Privacy
We hold the least data we need to run your experiments, keep it isolated per tenant, and delete it on your schedule. This page is a plain-English account of what we collect and why.
Last updated: 2026-06-23.
Solely to operate the service: to run your propose→evaluate→ certify loop, to score predictions you request, to enforce quotas, and to bill usage. We do not sell data, and we do not train shared models on one customer's data for another customer's benefit.
Each tenant's datasets, runs, and labels are stored under a per-tenant namespace and scoped by tenant on every read. API access is bearer-token authenticated; a token only ever resolves to its own tenant.
You can delete a dataset at any time, and we honour deletion requests for your uploaded data and labels on the schedule you set. When you close an account we remove your data within a bounded window. Audit records that make a result reproducible (pre-registration digests, gold-snapshot hashes, run manifests) are retained without the underlying raw text where you have asked for the raw data to be removed.
We use a small number of infrastructure providers (hosting, database, object storage) and an LLM provider to run the platform models. We will keep an up-to-date list available on request and notify design partners of material changes under their agreement.
You can export your audit artifacts, request a copy or deletion of your data, and opt into a private deployment (see Security) where your data never leaves your environment.
Privacy questions and data requests: kodycoppock@gmail.com.