Security & data handling.
We handle commercially sensitive contracts. Here is exactly how your data is protected, processed, and deleted.
1. NDA before any data is shared.
Every engagement begins with a DocuSign-executed NDA. No contract data, no deal terms, no commercially sensitive content is uploaded until the NDA is countersigned by both parties. The upload form is physically hidden behind the NDA gate and only rendered after execution.
The NDA is executed via embedded DocuSign signing — you sign without leaving our platform, and we countersign automatically using a pre-authorized operator signature. A copy is delivered to your email immediately upon execution.
NDA template available upon request. Contact studio@auriflow.com for a copy before signing.
2. Your contracts are never used to train AI.
Auriflow Studio uses Anthropic's Claude API exclusively for all AI processing. Under Anthropic's Commercial Terms of Service, inputs and outputs from API calls are not used to train Anthropic's models. Anthropic retains API data for a maximum of 30 days for trust and safety review only, after which it is deleted.
No third-party AI tools — no OpenAI, no Gemini, no other providers — touch your contract data. Anthropic Claude API is the only model that processes your documents.
Anthropic's position on API training data:
"We do not use your data submitted through the API to train our models without your explicit permission."
Verify this at privacy.claude.com3. Encryption at rest and in transit.
All uploaded files are encrypted at rest in Supabase Storage with AES-256. Database fields containing extracted contract terms are stored under row-level security (RLS) policies that restrict access exclusively to your account.
All communications between your browser and our servers use TLS 1.3. We do not serve any pages or assets over unencrypted HTTP.
- ✓AES-256 encryption for all stored files
- ✓Row-level security: your data is queryable only by your account
- ✓TLS 1.3 for all connections
- ✓Storage bucket is private: no public URLs, signed URLs only with 24-hour expiry
4. Access is limited to the operator building your model.
Only the Auriflow Studio operator — the human modeling your engagement — has access to your contract during the active modeling window. No third parties, no subcontractors, no offshore teams. This is a one-person operation.
The operator accesses your files through an authenticated internal dashboard. All access is logged to your engagement's audit trail, which is visible in your customer dashboard.
5. You control your data. Permanently.
You can delete your engagement and all associated files with a single click in your dashboard. This action:
- ✓Purges uploaded contract files from Supabase Storage immediately
- ✓Removes extracted contract terms from the database
- ✓Anonymizes personally-identifying fields within 24 hours
- ✓Retains only anonymized audit log entries required for legal record-keeping
Deletion is permanent and cannot be undone. A confirmation email is sent upon completion.
6. Full audit trail in your dashboard.
Every action on your engagement — file upload, NDA execution, AI processing, status changes, deliverable downloads, deletion — is logged with timestamp, actor, and action type. The customer-readable subset of this audit log is visible in your dashboard at any time.
Questions about our security practices? Contact us. We respond within one business day.