Ingest
Customer uploads (CSV/Excel) and connector syncs (Linear, Jira, Notion, Confluence) are received over TLS 1.3, validated, and persisted in Neon (Frankfurt).
← Back to Trust Center
DATA HANDLING
How your data flows
From ingest to deletion — each type of data, where it is stored, and for how long.
- 01
- 02
AI processing
AI features send prompt + relevant context to Anthropic (US). Zero-data-retention is configured. No model training on customer data. Audit trail in ai_classifications + ai_input_references.
- 03
Storage
All customer data in Neon (eu-central-1, Frankfurt). Transparent AES-256. Workspace isolation is enforced at the query layer via assertOwnedByWorkspace helpers. No cross-workspace IDOR.
- 04
Export
Workspace admins can export complete workspace data (JSON + CSV) from Settings → Trust Dashboard. Exports include all entities and audit logs.
- 05
Retention
Active workspaces: data retained as long as the subscription is active. Deleted workspaces: hard delete within 30 days of a verified request. Audit logs: 12 months.
- 06
Subprocessors
Only Anthropic and Resend receive customer data outside the EU. Both have Standard Contractual Clauses (SCC) in place. See the Subprocessors page for the full list.