Security & privacy
How we protect your data, our AI data policies, and compliance information
We built Deliverables AI for teams that work with confidential deal materials, financial data, and sensitive client information. Security isn't an afterthought — it's foundational to everything we do.
Data encryption
All data is encrypted at every stage:
| Layer | Standard |
|---|---|
| In transit | TLS 1.3 — all data moving between your browser and our servers is encrypted |
| At rest | AES-256 — all stored data is encrypted on disk |
This applies to your uploaded sources, generated deliverables, prompts, and any other data in your workspace.
Zero data retention for AI training
We never use your data to train AI models. This is a firm policy, not a setting you need to toggle.
- Your documents, prompts, and generated content are never used for AI training
- We do not share your data with AI providers for training purposes
- We maintain zero data retention agreements with our AI infrastructure providers
- Your confidential information stays confidential — period
Workspace isolation
Your workspace is completely isolated from other customers:
- Separate storage — Your files and generated deliverables are stored independently from other workspaces
- No cross-contamination — One customer's data never appears in another customer's output
- Independent processing — Your AI generations run in isolated contexts
Access controls
You control exactly who can see your data:
- Workspace members only — Only users you explicitly invite can access your projects, sources, and deliverables
- No public access — Nothing in your workspace is publicly accessible
- Support access by permission — Our support team can only access your data with your explicit permission when troubleshooting issues
Data retention and deletion
- Your data remains in your workspace for as long as your account is active
- You can delete individual sources, projects, or your entire workspace at any time
- Deleted data is permanently removed from our systems within 30 days
- When you cancel your subscription, you can export your data before deletion
No integrations by design
We intentionally do not connect to data rooms, VDRs, or other third-party systems where your confidential materials live. This is a deliberate security decision — we don't want persistent access to your most sensitive repositories.
Instead, you bring your data to us: drag and drop files, paste text, or add links. When you're done, your data stays in your isolated workspace and nowhere else. Learn more about adding sources → | How Deliverables fits in your workflow → | How our security compares to other tools →
Contractual protections
These security practices aren't just policies — they're backed by our Terms of Service. Our agreement includes formal confidentiality obligations with legal protections, meaning your data is covered by enforceable contractual commitments, not just good intentions.
Compliance
We use enterprise-grade cloud infrastructure and are actively pursuing SOC 2 Type II compliance. Our security practices include:
- Regular security assessments and penetration testing
- Automated vulnerability scanning
- Secure development practices with code review
- Incident response procedures
Audit trail
The credit usage log provides a detailed record of all AI activity in your workspace — what was generated, when, by whom, and at what cost. Teams with internal compliance requirements can use this as a lightweight audit trail for AI-assisted work product.
Have security questions?
We're happy to discuss our security practices in detail with your compliance or IT team. Book a call to go through your specific security requirements, request documentation, or discuss enterprise-grade configurations.