Six architectural facts
1. No content pathway
Vantic IQ detects workflow signals: which app is active, how long, in what order. There is no code path that reaches screen content, file contents, or typed text. This is not a privacy mode — it is the only mode.2. Content-adjacent fields hashed at ingestion
Fields that could carry incidental meaning — window titles, filenames — are SHA-256 hashed at the moment of capture. The original value is never stored, never transmitted, never retrievable. Only the hash persists, used solely to detect repetition and frequency.3. Sensitive apps auto-excluded
Australian banking applications (CommBank, Westpac, ANZ, NAB, Macquarie, Bendigo, ING) and password managers (1Password, Bitwarden, LastPass, Keychain) are excluded before workflow signals are processed. This runs automatically and cannot be disabled.4. Pattern detection runs locally
The Pattern Engine runs on your device. Raw workflow signals never leave your machine. Only derived scores and hashed signals sync to Supabase — hosted on AWS ap-southeast-2 (Sydney), Australian infrastructure only.5. 90-day retention, then hard-deleted
Raw workflow signal records are automatically purged after 90 days. Pattern scores persist as derived insight and are user-deletable at any time via the Privacy Hub. Verbatim conversational input is session-scoped — it does not persist between sessions.6. Every event has an audit trail
Every workflow signal event generates a verifiable audit record. Enforcement actions — exclusions, hashing, discards — are logged and synced. The audit trail is the evidence layer, not the claim layer.For diligence documentation or to walk through the architecture in detail, contact support@vanticlab.com. This page is product help, not legal advice. For binding terms see the Privacy Policy and Terms of use.