Privacy

When you upload a document, we store the original file in a private storage bucket isolated to your workspace, and we store extracted text and AI-generated metadata (summaries, findings, timeline events) in our database. Other workspaces cannot read your data; access is enforced by row-level security.

Records Review is designed for reviewing student education records and includes a PII scan and redaction workflow. Records Review itself is a software tool — it does not certify FERPA compliance on your behalf. Your organization remains responsible for lawful use of the records you upload.

Document text and extracted facts are sent to AI model providers (via the Lovable AI gateway) to produce summaries, classifications, comparisons, and timeline events. We do not use your records to train any model. AI output may contain errors; human review is required before relying on results.

An automated PII scan flags potentially sensitive items in extracted text. You can review each finding, accept or decline redactions, and produce a redacted copy that never replaces the original. All PII decisions are recorded in the audit log.

You can download original or redacted copies of any document, export the timeline as CSV, and export reports as PDF or DOCX. You can soft-delete documents from the workspace; deleted documents are retained for 30 days before permanent removal so you can restore them if needed.

Every meaningful action — uploads, extractions, PII decisions, comparisons, exports — is recorded in a workspace-scoped audit log readable by workspace members.

Questions about privacy or data handling: support@example.com.