Last Updated: April 19, 2026

Trust & Security at SANICE

Built for institutional-grade research. Transparent by design.

SANICE is a decision engine, not an answer engine. Our platform is built on three commitments: we do not train models on your content, we do not reproduce copyrighted source material, and we treat your data with the care appropriate for professional and business use. This page explains exactly how — in concrete, operational terms.

1. Our Core Commitments

Zero Data Training

Your prompts, reports, and chats are never used to train any AI model — ours or a third-party's.

Publisher-Safe Retrieval

We synthesize, cite, and paraphrase. We do not reproduce article paragraphs or other copyrighted text.

Your Data, Your Control

Export, delete, or audit your data at any time. Tenant-isolated via Row-Level Security.

2. Security Architecture

SANICE implements security controls designed for professional and business use. Our current controls include:

Encryption in transit — All traffic served over HTTPS with modern TLS.
Encryption at rest — Database, file storage, and backups are encrypted at rest by our infrastructure providers.
Tenant isolation — Every database query is scoped to the authenticated user via Supabase Row-Level Security (RLS), enforced at the Postgres layer.
Authentication — Short-lived RS256 JSON Web Tokens (JWTs) verified cryptographically on every request, with automatic refresh rotation. Separate cryptographic keys per purpose (session, CSRF, email verification, API).
Secrets management — Application secrets stored in managed secrets infrastructure; never committed to source control.
Edge protection — Cloudflare Web Application Firewall, rate limiting, and DDoS mitigation at the edge.
Access control — Principle of least privilege for staff access to production systems. Administrative access is restricted and logged where supported by our infrastructure.
Audit trails — Authentication, billing, and sensitive account actions are logged for security review.
Vulnerability management — Dependencies are scanned for known vulnerabilities; critical patches are applied promptly.

Compliance status: SANICE does not currently hold a third-party SOC 2 attestation. Our architecture is designed in line with SOC 2 control families, and we will publish attestations here as they become available.

3. How SANICE Handles Third-Party Sources

Publisher lawsuits against AI platforms in 2024–2025 established a clear line: synthesis and citation are protected; regurgitation is not. SANICE was built from the ground up to be on the right side of that line.

3.1 Our Source-Handling Pledge

Limited direct quotation. SANICE is designed to limit direct quotations to 15 words or fewer per source. Our research prompts explicitly instruct models to paraphrase rather than quote.
One quote per source maximum. After one direct quote from a source, that source is treated as closed for further direct quotation. Subsequent material from the same source is paraphrased.
No paywalled content reproduction. We do not bypass paywalls, and our pipeline does not include paid-archive content in retrieved context.
Source de-duplication before synthesis. Before a report is synthesized, retrieved sources are de-duplicated — clusters of near-identical articles are treated as a single source, not many.
Corroboration for material claims. Where a claim is factual and material, the pipeline seeks independent corroboration and flags single-source claims accordingly.
Citation discipline. Every material factual claim in a Glass report is cited inline. The Counsel debate system is built to challenge uncited claims.

3.2 What We Do Not Do

We do not reproduce article paragraphs verbatim.
We do not generate summaries so detailed they could displace reading the original.
We do not reproduce song lyrics, poems, or other creative works under any circumstances.
We do not scrape or cache content in ways that violate a third-party site's robots.txt or terms of use.

3.3 User Responsibility

These rules describe SANICE's intended product behavior and internal policy controls. No automated system is perfect. Users remain responsible for reviewing outputs before publication or redistribution, and for ensuring any onward use of SANICE output complies with applicable law.

4. Where Your Data Goes

SANICE works with the following sub-processors. Each is bound by a Data Processing Agreement that imposes privacy obligations materially equivalent to those we apply ourselves.

Sub-processor	Purpose	Region	Category
Supabase	Database, auth, vector storage	Singapore	Infrastructure
Railway	Backend hosting	USA	Infrastructure
Vercel	Frontend hosting & edge	USA / Global	Infrastructure
Cloudflare	WAF, DDoS, rate limiting	Global	Edge security
Stripe	Payment processing	USA / EU	Billing
Resend	Transactional email	USA (us-east-1)	Communications
Sentry	Error monitoring	USA	Observability
PostHog	Product analytics (metadata only)	USA	Observability
Anthropic	Claude API	USA	AI model
OpenAI	GPT API	USA	AI model
Google	Gemini API	USA / Global	AI model
xAI	Grok API	USA	AI model
Voyage AI	Embeddings (semantic retrieval)	USA	AI model

Sub-processor list last reviewed: April 19, 2026.

Material changes to this list are reflected in our Privacy Policy. A public changelog of sub-processor changes will be published in a future update.

5. How Long We Keep Your Data

Data Type	Retention	Deletion Trigger
Account data	Active while account is active	Account deletion — removed from live systems within 90 days
Content data	Indefinite while active	User deletes item, or account deletion
Embeddings	Same as source session	Session or account deletion cascades to embeddings
Billing & tax records	7 years	Statutory (NZ Inland Revenue)
Server logs	Up to 90 days	Automatic rotation
Security event logs	Up to 12 months	Automatic rotation
Encrypted backups	Up to 30 days	Normal backup lifecycle

Deletion from live systems may not immediately remove data from encrypted backups until backup expiry.

Full retention details are in our Privacy Policy, Section 10.

6. Compliance & Legal Framework

SANICE operates in accordance with the following privacy frameworks:

New Zealand Privacy Act 2020 — SANICE STAR LTD is an "agency" under the Act and operates in accordance with the 13 Information Privacy Principles.
EU GDPR / UK GDPR — We rely on Standard Contractual Clauses (SCCs) or equivalent mechanisms for international transfers.
CCPA / CPRA — California residents may exercise the rights described in our Privacy Policy.
Zero Data Training commitments — Verified against each AI provider's published API terms. Last reviewed April 19, 2026.

See our Privacy Policy for full rights and procedures, and our Terms and Conditions for the full legal framework.

7. Contact

Security disclosure: security@sanice.ai — we aim to acknowledge good-faith security reports within 48 hours.

Privacy requests: privacy@sanice.ai

General: admin@sanice.ai