Status: legal-review draft for PolicyStrata Clearance. Do not publish as final legal terms without counsel review.
Scope
This policy covers the hosted Clearance platform at app.policystrata.com and related product sites and documentation operated for PolicyStrata.
Data We Process
Clearance processes:
- Account data: name, email, authentication identifiers, organization
membership, roles, invitations, and session metadata.
- Workspace data: organization, project, environment, runner-token metadata,
review decisions, evidence-pack metadata, runtime decision metadata, and audit logs.
- Billing data: Stripe customer, subscription, checkout, and portal metadata.
- Operational data: request metadata, IP address, user agent, Vercel runtime
logs, web analytics, and speed insights.
Hosted ingestion is metadata-only by default. Clearance rejects raw prompts, traces, tool-call payloads, credentials, database rows, and inline witness objects.
Uses
We use data to provide the product, authenticate users, enforce tenant boundaries, generate evidence exports, maintain audit logs, process billing, secure the service, investigate incidents, and support customers.
Subprocessors
Current subprocessors are listed in docs/legal/subprocessors.md.
Retention
Default organization retention is 90 days unless otherwise configured or contracted. Audit, billing, and security records may be retained as required for legitimate business, legal, or security purposes.
Customer Controls
Workspace admins can manage members, roles, SSO metadata, SCIM directories, and runner tokens. Evidence exports are available to authorized roles. Deletion requests are handled through an audited support workflow until self-serve deletion is available.
Security
Security measures include TLS, RBAC, organization-scoped access checks, Postgres row-level security for tenant data, hashed runner and SCIM tokens, append-only audit logs, production secret management, and provider-managed backup controls.
Contact
Privacy and security requests should be sent to the contract-designated contact or the published PolicyStrata security contact.