Privacy & Trust
Public-sector data stewardship,built into the workflow.
Civic Charter helps agencies manage AI intake, review, evidence, artifacts, and transparency records without turning sensitive governance workflows into training data or marketing analytics.
Operating commitments
Trust principles agencies can actually evaluate.
Customer data is not training data
Civic Charter does not use customer workflow content, uploaded evidence, or generated artifacts to train AI models.
Tenant boundaries by default
Agency records are treated as separate tenant boundaries across workflows, prompts, exports, dashboards, and generated artifacts.
Auditability over black boxes
Important governance decisions should preserve who changed them, when, why, and what evidence supported the decision.
Human approval stays human
The platform may prepare, route, summarize, and validate. Final approvals stay attributable to named human reviewers.
Sensitive data minimization
The product is designed to collect what is needed for workflow, audit, and reporting, not unnecessary public-sector records.
Controlled transparency
Public transparency records should publish only reviewed, human-approved summaries, never internal notes or unreviewed drafts.
Data lifecycle
From intake to public record, each step has a boundary.
Civic Charter is designed around governance provenance: what was submitted, who reviewed it, why a decision changed, and which records are safe to publish.
- 01
Collect only what is needed
Intake asks for governance context, intended use, risk inputs, reviewer evidence, and artifacts needed to run the workflow.
- 02
Protect tenant records
Access controls, tenant separation, and secure operating practices are treated as baseline product requirements.
- 03
Preserve audit history
Overrides, approvals, generated drafts, and reviewer decisions should remain traceable for compliance and review history.
- 04
Publish only reviewed summaries
Public transparency pages are controlled outputs, not mirrors of internal notes, vendor answers, or unfinished drafts.
Privacy policy summary
Plain-language policy, without the boilerplate fog.
What we collect
We may collect contact and account information, organization details, workflow content submitted by agency users, reviewer decisions, evidence metadata, generated draft artifacts, and operational telemetry needed for security, reliability, and product operation.
How we use information
We use information to operate Civic Charter, route reviews, support auditability, respond to requests, improve reliability, and meet legal or contractual obligations. Customer data is not used to train AI models.
What we do not do
We do not sell personal information. We do not publish internal notes or unreviewed drafts. We do not present generated outputs as binding legal advice, final compliance determinations, or human approval.
Retention
Information is retained as needed to provide the service, preserve audit and compliance history, resolve disputes, and meet legal or contractual requirements. Customer agreements may define more specific retention terms.
Your rights and requests
Depending on your jurisdiction and relationship to an agency customer, you may have rights to access, correct, delete, or restrict certain processing. Requests are handled in accordance with applicable law and customer agreements.
Contract and legal terms
This page is a public summary of our privacy and trust posture. Customer agreements, data processing terms, and applicable law control where they apply.
Questions about privacy or trust?
Send us the context for your agency, review process, and data handling requirements. We will respond in accordance with applicable law and any customer agreement.
Last updated: April 29, 2026