Privacy policy.

At Outwrit, we treat your compliance documentation as confidential operational evidence. We understand that your files contain sensitive intellectual property, and our system is designed to keep your data isolated, secure, and under your control.

You retain full ownership of all documents you upload and the analysis results we generate.

• Your IP: We do not claim any rights to your data.
• No model training: We use enterprise APIs from OpenAI and Mistral. Data processed through these APIs is not used to train their models, and your confidential data is not used to improve third-party AI systems.

• Encryption at rest: Files and database records are encrypted using industry-standard AES-256 encryption.
• Encryption in transit: Data transmitted between your browser and our servers is protected via TLS 1.2+.
• Database isolation: Strict row-level security helps keep each organization workspace isolated at the database level.

We rely on established infrastructure providers to store, process, and protect operational data.

• Supabase: Database and secure file storage.
• OpenAI and Mistral: AI inference, document understanding, and OCR processing through enterprise APIs.
• Stripe: Payment processing through a PCI DSS Level 1 service provider.

You control your data lifecycle. If you delete a document or organization account, associated data is removed from our active database and storage systems. We do not keep shadow copies of deleted user files.