WeShield← Home
Draft templates pending review by legal counsel — not legal advice. The sub-processor list is current and accurate.

Privacy Policy

How WeShield collects, uses, and protects personal information, consistent with PIPEDA. Draft template pending review by counsel.

What we collect

Account information (name, email), the workspace data your organization enters (grant prospects, applications, documents, team members), and operational metadata (audit logs, usage counts) needed to run and secure the service.

Data residency

Tenant data is stored and processed in Canada (Supabase ca-central-1, Vercel yul1). The only exception is AI inference, which — when enabled — sends redacted prompts to Anthropic in the United States; see the sub-processor list.

How we use it

To provide the platform, isolate each tenant, maintain a tamper-evident audit trail, enforce security and rate limits, and — where enabled — produce AI assistance. We do not sell personal information.

Your rights

Workspace administrators can export a full copy of their data and permanently erase the workspace from Settings (right to access and erasure). For other requests about personal information, contact us.

Security

Tenant isolation is enforced at the database with row-level security; every privileged action passes a single audited gateway; the audit trail is hash-chained and tamper-evident. High-risk identifiers are redacted before any outbound AI call.