Working draft. This page describes how PathReader handles your data today. The final, legally-reviewed Privacy Policy and Data Processing Agreement are in preparation. For pilot-specific terms, see your pilot agreement or contact us.

Data Handling

What happens to the documents and data you put into PathReader.

Policy documents you upload

  • Uploaded PDFs are stored securely in object storage scoped to your workspace.
  • The text extracted from each document is sent to an AI service to propose rule candidates. By default this uses PathReader's AI vendor account.
  • If you provide your own AI provider key (BYOK), that extraction call is made through your own vendor account instead, so your document text is processed under your existing agreement with that vendor.
  • Documents and their rules remain visible only to members of your workspace.

Action checks

  • When an agent action is checked against your policy, the deterministic evaluation runs without an AI model in the decision path.
  • Each check is recorded as an audit entry. By default PathReader stores a summary and a request hash rather than the full action payload.

Retention & deletion

Data retention periods per data type are being finalized as part of the Privacy Policy.

You can request erasure of your workspace data or of an individual user's personal data at any time by contacting your PathReader representative. On an erasure request we remove the workspace's documents, policies, evaluation history, API keys, and stored files, and we scrub personal data from a removed user's records. Erasure requests are fulfilled by PathReader staff (there is no self-serve hard delete) and recorded for our own audit trail.

Sub-processors

We share data only with vendors that help us run the service (hosting, AI-assisted rule extraction, and transactional email), under data-protection terms. When you use your own AI provider key, AI-extraction calls run in your own vendor account. We do not sell or share personal data and do not use your content to train AI models.

Your rights & contact

Depending on your jurisdiction you may have rights to access, correct, delete, or port your personal data. For data we process on a customer's behalf, we assist that customer in responding to such requests.

Privacy questions: privacy@pathreader.ai · Security reports: security@pathreader.ai

Questions about data handling? See How It Works or contact your PathReader representative.