← Back to Home

Privacy Policy

1. Introduction

Signalyze Solutions LLC is committed to protecting your privacy through the Elenivo platform. This Privacy Policy explains our data practices.

2. Information We Collect

We collect the following types of information:

• Account information (name, email, organization)
• Business metrics (session-scoped, ephemeral)
• Decision records and client metadata
• AI interaction data
• Usage data and technical data

3. Ephemeral Data Architecture

Raw data is never persisted to permanent storage. All inputs are normalized to 0.0-1.0 scores during processing, and raw inputs are automatically discarded after each session. This ensures your sensitive business data exists only in memory during active processing.

4. How We Use Information

We use collected information to:

• Operate and maintain the Elenivo platform
• Maintain decision records for your reference
• Improve service through aggregated analytics (never individual data)
• Communicate with you about your account
• Comply with legal obligations
• Detect and prevent threats to security

We do not use individual client data for AI model training. All AI interactions are stateless and scoped to the current session.

5. Data Storage and Security

We implement comprehensive security measures:

• AES-256 encryption at rest
• TLS 1.2+ encryption in transit
• Row-level security (RLS) isolation
• HMAC-SHA512 message signing
• API key hashing and JWT authentication
• Comprehensive audit logging
• Multi-tenant isolation by default

6. Sub-Processors

We use the following sub-processors to operate the Elenivo platform:

• Supabase (Database, US) — Postgres database hosting
• Anthropic Claude (AI, stateless, US) — AI-powered decision narratives (stateless, no training on individual data)
• Stripe (Payments, US) — Payment processing
• Vercel/Deno Deploy (Edge Functions, US) — API and edge function hosting

We provide 30 days' notice before adding new sub-processors.

7. Data Retention

We retain data according to the following schedule:

• Decision Records: 7 years
• Audit Logs: 1 year (auto-cleanup)
• Client Profiles: 5 years
• Session Exports: 1 year (auto-cleanup)
• Conversation History: 90 days (auto-cleanup)
• Idempotency Keys: 1 day (auto-cleanup)

8. Your Rights

You have the following rights under GDPR and CCPA:

• Right to access your data
• Right to rectify inaccurate data
• Right to erasure (GDPR Art. 17, CCPA)
• Right to data portability
• Right to object to processing
• Right to restrict processing

To exercise these rights, contact e.taveras@signalyzesolutions.com. We will respond within 30 days.

9. Data Sharing

We do not sell your data. We share data only:

• With service providers under strict confidentiality agreements
• When required by law
• In case of business transfer (with notice)
• With your explicit consent

10. Cookies

We use only essential cookies for authentication and session management. We do not use advertising cookies, tracking pixels, or analytics that collect personally identifiable information.

11. Children's Privacy

Elenivo is not directed to persons under 18 years of age. We do not knowingly collect information from children.

12. International Transfers

Your data is processed in the United States (AWS us-east-1). Standard Contractual Clauses (SCCs) are available for international transfers.

13. Changes to This Policy

We may update this Privacy Policy. Material changes will be communicated with 30 days' notice.

14. Contact

For privacy questions or to exercise your rights:

• Signalyze Solutions LLC
• Edward Taveras
• e.taveras@signalyzesolutions.com