Doc-Salvage is an AI document management system for the workplace. It lets you store documents on Microsoft Azure, search them by meaning, process invoices into your accounting system, and collaborate through Microsoft 365 — all from one platform with pay-as-you-go pricing.

How much does Doc-Salvage cost?

Pricing is pay-as-you-go with no subscription or lock-in. Storage is $22 per terabyte per month, AI search is free, and document processing is $1 per invoice document. You only pay for what you use, billed per company account.

Does Doc-Salvage work with Microsoft 365 and SharePoint?

Yes. Doc-Salvage is built natively on Microsoft Azure and 365. Sharing, roles and access control are inherited from your Microsoft 365 directory, and users sign in with Microsoft Entra single sign-on. It is a practical alternative to SharePoint document libraries for storage, AI search and invoice processing.

Can Doc-Salvage automatically process invoices and post to my accounting system?

Yes. Doc-Salvage uses AI to extract totals, dates, vendor and line items from invoices and receipts, posts payables and receivables into your accounting system, reconciles entries against bank statements, and keeps a complete audit trail — with no manual re-keying.

Where are my documents stored and are they secure?

Documents are stored on Microsoft Azure inside your own cloud tenant, so your data stays in your control with the data residency you choose. Storage scales elastically from gigabytes to petabytes with automatic redundancy, and access is governed by Microsoft Entra single sign-on and your M365 permissions.

Can I search documents by their content?

Yes. Doc-Salvage AI reads the contents of every document, so you can search using natural language and find files by what they mean — across scans, PDFs and Office files — instead of remembering an exact filename or folder. Results respect your M365 permissions.

Security

Your documents. Your Azure. Your control.

When you store documents with Doc‑Salvage, they live in your own Microsoft Azure environment — not ours. BYBWE, the team behind Doc‑Salvage, never sees, stores, or touches your data. What you put in Doc‑Salvage stays entirely within your control.

Security isn't something we added to Doc‑Salvage. It's the foundation it was built on — powered by Microsoft Azure and Microsoft Entra ID, the same infrastructure trusted by enterprises worldwide.

Built for businesses that can't afford to get security wrong

ISO 27001 SOC 2 GDPR TLS 1.2 Microsoft Entra ID

Your data, your Azure

Most vendors store your data on their infrastructure. We don't.

When you install Doc‑Salvage, storage is provisioned directly into your own Microsoft Azure subscription. Your documents never pass through BYBWE's infrastructure — not during upload, not during storage, not at any point. BYBWE has zero access to your data, and that's by design, not just by policy.

If you ever decide to stop using Doc‑Salvage, your data stays exactly where it is — in your Azure tenant. Nothing disappears, nothing gets deleted, and nothing is held hostage.

Full ownership, always

See and manage your storage directly from the Azure portal at any time. Everything you store remains yours.

Completely isolated

No shared storage pools between businesses. Your documents sit inside your own Azure environment, separated entirely from every other customer.

Enterprise-grade foundation

Built on Microsoft Azure Blob Storage — the same infrastructure that powers some of the world's largest organisations, in your own subscription from day one.

Access & identity

Identity through Microsoft Entra ID — the platform you already use.

No separate user database, no new login system, no additional credentials. Your team signs in with their existing workplace credentials, and the access controls you've already built carry over automatically.

Multi-factor authentication

If MFA is enabled in your Entra ID tenant, it applies to Doc‑Salvage with no additional configuration. You stay in control of your own authentication policy.

Straightforward admin controls

Add users, remove users, and create groups directly from Entra ID — the same place you manage the rest of your Microsoft environment.

Instant offboarding

When a user is removed from Entra ID, their access to Doc‑Salvage is revoked immediately. No separate offboarding step, no loose access to clean up.

Full audit trails

Admins get full visibility into user activity — who accessed what, when, and what actions were taken. If something looks unusual, the trail is there to investigate.

Data protection

The full protection of Azure Blob Storage, inherited.

Here's what that means in practice for your business.

01

Encryption at rest

Every document is automatically encrypted inside Azure Blob Storage. No configuration required — encryption is on by default.

02

Encryption in transit

All data in motion is protected by TLS 1.2. Any request over an unsecured connection is rejected outright.

03

No anonymous access

Storage is locked to authenticated users only. No unauthorised party can reach your documents by guessing a URL.

04

Private endpoints

Traffic to your Azure Blob Storage never travels over the public internet — it moves through private network paths within your environment.

05

Threat detection

Microsoft Defender for Storage monitors in real time, flagging anomalies and alerting your subscription admins before they become incidents.

06

Deletion protection

Soft delete recovers accidentally deleted documents, and versioning keeps a history so previous versions can be restored. Resource Manager locks prevent storage accounts being deleted in error.

Third-party permissions

Integrations are powerful — and always on your terms.

Doc‑Salvage integrates with third-party applications, such as Xero, to support document processing workflows. But it never automatically shares your documents with any of them.

Third-party access only happens when you explicitly grant permission — scoped per application to exactly what it needs. An accounting integration like Xero only reaches the documents relevant to that workflow. Nothing more.

✓

Granted per application — no blanket access to your documents, ever.

✓

Visible and deliberate — your team knows exactly which applications have access and why.

✓

Reviewable and revocable — review or revoke any permission at any time.

Only connect applications you trust. Doc‑Salvage gives you the controls to make that decision carefully — and to change it whenever you need to.

Compliance

Built on infrastructure enterprises and regulators already trust.

By operating on Azure, Doc‑Salvage inherits its compliance certifications — maintained and updated by Microsoft on an ongoing basis. As they're renewed and extended, you benefit automatically, with no action required.

ISO 27001

Confirms the underlying infrastructure follows internationally recognised standards for information security management.

SOC 2

Azure's security controls have been independently audited and verified by a third party — not just claimed.

GDPR

Data handling meets European data protection requirements — a reliable foundation for businesses operating in or with the EU.

A smaller compliance surface for your business

Because BYBWE doesn't store customer data, your documents sit in your own Azure environment — governed by your own policies and covered by Azure's compliance framework, not a third-party vendor's.

Microsoft Trust Centre →

Secure by design. Simple by choice.

Security should give your business confidence — not complexity.

Book a demo and we'll walk you through exactly how your data is stored, who can access it, and how your Azure environment stays in control throughout.

Book a demo Download for Windows

Have specific security questions? Reach us at hello@bybwe.com, or see the pricing page.