How does ZeroH Privacy Cloud protect documents on Google Drive and SharePoint?

ZeroH sits as a preprocessing layer between your users and cloud platforms. Documents are versioned, privacy-checked against regulatory policies (Qatar PDPPL, AAOIFI, QFC), and stored on IPFS Qatar nodes before being released to the cloud platform. Every version is anchored on Hedera with a Verifiable Credential.

What is the difference between Draft and Anchored documents?

Draft documents are work-in-progress edits that have not been privacy-checked or anchored. They show a yellow "Draft" badge and cannot be shared. Anchored documents have passed privacy policy checks, are stored on IPFS, anchored on Hedera with a Verifiable Credential, and show a green "Anchored" badge with a version number.

How does tamper detection work?

Every anchored document version has its content hash recorded on Hedera. If the document is modified outside of ZeroH (directly on the cloud platform), the hash mismatch is detected, the file is quarantined, and the DPO is alerted with full forensic details.

Where is document data stored?

Original documents are stored on IPFS nodes hosted in Qatar, ensuring data residency compliance. Only privacy-processed versions are released to cloud platforms. Metadata and audit events are anchored on Hedera Hashgraph.

ZeroH Privacy Cloud — Deterministic Data Privacy

Deterministic Privacy for Cloud

Your documents. Your rules. Zero compromise.

No AI. No probabilistic outputs. Fully rule-based regulatory compliance. Data never leaves on-premise / on-soil infrastructure. Every document is version-controlled, stored on Qatar IPFS nodes, and anchored on Hedera before touching any cloud platform.

Works with your existing stack

SharePoint

Google Drive

On-Premise Data Residency

Sensitive data stored on-site / on-premise — only redacted documents reach the cloud

Selective Disclosure by Role

An auditor sees financial terms but not client PII. An external party sees only the redacted version. Same document, different views, determined automatically by who is signed in

Ali Insights

Deterministic, regulation-based document analysis — no AI required

Version Control

Draft and Anchored states for every document

Continuous Compliance Monitoring

Documents uploaded or edited directly in the cloud are automatically scanned for unclassified PII. Non-compliant files are quarantined with access revoked, and compliance officers are notified

Proof Pack

The evidence package that gets cloud approved by your regulator. Every document action produces cryptographically verifiable artifacts — ready to attach to your next compliance filing

Selective Disclosure

One Document. Five Views. Zero Risk.

The same employment contract shared across HR, Finance, Legal, an external advisor, and AI — each seeing only the fields they need. Powered by BBS+ cryptographic proofs.

ProtectedRegulated PII — cannot be overridden

HiddenSensitive — hidden by default, authorized reveal possible

VisibleNon-sensitive metadata — visible to all authorized roles

Staff Employment & Compensation Contract

20 Visible0 Hidden

PEmployee NameSarah Al-Thani

PQatar ID28476019352

PDate of Birth1988-03-14

PBank Account (IBAN)QA58 DOHA 0000 1234 5678 9012 3

PHome AddressVilla 42, Al Dafna, West Bay, Doha

HBase SalaryQAR 45,000/month

HHousing AllowanceQAR 12,000/month

HBonus Structure15% annual performance bonus

HProbation Terms6 months with 30-day notice

HTermination Clause90-day notice, 3-month severance

HNon-Compete12 months post-termination in GCC

HShariah Compliance RefSCR-2024-QA-0847

VContract TypeFull-Time Employment

VDepartmentRisk & Compliance

VStart Date2024-09-01

VDuration2 years (renewable)

VGoverning LawQatar Labour Law No. 14 of 2004

VJurisdictionState of Qatar

VCurrencyQAR (Qatari Riyal)

VLast Modified2024-08-15T14:30:00Z

Why HR Director sees this view

HR Director has unrestricted access to all contract fields — PII, financial, and metadata. This is the only role that sees Protected data. Full access is required for employment lifecycle management.

Ali Insights

Deterministic Document Analysis

Rule-based regulatory analysis. Every suggestion is traceable to a specific regulation article. No AI. No probabilistic outputs. Only what you allow is redacted.

DeterministicRule-BasedNot AIFull HITL ControlAuditable

Source Document

mudarabah-agreement-2026.pdf

Islamic Finance Contract

Document Type

Mudarabah Finance Agreement

Counterparty

Al Rayyan Holdings International Ltd.

Facility Amount

QAR 45,000,000

Profit-Sharing Ratio

70:30 (Rabb al-Maal : Mudarib)

Guarantor

Khalid Al-Thani, CEO

Shariah Board Approval

Pending reference

Governing Law

State of Qatar

Net Worth Covenant

QAR 120,000,000

PII Detected4 fields flagged for redaction

Ali Insights (5 remaining)

AddRequiredAAOIFI FAS 4 §12.3

Add explicit disclosure of profit-sharing methodology and basis of calculation

FAS 4 §12.3 requires transparent disclosure of the basis upon which profit is calculated and distributed between Rabb al-Maal and Mudarib

ModifyRequiredQatar PDPPL Art. 14

Redact guarantor identity and reference number; classify as Protected

Personal guarantor details constitute personal data under PDPPL Art. 14 and must not be transmitted to cloud platforms without explicit consent

AddRequiredAAOIFI Governance Std §5

Include Shariah board member names and resolution reference in compliance section

AAOIFI Governance Standard §5 requires identification of Shariah board members who approved the transaction structure

ModifyRecommendedQFC DPR 2005 Art. 7(2)

Hide exact facility amount for cloud distribution; classify as Hidden

QFC Data Protection Regulations 2005 Art. 7(2) — financial amounts should be hidden when shared with third-party platforms

RemoveRequiredQatar PDPPL Art. 3

Remove signatory names from cloud-distributed version

Individual names of authorized signatories are personal data; PDPPL Art. 3 defines natural person data as protected

How It Works

Every file passes through a privacy-first pipeline before touching any cloud platform or AI system.

ZeroH Engine

Privacy preprocessing — classification, policy mapping, version control

Document classification against regulatory policies
AAOIFI FAS 4, Qatar PDPPL, QFC Regulations
AI-assisted compliance suggestions
Version control: Draft → Anchored lifecycle

Regulatory-Ready Evidence

Proof Pack

The evidence package that gets cloud approved by your regulator. Every document action produces cryptographically verifiable artifacts — ready to attach to your next compliance filing.

Data Processing Agreement

DPA

AI data processing terms generated by ZeroH.

Generated

Privacy Impact Assessment

PIA

AI-assisted privacy risk assessment per Art 10.

Generated

Data Classification Report

DCR

Field-by-field A/B/C classification with rationale.

Generated

ROPA Entry

ROPA

Auto-generated from data classification analysis.

Generated

AI System Risk Assessment

AISRA

Risk evaluation per QCB AI Guideline requirements.

Generated

QCB Approval Request

QAR

Draft autonomous AI processing approval for QCB submission.

Generated

Regulatory Compliance Matrix

Regulation	Requirement	Status	Evidence
DH Art 6.1Controllers must classify personal data by sensitivity level (A/B/C) before any processing, storage, or cross-border transfer.	Data Classification	SATISFIED	Data Classification Report
DH Art 7.6Personal data of Qatar residents shall be stored and processed on infrastructure physically located within the State of Qatar.	Qatar Data Residency	SATISFIED	ROPA Entry
DH Art 10A privacy impact assessment must be completed prior to processing that is likely to result in high risk to the rights of data subjects.	Privacy Impact Assessment	SATISFIED	Privacy Impact Assessment
DH Art 13.4AI systems processing personal data require a dedicated risk assessment covering algorithmic bias, explainability, and human oversight.	AI Processing Assessment	SATISFIED	AI System Risk Assessment
CC Art 21.4Cloud computing services used by QCB-regulated entities must process and store data within Qatar unless explicit regulatory approval is granted.	Processing in Qatar	SATISFIED	Data Processing Agreement
CC Art 20Cryptographic keys must be managed under HSM controls with full audit trail. Key operations shall be logged and independently verifiable.	Key Management & Audit	SATISFIED	QCB Approval Request
AI Art 1All AI systems deployed within QCB-regulated scope must be registered with classification of risk level, purpose, and data categories processed.	AI System Register	SATISFIED	AI System Risk Assessment

Experience the Workspace

Step inside hyper-realistic platform demos. See exactly how ZeroH integrates with the tools you already use — upload, edit, share, all privacy-anchored.

SharePoint

Browse document libraries, use the command bar, sort and filter with ZeroH status

Google Drive

Coming Soon

Navigate folders, right-click for ZeroH actions, view anchored file metadata

Launch Workspace Demo

Get Started

Ready to Protect Your Cloud?

See how ZeroH Privacy Cloud handles your regulatory framework and document workflows. Private demo, no commitment.

privacy@bladelabs.io·

Doha, Qatar·Prague, Czech Republic