How we protect your data and your customers' data.
Customer names, phone numbers, addresses, handles, and booking notes are encrypted using AES-256-GCM before being stored in our database. The encryption key is held by our application servers and is never logged or transmitted to subprocessors.
All connections to Draftrow use TLS 1.2 or higher. We do not accept unencrypted connections.
Every database query is scoped to your user ID. You cannot access another user's data, and our staff does not access your customer data except in narrow, audit-logged support scenarios.
Every decryption of customer PII is logged with user ID, resource type, resource ID, and timestamp. This audit trail is retained for one year and available on request.
Anthropic (primary) and OpenAI (fallback) process conversation text under their commercial API data policies. Neither trains on customer data by default. See Privacy for retention specifics.
Our servers don't persist the raw conversation text. After extraction, the conversation is dropped from memory. Only the structured fields you confirm are saved (and encrypted). Our AI provider (Anthropic) may retain it for up to 30 days for safety review under their no-training commercial API policy.
See Privacy for the full subprocessor list with locations and purposes.
If we experience a breach with real risk of significant harm, we will notify affected users as soon as feasible per PIPEDA requirements.
Found a security issue? Email security@draftrow.com with details. We commit to acknowledging reports within 48 hours and providing updates as we investigate.
Draftrow operates in compliance with PIPEDA. We are pursuing SOC 2 Type II readiness as we grow.
More detail on data handling: Privacy page. For security questions: security@draftrow.com