Your Most Sensitive Data.
Our Highest Priority.

All data is stored in Neon PostgreSQL on AWS us-east-1 (Northern Virginia). Data never leaves the United States. Backups are stored in the same region and are also encrypted.

If you have specific data residency requirements or need to discuss FedRAMP authorization, contact us for an Enterprise discussion.

By default: almost no one. Your data is isolated by organization ID in a multi-tenant database. The only people who could theoretically access it are:

• Engineering support — Only for explicit support requests you initiate. Every access is logged to the audit trail.
• Database infrastructure — Our cloud provider (Render/Neon) has operational access but cannot read your application data without compromising the entire platform.

We are implementing formal access review procedures as part of SOC 2 preparation (Q3 2026).

We maintain an incident response plan following NIST guidelines. In the event of a confirmed breach affecting customer data:

• 72 hours — Affected customers are notified (per GDPR-equivalent standards)
• Notification includes: nature of breach, data affected, response steps, recommended customer actions
• 30 days — Root cause analysis and remediation summary provided

Our infrastructure providers (AWS, Render) maintain their own SOC 2 certifications and incident response procedures.

These are marked as Sensitive Categories in our system:

• Not visible in default HR dashboard views — requires explicit "view sensitive" permission
• Extra audit logging on every access (who viewed, when, from where)
• Separate from general case data in the data model
• Export restrictions — cannot be exported in bulk with other data

This helps you meet the "need-to-know" standard required for ADAinteractive process and FMLA records.

Exports: Full data export is available in JSON/CSV format from the admin dashboard — anytime, as often as you want. Export includes cases, evidence, audit logs, and user data.

Deletion:

• On cancellation: Data retained 90 days for export, then purged. Backup deletion follows 30-day retention schedule.
• Per-record deletion: Enterprise customers can request deletion of specific records (e.g., "delete all data for employee X") for GDPR/CCPA compliance. Confirmed in writing within 30 days.

No. Your case data is never used to train FairLens AI models or any third-party models. AI inference runs on:

• Anthropic Claude — Case data is processed server-side, never stored by Anthropic, never used for training
• Your own dedicated inference — No shared model between customers that could leak data

Our privacy policy explicitly prohibits using customer data for model training.

The employee complaint portal is designed for maximum anonymity:

• No login required — employees submit without creating an account
• No browser fingerprinting, no IP geolocation logging
• Anonymous until employee chooses to identify themselves

Important caveat: True anonymity depends on the employee's device and network. We recommend employees use personal devices. We cannot guarantee anonymity if the employee submits from a work device with monitoring software.

Currently, FairLens is not a HIPAA-covered entity. Our platform does not store "protected health information" (PHI) as defined by HIPAA — we store employment records and HR investigation data.

If your organization requires HIPAA compliance for specific use cases, contact us to discuss Enterprise arrangements.