Data & AI Governance
Written in plain English for a customer's IT and security review. This project handles customer-confidential industrial data; isolation and restraint are design principles, not afterthoughts.
Your data is never used to train AI models
Document processing uses the Anthropic API, which does not train its models on data submitted through the API. Your transcripts, emails, commitments, and reports are used only to produce your results — never to train or improve any model.
Data flows to exactly two processors
Uploaded files and extracted data are stored in Supabase (managed Postgres, file storage, and authentication). Text is sent to the Anthropic API for extraction, report generation, and chat. No other third party receives your project data. Document embeddings are generated inside Supabase and never leave it.
Per-organization isolation, enforced by the database
Every row of customer data is scoped to an organization and protected by Postgres Row Level Security (RLS). Isolation is enforced by the database engine on every query — not only by application code — so one customer's data can never be returned to another, even in the event of an application bug. The isolation model is documented in ARCHITECTURE.md and we can walk your security team through it.
Humans stay in the loop
AI-extracted commitments land in a pending-review state and enter the accountability ledger only after a person approves them. Generated status reports are drafts until explicitly approved. Nothing is ever sent externally on your behalf automatically.
Full audit log
Uploads, approvals, edits, report generation and approval, and exports are recorded in a per-organization audit log with the acting user and timestamp.
Retention and deletion
Organizations can set a retention window after which source documents are deleted while the structured ledger is retained. Documents and data are deleted on request. Because there is no lock-in, you can export all of your commitments, reports, and audit history at any time.
Usage metering
AI usage is metered per organization (tokens and estimated cost per document processed and per chat message) so cost is transparent.
Questions from your security team? pilots@moderngridgroup.com