Clear boundaries on data handling and system guarantees.
Effective Date: March 1, 2026
1. Data Processing
Your submitted logs and incident notes are processed solely for the purpose of generating a structured Root Cause Analysis (RCA) report.
Processing is performed in-memory where possible. Logs are
not stored by default.
We do not sell, share, or commercially redistribute user-submitted data.
While we implement strict safeguards, users are strongly advised to remove sensitive PII (e.g., passwords, access tokens, personal identifiers) before submission.
2. Data Retention
By default, submitted logs are not persisted after processing.
Optional features (such as email delivery or downloadable reports) may require temporary retention for operational purposes.
If temporary retention is required, the duration will be explicitly disclosed and minimized.
We do not maintain long-term historical log storage unless explicitly enabled by the user.
3. Model Training & Data Isolation
User-submitted logs are
not used for model training, fine-tuning, or dataset enrichment.
No cross-customer data mixing occurs.
Each analysis request is processed independently.
We do not build behavioral profiles from user-submitted content.
4. Security Practices
Data is transmitted over encrypted connections (HTTPS).
Access to production systems is restricted and monitored.
We apply principle-of-least-privilege practices in infrastructure design.
Enterprise deployments (VPC / on-premise) are available for high-sensitivity environments.
5. System Boundaries & Guarantees
This tool is a decision-support system.
It does not guarantee absolute root cause correctness.
It is not a fully automated incident response or remediation platform.
It does not provide legal, regulatory, or compliance advice.
Users remain responsible for validating findings before taking action.
6. Enterprise Deployment
On-premise or private VPC deployment is available upon request.
Custom data governance and retention controls can be configured for enterprise customers.