Trust Center

Your Contract Data Is Yours

We built Guard-Clause with privacy as a structural constraint, not a policy afterthought. Here is exactly how we handle your data.

Encryption in Transit

All connections use TLS 1.3 (256-bit). Your contract data is encrypted from your browser to our servers. We enforce HTTPS with HSTS.

No Persistent File Storage

Your uploaded file is read into server memory, text is extracted, and the file buffer is discarded immediately after extraction. Under normal operation, the raw file is not written to disk, database, or object storage.

Ephemeral Text Cache (15 Minutes)

Extracted contract text is held in a server-side cache (Upstash Redis) with a 15-minute time-to-live. The cache key is a 256-bit cryptographic token known only to your browser session. After 15 minutes — or after your analysis completes — the text is automatically deleted.

AI-Only Processing

Your contract text is processed by AI (Claude by Anthropic). We do not read, review, or access your contract text as part of the service. Our server logs are configured to exclude contract text, tokens, and clause excerpts. By default, contract text is processed ephemerally and expires automatically.

You Control Retention

You choose your retention mode at upload time. 'Don't store anything' means the analysis is shown in your browser and then discarded — no database record is created. 'Save my report' stores only the AI-generated analysis (risk score, findings, negotiation pack) and does not retain the original contract text. You can delete saved reports at any time.

Rate Limiting & Abuse Prevention

Per-route rate limits protect against abuse. Upload, analysis, and payment endpoints each have independent limits. Cache tokens are single-use and cryptographically bound to a specific scan.

Data Lifecycle

What happens to your data at each step — and when it is deleted.

U

Upload

File read into server memory

Discarded immediately after text extraction (seconds)

E

Extraction

Text extracted from PDF/DOCX/TXT

Stored in ephemeral cache (Upstash Redis) for 15 minutes

A

Analysis

AI processes text and generates findings

Cache entry deleted after analysis (or auto-expires at 15 min)

R

Report

AI-generated findings, scores, negotiation pack

Stored only if you chose 'Save my report'. Deletable anytime.

AI Transparency

Guard-Clause uses Claude (by Anthropic) for contract analysis. Here is exactly what the AI does and does not do.

What the AI does

  • Reads every clause of your contract and identifies risk patterns
  • Produces findings with direct citations (excerpt, section, page)
  • Tailors analysis to your role (freelancer, founder, employee, agency)
  • Generates negotiation scripts, prioritized asks, and replacement clauses
  • Assigns a risk score (0–100) based on severity and count of findings

What the AI does not do

  • It does not provide legal advice or act as your attorney
  • It does not guarantee it catches every risk — AI can miss nuance
  • It is not trained on or fine-tuned with your contract data
  • It does not access external databases or courts to verify jurisdiction-specific enforceability
  • It does not replace a qualified attorney for high-stakes decisions

This Is Not Legal Advice

Guard-Clause is an AI-powered analysis tool, not a law firm. Our reports identify potential risks and suggest negotiation language, but they do not constitute legal advice and should not be relied upon as such.

AI analysis can catch common risk patterns quickly and affordably, but it can miss nuance, jurisdiction-specific issues, or complex clause interactions. For high-stakes contracts, we recommend using Guard-Clause as a starting point — then consulting a qualified attorney for the edge cases.

No attorney-client relationship is formed by using this service. Guard-Clause, its officers, employees, and affiliates disclaim all liability arising from reliance on AI-generated analysis.

Questions? support@guard-clause.com

Read our full Privacy & Retention Policy and Terms of Service