Skip to main content
Privacy Policy

Privacy & Data Handling

Effective Date: January 28, 2026  ·  Last Updated: March 28, 2026

Zero-Knowledge Core Principle

STET is a deterministic reconciliation engine. We never store the content of your documents. Production document text extraction, semantic matching, and ledger reconciliation runs on-device in the desktop app, in memory only.

Checklist and workspace data you create is stored locally on your device — never on STET servers. Your account data (email, profile, subscription) is stored in InsForge and is deleted when you delete your account. Document content itself is never transmitted to or stored on our servers.

1. Information We Collect

Account & Identity Data

To provide the service, we collect minimal account details:

  • Email address
  • Username or display name
  • Password (securely hashed and salted; never visible to us)

Billing & Plan Data

STET operates on a sales-led Enterprise model. For Enterprise customers, billing is handled via MSA between your institution and STET. We store:

  • Subscription tier and status (stored in InsForge)
  • Trial start date (derived from account creation timestamp)

STET does not collect, process, or store credit card numbers or payment credentials.

Telemetry & Usage Details

We collect limited server-side metadata needed to operate account, billing, and website support surfaces and enforce plan limits:

  • For signed-in users: usage metering in InsForge (e.g. daily audit reservations and, when an audit finishes, aggregate fields such as file count and total bytes processed). No file names, paths, or document content are stored in these rows.
  • Infrastructure and hosting providers may log request metadata (e.g. for reliability and abuse protection) under their own retention policies, as described in our subprocessors list.
  • We do not currently operate server-side ingestion of application crash logs or Core Web Vitals into our InsForge project in the shipping product. Client code may support optional performance endpoints if a future deployment enables them; this policy will be updated if that changes.

Web Analytics (with your consent)

If you accept analytics cookies, we use PostHog to collect anonymous web analytics:

  • Pages visited and navigation paths (pathname only — no query strings)
  • Session duration and bounce rate
  • Browser type, operating system, and general geographic region (country/city — IP is not stored)
  • Referrer source (how you arrived at the site)

This data is fully anonymous. We have disabled user profiling, session recording, form capture, and IP address storage. You can decline or withdraw consent at any time via the cookie banner.

2. Treatment of Customer Data (Files & Ledgers)

"Customer Data" refers to the PDFs, CSVs, Excel files, or raw transaction data you run through STET. We distinguish between document content and workflow metadata:

Document Content — Never Stored Server-Side

The full text of documents you process is never written to STET servers or cloud buckets. Production content extraction, semantic search, and ledger reconciliation runs on-device in the desktop app, entirely within memory. Document content never leaves your device.

Checklist Data — Stored Locally on Your Device

Checklist data is stored locally on your device (stet_checklists) and never transmitted to STET servers: checklist names, due-diligence item statuses, matched document file names, match confidence scores, and any free-text notes. This data is available only on the device where it was created and is cleared when you use "Delete Account" or remove local STET data.

No Human Access to Document Content

Because document text never touches our backend, no STET engineer, employee, or contractor can view or access your financial records or document contents.

No Machine Learning Training

We explicitly prohibit the use of your Customer Data to train, fine-tune, or calibrate any machine learning models, including our local semantic matching engine.

Cloud VDR connections (Box, Dropbox, etc.)

When you connect a cloud virtual data room, file listing and downloads occur under your account with that provider, subject to their terms and privacy notice. STET does not upload your document content to STET servers for reconciliation; processing runs on-device in the desktop app.

3. Subprocessors & Third Parties

We use industry-standard subprocessors solely to operate the service. We do not sell your personal data to advertisers or third parties.

  • InsForge, Inc. (Authentication & Database)

    Used for user authentication (login/signup), storing account data (email, profile, subscription status), and VDR audit usage metering (aggregate counts and sizes only — no document content). Checklist data is not stored in InsForge. InsForge is SOC2 Type II compliant.

  • Resend, Inc. (Transactional Email)

    Used to deliver account-related emails (e.g., magic links, password resets) via a InsForge Edge Function. Resend receives your email address solely to deliver the requested email and does not retain it for any other purpose. Resend is SOC 2 Type II compliant.

  • PostHog, Inc. (Web Analytics — consent-gated)

    Used for anonymous web analytics only if you accept analytics cookies. PostHog receives no personal data: user profiling, session recording, IP storage, and form capture are all disabled. Analytics traffic is proxied through our own domain. PostHog is SOC 2 Type II compliant and EU data is processed in the US under standard contractual clauses.

4. Cookies & Tracking Technologies

We use local storage technologies as described below. No advertising cookies or cross-site tracking cookies are used.

Strictly Necessary (no consent required)

Session authentication tokens (via InsForge) stored in a secure, HttpOnly cookie. These are required for login to function. They expire when your session ends or you log out.

Analytics (consent required)

If you accept analytics cookies, PostHog stores an anonymous session identifier in localStorage to measure session continuity. Anonymous page-view and page-leave events (used for session duration signals) are captured. No personal data is stored. This is only activated after you click "Accept" on the cookie banner. You can withdraw consent at any time by clearing local website data.

Functional Preferences — local app/site storage (no consent required)

The following items are stored in local STET storage on your device — none are tracking cookies, and none are ever transmitted to our servers:

  • stet_analytics_consent — records whether you accepted or declined analytics cookies.
  • stet_privacy_accepted — records that you accepted the Privacy Policy & Terms at account creation.
  • stet_local_snapshots — metadata for locally-captured VDR snapshots (file names, sizes, SHA-256 hashes). Document content is not stored here.
  • stet_local_extractions — text extracted from your local documents for on-device semantic search. Stored locally only; never transmitted to our servers.
  • stet_recent_audits — recent audit and deal names for the sidebar quick-access list. Stored locally only.
  • stet_notifications — in-app notification state. Stored locally only.
  • stet_active_profile — ID of the active workspace profile. Stored locally only.
  • stet.updateChannel — desktop app update channel preference (stable / beta / internal). Stored locally only.
  • stet_discrepancy_{auditId} — cached discrepancy results for an audit session. Stored locally only; cleared when the session ends.
  • stet_vdr_metadata_{providerId}:{folderId} — cached VDR folder structure metadata. Stored locally only; expires automatically.
  • vdr_pkce_{state} — temporary PKCE code verifier for OAuth flows. Removed immediately after the OAuth flow completes.
  • stet:review:… — review workspace session state (resolution notes, draft edits). Stored locally only.

Session Storage — website support flows only (no consent required)

The following items are stored in sessionStorage for website sign-in and support flows and are automatically cleared when the active website session ends. They are never transmitted to our servers beyond the purpose of the active session:

  • stet_vdr_connections — VDR OAuth access tokens for the current session.
  • vdr_oauth_state — temporary OAuth state parameter used for CSRF protection during VDR sign-in. Removed after OAuth completes.

Local Database — on-device app storage (no consent required)

The following databases are stored locally on your device in the desktop app's on-device storage layer. All are local-only and never synced to STET servers. They can be cleared at any time via local STET data settings:

  • stet_checklists — all checklist data: names, deal types, item statuses, matched file names, confidence scores, and notes. Stored locally only; never transmitted to STET servers.
  • stet_vdr_results — VDR audit results: match lists, discrepancies, statistics, and optionally a CSV snapshot of the ledger used.
  • stet_review_docs — documents loaded for the review workspace (PDF, Excel, etc.) stored as raw file bytes for local rendering.
  • stet_search_indices — semantic search index built from locally-extracted document text.
  • stet_support_trace — support-trace review flags and notes.
  • stet_embedding_cache — vector embeddings and text previews cached for performance.
  • stet_hnsw_cache — serialized semantic graph index.
  • stet_audit_v2 — hash-chained semantic engine audit records (execution integrity log, described in our Security documentation).
  • stet_locks — short-lived client-side session locks for the semantic engine (no document content).

Legal basis for analytics (GDPR Art. 6): Consent (Art. 6(1)(a)). You may withdraw consent at any time with no effect on the legality of processing before withdrawal. For strictly necessary storage: Legitimate interest / contract performance.

5. Your Regulatory Rights

GDPR (EU/UK Users)

  • Right to Access your Account Data
  • Right to Rectification
  • Right to Erasure ("Right to be Forgotten")
  • Right to Restrict Processing

CCPA / CPRA (California)

  • Right to Know what personal info is collected
  • Right to Delete personal info
  • Right to Non-discrimination
  • We do not sell your personal information.

To exercise any of these rights (e.g., requesting immediate account deletion), email us directly at sritej@trystet.com. We respond to all requests within 30 days.

6. Security & Liabilities

We implement commercially reasonable security measures (TLS encryption, AES-256 database encryption) to protect your Account Data. However, no transmission over the internet is completely secure. STET assumes no liability for data disclosures caused by transmission errors, third-party subprocessor breaches, or unauthorized access to your account credentials.

7. Data Retention

Account Data

Your email, username, and subscription status are retained for as long as your account is active. Upon account deletion, personal data is purged within 30 days from our live systems and within 90 days from encrypted backups.

Checklist Data

Checklist data is stored locally in on-device app storage (stet_checklists) and is not retained on STET servers. It persists until you delete individual checklists from within the app, use the "Delete Account" flow (which wipes the database), or clear local STET data. There is nothing for us to delete server-side — this data never reaches our servers.

Document Content (Files & Ledgers)

Never retained server-side. Production file processing is on-device and in-memory only. Document text never reaches our servers; there is nothing for us to delete.

Analytics Data

Anonymous PostHog analytics (if consented) are retained for 12 months, after which they are automatically deleted by PostHog.

Breach Notification

In the event of a personal data breach affecting your Account Data, we will notify affected users and, where required by law, the relevant supervisory authority within 72 hours of becoming aware of the breach, in accordance with GDPR Art. 33. Checklist data is stored locally on your device and is outside the scope of a server-side breach.

Enterprise Data Processing Agreement (DPA): Enterprise customers requiring a signed DPA (for GDPR controller–processor arrangements) may request one at sritej@trystet.com. Our standard DPA includes Standard Contractual Clauses (SCCs) for EU/UK data transfers.

8. Contact Information

STET — Sritej Bommaraju

sritej@trystet.com

For data rights requests (access, deletion, rectification) — we respond within 30 days.

By using STET, you acknowledge that you have read and agree to this Privacy Policy alongside the Terms of Service.

Terms of Service|Security|Desktop App