Frequently Asked Questions

Capsara is a secure, retained data exchange designed for regulated industries. It enables organizations to exchange documents, messages, images, and structured data using sender-controlled encryption, with repeat access by authorized parties over time.

Organizations are onboarded through Capsara's provisioning process. During setup, encryption keys are generated and delegate access is configured for authorized systems and platforms.

Capsara supports all data types. Payloads are encrypted at the binary level, allowing documents, images, videos, spreadsheets, and structured data to be exchanged without format restrictions.

Yes. Plans are designed for distinct roles in the insurance ecosystem. Essentials supports agencies receiving data. Platform supports technology providers acting as delegates. Enterprise supports carriers and high-volume senders. Plans are not interchangeable and reflect fundamentally different usage patterns.

All encryption and decryption occur locally with senders and authorized recipients. Encryption keys are never transmitted to or accessible by Capsara. Stored data remains encrypted at all times.

No. Capsara cannot view, inspect, analyze, or mine exchanged data. Encrypted payloads remain opaque to the platform.

Capsara uses modern, standards-based cryptography, including AES-256-GCM for payload encryption, RSA-4096-OAEP for key encryption, and SHA-256 for integrity verification. Supported algorithms align with FIPS 140-2 guidance.

Encryption keys are required to decrypt data. If a key is lost, any data encrypted with that key is permanently inaccessible and cannot be recovered. Keys should be backed up securely.

Capsara is designed to support regulatory requirements for data protection in insurance and other regulated industries. Compliance documentation is available upon request.

A Capsa is a retained, encrypted exchange unit used to securely distribute data. The term comes from the Latin capsa, meaning a container or box, and reflects its role as a secure vessel for exchanging information. A Capsa contains encrypted payloads and metadata and has a unique encryption key. That key is encrypted separately for each authorized recipient or delegate, allowing multiple parties and systems to access the same data independently over time. The terms Capsa and envelope are interchangeable and refer to the same concept within the platform.

A delegate is an authorized system or platform that can access Capsas on behalf of an organization. Delegates enable automated processing without shared credentials or key exposure.

Authorized systems retrieve Capsas in real time, on demand, or on a scheduled basis. Delivery mode is controlled by the receiving system.

Capsara emits delivery and access events as they occur. Event streams can be consumed for automation, synchronization, and audit purposes.

Yes. Capsara provides APIs and SDKs for .NET, TypeScript, and Java. Platforms integrate once and support multiple organizations through delegated access.

Retention Based Storage mirrors cloud storage models. Pricing is based on how much data is retained and for how long, measured continuously and calculated daily. There are no per-message or per-file fees.

The sender is responsible for storage associated with retained data. Receiving data does not consume storage capacity.

Additional storage capacity is added automatically as usage grows. Enterprise customers can plan and allocate capacity as required.