How we handle your data.
Lawyers care about this and so do we. Plain-language summary first; full policy lands before public launch.
Draft — counsel review pending
Zero retention with the model provider
We send your prompts to Anthropic's API with zero data retention configured at the model layer. Anthropic does not store your conversations after they're processed, and they are not used to train models.
Encryption at rest
All conversations, files, and account data are encrypted at rest in our database (Supabase Postgres) and object storage (Google Cloud Storage). All connections use TLS 1.2+.
Per-customer data isolation
Every record in our system is scoped to your account and team. Memory, files, and conversation history from one customer are never reachable in another customer's session — enforced both at the database query layer and during agent runtime.
Deletion on request
Close your account and we delete your data within 30 days. You can also delete individual conversations, files, and remembered facts at any time from inside the app.
Where your data lives
United States. Cipher runs on Google Cloud (Iowa region) and Vercel (US edge). Data residency options for non-US customers are on our roadmap.
What we collect
Account email, billing details (handled by Stripe — we never see card numbers), conversation contents, files you upload, and anonymized product analytics (Vercel Analytics, no third-party ad networks).
Questions? Email privacy@example.com.