves between Appian and Google Cloud, if you choose Google to extract your document data.
Appian provides built-in document extraction services for most documents and data types. If you choose to use Appian as your document extraction vendor, your data stays entirely within Appian Cloud. Appian does not access customer's business data and has a strong security, privacy, and compliance posture. Visit the Appian Trust Center for more details.
Tip: If you're using document extraction with a Google Cloud Platform project, your configuration and security may be different.
There are two systems at play for document extraction:
For extraction, Appian sends the document to Google Cloud Storage within your configured Google Cloud Platform project so that Document AI can be performed on it.
The document is then analyzed using the Google Cloud Document AI API. This analysis data is stored in a JSON document in a Google Cloud storage bucket and sent back to Appian. If you want to temporarily store the JSON analysis document, you will need to arrange the deletion of the documents.
The auto-mapping learning of labels and values is stored in the Appian environment. The learning happens independently in each environment.
Appian does not share the extracted data with Google or use it beyond the customer instance. This data is not used to improve Document AI or improve mappings globally across Appian customers. The entire processing and improvements remain with and within your systems.
All downstream processing such as validation, continuous learning of mappings, and improved extracted results are processed and stored within your Appian Cloud instance. After a user completes the task to reconcile the document content with the extracted information, then the document data is written to the database. This data can be referenced in other applications as well.
See Data Security in IDP for additional information about data storage, retention, and access in the application's common workflows.
Both Appian and Google protect data security, privacy, and integrity as part of their respective document extraction services. Throughout this section, we reference the following resources to help summarize what the policies mean for your data:
Note: Refer to Google's resources for up-to-date information and more details about Google Cloud Platform. Google Cloud Platform's Terms and Conditions, Data Privacy and Access is summarized below for convenience.
At a high-level, Google states that they do not access customer data in transit or at rest for any purpose other than to provide the respective services requests. By default, data is also encrypted during transit and at rest for security. In practice, this means that Google does not use customer data to improve the service: in this case, the machine learning models. Processing and communication all occur within the confines of the customer's own Appian cloud instance and the customer's own Google Cloud Platform project.
Refer to section 5.2.1.: Customer's Instructions in Google's processing terms for more details.
Google provides access transparency logs, which expose any action including reading of data by anyone (Google, Appian, or otherwise) of both data and services.
Visit Google's site for the most up to date information regarding their security commitments. We've summarized some key points from Google Vision data-processing FAQ and AutoML FAQ to provide you with helpful answers to key questions.
Visit Google Cloud Platform Security page to learn more about the security measures in place for Google's Cloud Services.
Appian does not access customer's business data and has a strong security, privacy, and compliance posture. Visit the Appian Trust Center for more details.
Data Security in Document Extraction