Privacy Policy
Last updated: pending F3 Law review
Data we collect
Project records you upload (drawings, verified reports, contracts, correspondence). Architect/engineer/PI license numbers and contact information. Workflow events (document classifications, gap analyses, drafts, signatures). Billing information (via Stripe).
How we use data
We use uploaded documents and project metadata to power the agent workflow. Inputs to large language models pass through a PII redaction layer before being sent to Anthropic via AWS Bedrock. Document content is stored encrypted at rest in private Vercel Blob storage. We do not train any third-party model on customer data.
Subprocessors
AWS Bedrock (us-west-2 region), Anthropic (LLM inference via Bedrock), Vercel (hosting, blob storage), Neon (Postgres database), Clerk (auth), Inngest (background jobs), Stripe (billing), Resend (email), Sentry (error monitoring), Axiom (audit log archive).
Data retention and deletion
Project records are retained for the duration of your subscription plus 90 days. Audit log entries (hashed prompts, token counts, latencies — not raw content) retained 7 years for legal defensibility. Customers may request deletion at any time.
Your rights
California residents have rights under the CCPA / CPRA including right to access, delete, and opt out of "sale" or "sharing" of personal information. We do not sell or share personal information.
Contact
privacy@dsacloseout.com