Privacy Policy

1. Data we process

We may process:

• Account & billing: name, email, organization, and payment metadata processed by our payment provider.
• Evidence content: screenshots, extracted metrics, hashes, and audit metadata you submit to certify evidence — processed to deliver verification, seals, and exports.
• Technical data: IP address, browser type, and cookies as described in our cookie policy.

2. Purposes & legal bases

We use data to provide the service, secure accounts, improve reliability, and comply with law. Where GDPR applies, we rely on contract, legitimate interests (security and product improvement), and consent where required.

3. Subprocessors

We use infrastructure and AI providers (for example hosting such as Supabase, model providers for VLM extraction, and analytics). They process data under agreements that require appropriate safeguards.

4. Retention

We retain account and evidence data as long as your workspace is active and as needed for legal, security, and audit obligations. You may request deletion subject to applicable exceptions.

5. Your rights

Depending on your jurisdiction, you may have rights to access, rectify, delete, restrict, or port your data, and to object to certain processing. Contact us to exercise these rights.

6. International transfers

Where data is transferred across borders, we use appropriate safeguards such as standard contractual clauses when required.

7. Changes

We may update this policy; material changes will be communicated via the product or email when appropriate.