Privacy Policy

1. Information We Collect

We collect information that identifies, relates to, describes, or could reasonably be linked, directly or indirectly, with you or your organization:

• Account & Identity Data: Information provided during registration, including names, email addresses, and firm names, managed securely via our authentication provider (Clerk).
• Financial & commercial data: Contract identifiers, billing contacts, and purchase-order references associated with your Master Service Agreement. LogicSeal is an enterprise infrastructure platform. All financial settlements are handled via off-platform institutional invoicing as defined in the Master Service Agreement. We do not operate consumer card checkout in the Service and do not store full payment card numbers on our servers.
• Payload & Trading Data: The raw trade intents, metadata, and systemic context you submit to our API for SLM adjudication and cryptographic sealing.
• Usage & Device Data: Automatically collected diagnostic data, including IP addresses, browser types, API request volumes, and latency metrics.

2. How We Use Your Information

We use the collected data strictly to operate, maintain, and improve the Service:

• To authenticate your access and enforce organization-level data boundaries.
• To process your trade payloads through our Duality Engine (SLM) and generate "Exam Defense" rationales and cryptographic Merkle Roots.
• To administer commercial terms, entitlements, and invoicing coordination under your Master Service Agreement.
• To monitor API health, detect fraudulent abuse, and prevent security breaches.

We do not sell your personal or organizational data to third parties, nor do we use your proprietary trade payloads to train public machine-learning models.

3. Third-Party Sub-Processors

To provide institutional-grade infrastructure, we utilize trusted third-party service providers. By using the Service, you consent to the processing of data by these sub-processors:

• Supabase: For secure, encrypted database hosting and pgvector storage.
• OpenAI: For executing the Small Language Model (SLM) adjudications and generating embeddings. (Note: Data sent via OpenAI's enterprise API is not used to train their public foundation models).
• Clerk: For identity and organization management.
• Commercial settlements: Executed off-platform under your Master Service Agreement; LogicSeal does not route institutional remittance through consumer payment aggregators inside the Service.

4. Data Retention and Immutability

Due to the nature of our cryptographic infrastructure:

• Account Data: Retained for as long as your account is active.
• Audit Logs & Merkle Roots: Cryptographic hashes and associated "Exam Defense" logs stored in our database (e.g., the sandbox_seals and audit_logs tables) are retained to provide you with an immutable compliance record.

If you request account deletion, we will remove your Personally Identifiable Information (PII) from our active databases, but the cryptographic hashes and anonymized transaction metadata will remain intact to preserve the integrity of the Merkle Tree.

5. Security Measures

We implement commercially reasonable technical and organizational measures to secure your data, including end-to-end encryption in transit and at rest. However, no electronic transmission or storage system is 100% secure. You are responsible for keeping your API keys and account credentials confidential.

6. Your Rights

Depending on your jurisdiction (e.g., Texas privacy laws, CCPA, GDPR), you may have the right to access, correct, or request the deletion of your personal data. To exercise these rights, please contact our support team.

7. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date.