Trust & Security

What we do. What we don't. What we can't.

Last reviewed: 2026年05月04日

If you're evaluating COS for client work, sensitive content, or anything you'd be uncomfortable seeing in a leak, this page is the unvarnished version. We are a privacy-first product run by a small team. We don't use the word "enterprise-grade" to describe ourselves until we've actually earned the badges. Here is exactly where we stand today.

Your project content is encrypted at rest

Project data — Brand Voice, Personas, Files, Instructions — is encrypted with a key that lives only in your browser. We literally cannot decrypt it on our end.

Anthropic does not train on your prompts

COS analysis and chat run on the Anthropic Claude API. Anthropic's API terms prohibit training on customer inputs.

Data is hosted in the United States

All databases and files are hosted in the U.S. We do not currently offer EU or other regional data residency.

SOC 2: not certified yet

We are privacy-first by architecture, but we have not pursued SOC 2 certification yet. It's on the roadmap, not the wall. If your procurement requires it today, we are not the right fit yet.

How your data flows

Chat & analysis (in-flight)

When you send a message in chat or run an analysis, your prompt and any project context attached to it are sent directly to the Anthropic Claude API for processing. Anthropic's API terms (commercial terms) prohibit using API inputs to train Anthropic's models. The response is returned to your browser and displayed.

Project content (at rest)

Saved project data — Brand Voice settings, Personas, uploaded Files, custom Instructions, Campaign Notes, and conversation history pinned to a project — is stored in our database with at-rest encryption. The decryption key is derived from a browser-side identifier we call privacy_id. Without that browser's privacy_id, the stored content is opaque ciphertext to us.

Practical implications:

  • If you clear browser storage on a device, that device loses access to that account's encrypted content.
  • We cannot recover encrypted content if you lose your privacy_id. Account-level access (login) is separate from content-level decryption.
  • Customer support cannot view your project content. If you ask us about your data, we genuinely cannot read it.

Account & billing

Your account email, login session metadata, and billing records are stored in plaintext (these are operational data we need to read). Payment processing is handled by Stripe; we do not store card numbers on our servers.

What we send to which services

  • Anthropic — your chat prompts, project context, and analysis inputs (per request, not stored by Anthropic for training).
  • Supabase — encrypted project content, plaintext account/billing data, conversation metadata. Hosted on AWS infrastructure in the U.S.
  • Stripe — billing and payment data.
  • Google Analytics & LinkedIn Insight — site usage telemetry only. Not the contents of your prompts or project content.
  • DigitalOcean — application hosting (U.S. region).

What we don't do

  • We do not sell your data.
  • We do not use your prompts or project content to train any model — ours, Anthropic's, or anyone else's.
  • We do not share your project content with third parties for marketing, advertising, or research.
  • We don't claim certifications we haven't earned. The list of things we cannot offer today appears above this paragraph; the list of things we do offer appears in the pillars at the top.

What's on the roadmap

  • SOC 2 Type II — under consideration. We will list it here when work begins, not before.
  • EU / regional data residency — under consideration.
  • SSO (SAML / SCIM) — not yet available.
  • Audit log + admin console for team plans — not yet available.

If any of the above are non-negotiable for your procurement process, we'll be honest with you up front and you should pick a different tool today.

Reporting a security issue

If you've found a vulnerability or have a security question, email security@semalytics.com. We respond to verified reports within 72 hours.

Related

AltStyle によって変換されたページ (->オリジナル) /