Trust Center
ClauseShift trains no AI of its own.
We do not save the contract document as part of your account. Third-party AI and transcription providers process submitted content under their own terms. We do not currently know or claim whether those providers use submitted content for model training.
Controls current as of July 17, 2026
Data handling
Source documents
Submitted text and files are processed to generate a report. The source document is not saved to your account. When resumable processing is enabled, an AES-256-GCM encrypted job may hold it temporarily; the payload is cleared on terminal completion and the job expires within 24 hours.
Generated reports
Reports are saved to the user account for sync and history. Users can export, delete, restore from Trash, or delete permanently.
Retention
Trash is permanently purged within 30 days. Read-only report links expire after 30 days and can be revoked sooner.
Account control
Account deletion removes the account and associated reports. A machine-readable account export is available from Settings.
Security controls
- HTTPS-only production traffic and strict browser security headers
- Owner-scoped PostgreSQL row-level security
- Server-side purchase verification and webhook idempotency
- Encrypted transient payloads for resumable review jobs
- App reports excluded from Android cloud and device-transfer backups
- PII-restricted crash reporting with mobile pre-send scrubbing
- Encrypted nightly database and environment backups
- Automated backup restore validation and payment reconciliation
Service providers
These providers receive only the data needed for their role. Their own terms and policies also apply to their processing.
Questions or a security report?
Use the contact page and choose Technical issue. Do not send contract content, passwords, tokens, or private keys in the report.