Spectivon

Privacy Policy

Effective date: June 2026 · Kryphion Systems, LLC (Spectivon)

1. Who We Are

Spectivon is a software product owned and operated by Kryphion Systems, LLC, a Florida limited liability company ("Kryphion," "we," "us," or "our"). Our contact address is hello@spectivon.com.

2. Information We Collect

We collect the following categories of information:

  • Account information — your name, email address, and company name, provided when you create an account or request access. Email authentication is handled through Supabase Auth.
  • Microsoft OAuth credentials — when you connect your Microsoft account to access SharePoint, we store the OAuth access token and refresh token so the platform can read documents on your behalf. Tokens are scoped to Files.Read and User.Read only.
  • Document-derived data — we process documents stored in your Microsoft SharePoint folder to generate vector embeddings (numerical representations) and AI-extracted risk findings. We do not store the original document files — they remain in your SharePoint at all times.
  • Usage data— project metadata, risk findings you create or review, Q&A log entries, and feedback you submit through the platform.
  • Technical data — log data, IP addresses, browser type, and other standard web server log information collected by our hosting provider.

3. How We Use Your Information

  • To provide and operate the Spectivon platform
  • To process documents and generate AI risk findings on your behalf
  • To communicate with you about your account, access requests, or support issues
  • To improve the platform’s quality and reliability
  • To comply with legal obligations

We do not sell your personal information or your organization’s document-derived data to any third party.

4. Third-Party Processors

We share data with the following sub-processors to deliver the service:

  • Supabase — database and authentication; stores account records, vector embeddings, and AI-derived findings
  • Anthropic — AI inference; document text is sent to Anthropic’s API for risk extraction and chat responses. Anthropic’s data handling is governed by its API terms.
  • Azure Document Intelligence (Microsoft) — optical character recognition on PDFs; page-level document text is sent to Microsoft’s cloud OCR service for text extraction
  • Microsoft Graph API — used to read documents from your Microsoft SharePoint folder on your behalf using your own OAuth credentials
  • OpenRouter / OpenAI — vector embeddings are generated via OpenAI’s text-embedding-3-small model, routed through OpenRouter
  • Vercel — application hosting and deployment infrastructure
  • Inngest — background job processing for document indexing and AI scanning workflows

Each processor is bound by data processing terms consistent with applicable privacy law.

5. Data Retention and Deletion

Vector embeddings and AI-derived findings for a project can be deleted at any time by an authorized user from within the platform (Deal Detail → Documents → Delete Indexed Data). This removes all document embeddings and resets the project to an unprocessed state.

Upon contract termination, all organization data — including projects, risk findings, Q&A logs, and user records — will be deleted within 30 days of the termination date upon written request to hello@spectivon.com.

We retain account information for a reasonable period after account deactivation for legal and record-keeping purposes unless you request earlier deletion.

6. Security

We implement reasonable technical and organizational security measures including:

  • Row-level security (RLS) on all database tables, enforcing per-organization data isolation
  • TLS encryption in transit for all API communication
  • Supabase-enforced access controls on the database layer
  • No storage of original document files — only derived data (embeddings, findings)

No system is perfectly secure. If you believe your account has been compromised, contact us immediately at hello@spectivon.com.

7. Your Rights

Depending on your jurisdiction, you may have rights to access, correct, or delete personal data we hold about you. To exercise these rights, contact us at hello@spectivon.com.

8. Changes to This Policy

We may update this policy from time to time. Material changes will be communicated by updating the effective date above and, where appropriate, by direct notice to active users.

9. Contact

Questions about this policy: hello@spectivon.com
Kryphion Systems, LLC · Florida