Privacy Policy
At CoreStilus, we operate under the principle of Cognitive Sovereignty. In the sectors of Insurance, Banking, and Strategic Consulting, your data is your competitive moat. Our mission is to audit your logic, not to harvest your intelligence.
1. Data Collection & Purpose
We collect only the minimum data necessary to facilitate your Logic Audits:
- Account Information: Email and billing details required for subscription and identity verification.
- AI Processing Inputs: Any text or documents you submit for analysis are used strictly to generate your audit report. These inputs are processed in a temporary secure buffer — AI processing inputs are not retained after your audit output is generated and are never written to persistent storage.
- Saved Documents & Analysis Caches: Documents you save in the workspace, along with their associated AI analysis results (distill summaries, logic audits, mandate structures, argument flows, and dependency maps), are stored in a private, isolated directory linked exclusively to your account. These files are never shared with other users or third parties and are not used for AI training purposes.
2. The "No-Training" Covenant (Our Core Promise)
Unlike generic AI tools, CoreStilus provides an enterprise-grade privacy guarantee:
- Zero Training: We never use your uploaded business strategies, proprietary insurance logic, or sensitive data to train, tune, or improve public Large Language Models (LLMs).
- Isolation: Your strategic "Secret Sauce" remains isolated within your private account workspace. No user can access another user's files, documents, or AI analysis results.
3. Data Retention & User Control
We give you full control over your data:
- AI Processing Buffer: AI inputs are processed in a temporary secure buffer. Once your audit output is generated, these inputs are purged from the active processing buffer — no AI training, no residual copies.
- Private Document Workspace: CoreStilus provides a server-side workspace where your documents and AI analysis caches are securely stored. All files are stored in a private directory linked to your account and are accessible only to you. Analysis caches (logic audit results, mandate structures, argument flows) are stored alongside their source document and deleted when the document is deleted.
- User Control: You have the absolute right to delete any saved document and its associated analysis results, or your entire account, at any time. When you delete a file or your account, all associated data — including AI analysis caches — is permanently removed from our systems.
- Session Cache: For performance, your browser may temporarily cache document content and analysis results in local storage. This cache is session-bound and not shared with any third party.
4. Encryption & Security Standards
We employ industry-standard security protocols to protect your intellectual property:
- Encryption in Transit: All data transits through TLS 1.2+ encrypted channels.
- User Isolation: Each user's workspace is stored in a private, isolated directory. Server-side access controls enforce that only the authenticated account owner can read or write their files.
- Access Control: No human staff at CoreStilus will ever view your audit inputs or saved documents unless you explicitly grant permission for technical troubleshooting.
5. Third-Party Infrastructure
To maintain the highest level of performance, we utilize secure, world-class infrastructure providers (such as cloud hosting and the OpenRouter AI gateway). These partners are bound by strict data privacy agreements that prevent them from accessing or using your data for their own purposes. AI completions are routed through OpenRouter under enterprise-grade privacy agreements — your content is not retained by AI providers after processing.
6. Compliance with Laws
This Privacy Policy is governed by the laws of the Socialist Republic of Vietnam. We strive to maintain global standards of data protection (including PDPA alignment), ensuring that your rights are respected regardless of your jurisdiction.
7. Changes to this Policy
We may update this policy to reflect changes in our architecture. Users will be notified of any significant changes that impact their data sovereignty.
8. Contact the Architect
For any inquiries regarding your data privacy or security architecture, please contact us at: hello@hogoflow.com.