WITAN

Witan Exec · Render · Calc · Lint · Alternatives · Pricing · Agent Skills · Install Witan

---

# Security & data handling

Witan is an API service. Spreadsheet files are sent to `api.witanlabs.com` for
server-side processing (render, calc, lint, and exec).

## Data handling modes

### Default mode

- Files are uploaded and cached server-side by content hash.
- Cached files are scoped to your organization and role. API keys can access org-level files; org members can access org-level files and their own user-scoped files.
- There is no cross-organization file access.
- Retention window is short and limited to service operation needs.

### Stateless mode (`WITAN_STATELESS=1`)

- Files are processed in memory and immediately discarded.
- No workbook content is retained after the request completes.
- Useful for sensitive financial and regulated data workflows.

Enable stateless mode:

    export WITAN_STATELESS=1
    witan xlsx render report.xlsx -r "Sheet1!A1:Z50"

On Windows (PowerShell):

    $env:WITAN_STATELESS = "1"

## Encryption and transport

- In transit: HTTPS (TLS).
- At rest: encrypted storage for non-stateless requests.

## Network requirements

Outbound host allowlist:

- `api.witanlabs.com` on port `443` over HTTPS.

No additional outbound hosts are required by the CLI.

## Retry behavior

The CLI retries transient failures with exponential backoff:

- Retryable status codes: `408`, `429`, `500`, `502`, `503`, `504`.
- Network and timeout errors are retryable.
- Most other `4xx` errors fail immediately.

## Supported file types

- `.xlsx` (Office Open XML)
- `.xls` (Excel 97-2003)
- `.xlsm` (macro-enabled; macros are preserved but not executed)

## Compliance

- DPA available on request via security@witanlabs.com
- SOC 2 Type I certified

## Responsible disclosure

Report vulnerabilities to security@witanlabs.com.
We acknowledge reports within 48 hours.

---

© Witan Labs Inc. 2026
hello@witanlabs.com · API Docs · GitHub · Research · Terms · Privacy

How your files are handled, what we store, and how to control it.

Overview

Witan is an API service. Your spreadsheet files are sent to api.witanlabs.com for server-side processing — rendering, recalculation, linting, and search all happen on our infrastructure. This page explains exactly what happens to your data.

Two data modes

Every API request operates in one of two modes. You choose which one.

Default: cached mode

Files are uploaded once and cached server-side by content hash. When you run a command against the same file, the CLI detects the match and skips the upload. This is faster for iterative workflows where you render, edit, render, edit the same file repeatedly.

• Cached files are scoped to your organization and role. API keys can access org-level files; org members can access org-level files and their own user-scoped files.
• There is no cross-organization file access.
• Cache entries are automatically evicted after a retention period.

Stateless mode (WITAN_STATELESS=1)

Files are sent with every request, processed in memory, and immediately discarded. Nothing is written to disk. No data is retained after the response is returned.

• Higher latency — every command re-uploads the full file.
• Zero server-side data retention.
• Use this when working with sensitive data that must not be stored on third-party infrastructure, or when your compliance requirements mandate it.

export WITAN_STATELESS=1
witan xlsx render confidential-report.xlsx -r "Sheet1!A1:Z50"

Security

SOC 2 Type I	Certified. Type II observation period in progress.
Encryption in transit	All connections use TLS. The CLI communicates exclusively over HTTPS (port 443).
Encryption at rest	All stored data (cached files, logs) encrypted with AES-256.
Access isolation	Uploaded files are organization-scoped with role-based access controls. There is no cross-organization access.
No training use	File contents are never used for model training, analytics, or any purpose beyond serving your API request.
No third-party sharing	File contents are not shared with third parties.

Infrastructure

Cloud provider	Amazon Web Services (AWS)
Data residency	US by default. Single-tenant deployments in custom regions are available — get in touch.
Self-hosting	Witan can be deployed on your own infrastructure for full data sovereignty. Contact us to discuss.

Network requirements

The CLI needs outbound HTTPS access to a single endpoint:

Host	Port	Protocol
api.witanlabs.com	443	HTTPS

No other outbound connections are made. If your environment uses an allowlist or egress firewall, add this single host.

Retry behavior

The CLI automatically handles transient failures so your agent doesn't have to.

• Per-attempt timeouts — each request has an individual timeout.
• Retryable status codes — 408, 429, 500, 502, 503, 504, and network/timeout errors are retried with exponential backoff.
• Non-retryable errors — other 4xx responses (authentication failures, bad requests) fail immediately. No retries.

Your agent sees either a successful response or a final error — never a transient failure it needs to handle itself.

Supported file types

Extension	Format
.xlsx	Excel workbook (Office Open XML)
.xls	Excel 97–2003 workbook (legacy binary format)
.xlsm	Macro-enabled Excel workbook (macros are not executed)

Compliance

DPA	A Data Processing Agreement is available on request. Contact us.
SOC 2	Type I certified. Type II observation period in progress.

Responsible disclosure

If you discover a security vulnerability, please report it to security@witanlabs.com. We will acknowledge receipt within 48 hours and work with you on a fix before any public disclosure.