Plain-English commitments. Last reviewed May 2026.
When you run an engagement in the Workbench, we store the structured artifacts — Promises, Receipts, Decisions, Risks, Chases, and the audit trail that links them — so you have a defensible record. Source documents you upload (SOWs, contracts, status emails) are processed in memory and the structured outputs persisted; raw bodies are not retained after processing unless you explicitly attach them to an engagement.
We don't share your engagement contents with vendors, partners, or any third party. We don't send your data to AI providers for training. We don't sell aggregated data. The only entities we send your data to are the infrastructure providers required to run the service:
Each operates under their own published privacy commitments.
If you sign in, we store your email address. That's the only personally identifying information we ask for. We use it to send sign-in links, notifications you opt into, and (rarely) administrative notices about the service.
You should not upload content you can't legally share. Before attaching SOWs, status emails, or any document with third-party identifiers, redact what your NDA covers. Our processing pipeline attempts to strip obvious name patterns before any LLM call, but you are the only person who knows what's sensitive in your context.
We set one session cookie after you sign in. It identifies your session for ninety days. We don't use third-party tracking cookies, advertising cookies, or analytics cookies that follow you around the web.
Clarify provides commentary and analysis based on knowledge of vendor and contractor delivery patterns. We are not your lawyer, your procurement officer, or your fiduciary. Recommendations are informational. Don't treat the output as legal advice or a substitute for reviewing your specific contract terms.
If a vendor, partner, or contractor believes specific guidance we've published misrepresents them, they can reach us at clarify@afigima.ai. We review every credible objection and update when warranted. We do not accept payment to alter or suppress our analysis.
Signed-in users can self-serve from your settings and use the Privacy section to delete engagements or your entire account. For requests outside the app, email clarify@afigima.ai and we'll process within seven days.
For procurement reviews, we publish a Data Processing Addendum tracking GDPR Article 28 sub-processor structure. No training on your data, no retention beyond the request. Download, sign, and return for countersignature:
If your legal team needs the customer entity name pre-filled, append ?customer=Your%20Legal%20Entity to the URL.
We'll update this page when our practices change and note the last-reviewed date at the top. Material changes will also be sent to signed-in users by email.
The short answers to the questions a procurement, legal, or security review will surface. Every answer is consistent with the sections above.
Where is the data stored?
Render-hosted Postgres, US-based. No multi-region replication outside the US. No customer data leaves the primary region.
Who has access?
Customer data is scoped to the workspace that produced it. Within Afigima, access is limited to the on-call operator for incident response; access events are logged. We do not browse customer engagements for product purposes.
Do you train on customer content?
No. Our LLM providers operate under no-training, no-retention agreements. Customer engagement content is never used to train a model — ours or anyone else's.
How is data encrypted?
TLS 1.2+ in transit. AES-256 at rest via Render-managed Postgres encryption. Session cookies are signed and HTTP-only.
What is the breach notification timeline?
If we discover a breach affecting your data, we will notify the workspace owner within 72 hours of discovery — sooner if regulatory timelines require it.
Sub-processor list?
Render (hosting + Postgres), Resend (transactional email), and the LLM provider listed in your active engagement's metadata. The full list with current versions is in the DPA.
Data deletion on exit?
Within seven days of request. We provide an export packet (CSV + JSON + hashes) before deletion so you leave with a copy of what you produced.
Audit logs?
Every Promise, Receipt, Decision, Chase, and Export carries a timestamp, an actor, and a SHA-256 hash. Workspace-scoped activity is exportable. The hash chain is verifiable at /verify.