Legal

Privacy Policy

We built PRISM to simulate AI infrastructure, not to collect your proprietary data. Here is exactly what we collect, what we don't, and how we protect it.

Last updated: March 29, 2026

1. The PRISM Simulation Guarantee

Unlike production proxies or tracing tools, PRISM is a pre-production simulator. We do not process, store, or transmit your live end-user prompts or AI model completions. Simulations are run using synthetic Monte Carlo traffic generation and empirical behavioral models. Your pipeline configurations never make live calls to third-party model providers (e.g., OpenAI, Anthropic) during a standard simulation.

2. Data We Collect

To provide the PRISM service, we collect the following:

  • Account Information: Name, email address, and authentication tokens (via Supabase).
  • Pipeline Configurations: The node graphs, JSON/YAML topologies, and expected traffic parameters you build in the canvas. This data is encrypted at rest using AES-256.
  • Simulation Results: Ephemeral cost, latency, and accuracy projections. Results are deleted after 90 days unless explicitly saved to your Simulation History.
  • Billing Information: Processed directly by Stripe. We do not store your full credit card details on our servers.
  • Telemetry & Diagnostics: Anonymized application usage (e.g., canvas load times, simulation run durations) to monitor system health via Datadog.

3. How We Use Your Data

We use your pipeline configurations strictly to:

  • Execute Monte Carlo simulations across our isolated worker clusters.
  • Generate downloadable PDF reports and shareable scorecards.
  • Provide collaboration features, such as team commenting and approval workflows (Team/Enterprise tiers).

We will never use your pipeline topologies to train our own models or share your proprietary architectures with competitors.

4. Subprocessors

We use a limited number of trusted third-party infrastructure providers to run PRISM. All subprocessors are bound by strict data processing agreements:

  • AWS (Amazon Web Services): Cloud hosting, database (RDS), and isolated EKS compute clusters.
  • Supabase: Authentication and identity management.
  • Stripe: Payment processing and subscription management.
  • Datadog & Sentry: Application performance monitoring and error tracking.

5. Your Rights

You have the right to access, modify, or permanently delete your pipeline data and account at any time. If you wish to execute a full data deletion request, you can do so directly from your Account Settings or by contacting us at privacy@getprism.dev.