Cloud OCR SDK - FAQs

Getting started

How to start development?

  1. Create your personal developer account for free
  2. Register an application
  3. Start testing here:

What is the technical base of the online SDK?

  • The Online OCR SDK is based on FineReader Engine 11 (Win)
  • The Engine can be accessed through a special API using RESTful web-service calls
  • Since the Online OCR SDK service is built on Microsoft Azure Cloud infrastructure, stability and scalability will not be an issue.

Where can I find the developer agreement?

  • When you register your developer account, the Developer Agreement is displayed and has to be accepted.
  • The latest version can be found here:

Where can I find the AppID?

  • During registration of your developer account you specified an AppID - read more...

How to get technical support?

  • ABBYY customers that have a contract based subscription can contact ABBYY Technical support directly. They do not have to post their questions publicly online ;-) - but if they are of general/public interest, you, of course, can start a new discussion in the forum

Data security & protection

Where are the documents processed?

Developer deploying the ABBYY Cloud OCR SDK into his application can select from two data processing locations:

  • European Union (The Netherlands)
  • United States of America (Added: April 2019)

How do I define the processing location?

You have to define the processing location during the step of creating your app.

What if you need to change the processing location in your existing app? Once you have created your application, you cannot change the data processing location. If you already use European Union as data processing location in your application, and would like to add the USA as a new processing location, you must create a new application - and select the USA as a data processing location in this new application.

How long will ABBYY store any data?

  • ABBYY OCR SDK will automatically schedule any uploaded image for deletion once any of the following conditions is met:
    • forty-eight hours after an image has been uploaded to the Service;
    • twenty-four hours after an image has been processed by the Service.
  • If the deleteTask Method is called, then the data is deleted from the system immediatelly.
  • ABBYY will not store your data when the original files were deleted
  • If the company has a subscription contract with ABBYY EU, this agreement also forces the developer to delete within 24 hours after the job was processed. The data deletion is also written in the addendum for Commissioned Data Processing (“Auftragsdatenverarbeitung”) that can be an addendum to the contract.


Is ABBYY Cloud OCR SDK certified?

  • Yes, the ABBYY Cloud OCR SDK service received the SOC 2 Type 1 (Service Organization Control report) certification from PriceWaterhouse in June 2017.

What is exactly certified by the SOC report?

  • It is certified that the ABBYY Cloud OCR SDK service is compliant with regulations set forth by AICPA, the American Institute of CPAs (CPA = Certified Public Accountant) with respect to security, availability, processing integrity confidentiality, or privacy.

See here for more details

What does the SOC 2 report of ABBYY Cloud OCR SDK contain?

  • The report consist of 4 parts:
  1. Description of the ABBYY Cloud OCR SDK Service.
  2. (ABBYY) management’s written assertion of the service organization regarding the description of the service organization’s system and the suitability of the design and the operating effectiveness of the controls in meeting the applicable trust services criteria.
  3. Service auditor’s (PwC) report that contains an opinion on the fairness of the presentation of the description and the suitability of the design and operating effectiveness of the controls to meet the criteria.
  4. A description of the service auditor’s (PwC) tests of controls and the results of the tests.

What does the SOC 2 certification of the ABBYY Cloud OCR SDK mean for customers?

  • SOC 2 certification means that customers can trust that ABBYY has established and follows strict information security policies and procedures, encompassing the security, availability, processing, integrity and confidentiality of customer data. The SOC 2 certificate confirms that ABBYY’s information security measures are in line with the unique parameters of today’s cloud requirements. ABBYY believes that together with the fact that ABBYY Europe acts according to the German data protection law the SOC 2 report of ABBYY Cloud OCR SDK helps ABBYY customers that use the service to proof that they are working in accordance with the EU data protection laws.

Does the SOC 2 certificate mean that ABBYY Cloud OCR SDK is compliant with EU data protection laws?

  • On the one hand, the SOC 2 report does not only cover security, data protection and privacy but also assesses processing integrity and availability of the service. In this respect, its scope is broader than the EU data protection laws. On the other hand, it is a standard defined by an US American institution, which means that is not related to EU data protection laws per se. However, the principles that are audited and certified are the same as required by the EU data protection laws. Together with the fact that ABBYY Europe acts according to the German Data Protection law (which is the national version of the EU law) this means that ABBYY Europe can offer a Cloud Service that is compliant with the EU data protection laws.
  • For processing personal data with Cloud OCR SDK it is still necessary that the customer closes the appendix for Commissioned Data Protection because of two reasons:

a) In the appendix ABBYY Europe guarantees processing of the data in the EU which is a prerequisite of being compliant with the EU laws for processing personal data.
b) The data protection law requires a written agreement for commissioned data processing that exactly described what data is processed, how it is processed, stored, deleted, etc.

This means that the appendix is needed for each project. In addition, in the agreement the data protection measures of the service provider (processor, ABBYY) have to be described. These data protection measures have to meet certain standards according to the EU data protection laws. According to the law, the customer of the service (controller) is required to make sure that the processor (ABBYY) adheres to these standards. The SOC 2 certification of the ABBY Cloud OCR service together with the fact that ABBYY Europe operates according to the German data protection law helps the ABBYY customer (controller) to meet this requirement.

Back to:

This website uses cookies which enable you to see pages or use other functions of our websites. You can turn off such cookies in your browser’s settings. If you continue to use these pages, you consent to the use of cookies.