When using the Woodpecker Word add-in and when populating individual templates from the add-in, no information entered into the template fields and populated into the document actually leaves the user's computer.

The Woodpecker add-in reads and displays the field data for a given template by retrieving this field data from the document itself (the field data is stored as metadata within the DOCX file that only Woodpecker can read). In this case, the information that is used to populate a template is only stored within the template file itself and never leaves the Word file.

The exception to the above is when the multi-populate or questionnaires features are used, or when utilizing Woodpecker's API or Zapier application.

In these cases, Woodpecker templates are stored in a user's Document Collection (Woodpecker's encrypted cloud-based file storage system hosted on Amazon Web Services - more info on AWS Security here) and are then "populated" asynchronously when a questionnaire is submitted or when multiple templates are populated from the Word add-in itself, from our API, or from our Zapier application.

Information is first submitted (either via the Woodpecker add-in, a questionnaire, our API, or Zapier application). All communications between all of Woodpecker's user interfaces and systems are encrypted using Transport Layer Security (TLS).

Any information that is stored in Woodpecker's system is encrypted in transit and at rest and the association to any source questionnaire, template, or source user is hashed such that all of the stored data is unreadable. The authentication of the source user's account is the only mechanism by which the data is able to be decrypted or retrieved.

When templates are populated in bulk (via multi-populate, API, or Zapier), the final documents are made available for download to the user that initiated the request. The link provided to download the final documents is a "signed URL" that automatically expires after one hour to ensure that the documents are not unknowingly accessed for longer than the initiating user intended.

When templates are saved to a user's document collection, these documents are associated with the correct user via an encrypted hash key such that they can only be retrieved via the successful authentication of the user that created these templates (or a by a user on their team). Additionally, the templates stored in the Document Collection are encrypted in transit and at rest.

Stored data is obfuscated so raw data cannot be accessed via queries internally or externally. We frequently rotate API access keys & passwords, require multi-factor authentication to access all infrastructure & internal resources, and all infrastructure is protected by several Virtual Private Clouds (VPCs).