Last updated: 1/25/2026
This Data Protection Addendum ("Addendum") forms part of the agreement between Strongwall.ai, Inc. ("Strongwall", "we", "us") and the customer or user ("Customer", "you") governing the use of Strongwall's services (the "Services").
This Addendum describes how Strongwall handles data in connection with the Services and reflects Strongwall's privacy-by-design architecture.
1. Scope and Purpose
This Addendum applies to the processing of personal data, if any, in connection with the Services.
Strongwall's Services are designed to minimize or eliminate the retention of personal data. Where personal data is processed, it is processed only as necessary to provide the Services and in accordance with this Addendum.
2. Definitions
For purposes of this Addendum:
- "Personal Data" means any information relating to an identified or identifiable natural person, as defined under applicable data protection laws.
- "Processing" means any operation performed on Personal Data, including access, use, transmission, or deletion.
- "Controller" and "Processor" have the meanings given under applicable data protection laws (including GDPR, where applicable).
3. Roles of the Parties
Depending on the context of use:
- The Customer acts as the Controller of Personal Data submitted to the Services.
- Strongwall acts as a Processor solely to provide the Services.
- Strongwall does not act as a data controller with respect to user-generated content processed through the Services.
4. Data Processing Principles
Strongwall processes data in accordance with the following principles:
- Data minimization – Processing only what is necessary to provide the Services
- Purpose limitation – Data is not reused for unrelated purposes
- No training on customer data – User inputs are not used to train models
- No long-term retention – Conversations and prompts are not stored beyond transient processing
Where technically feasible, processing occurs ephemerally and without persistent storage.
5. Nature of the Data Processed
Depending on customer usage, data processed may include:
- Text prompts and responses
- Documents or content submitted by the user
- Account-related metadata (limited and operational)
Strongwall does not require customers to submit personal data to use the Services.
6. Data Retention and Deletion
Strongwall's architecture is designed to avoid long-term data retention.
- User inputs and outputs are processed transiently
- No persistent storage of conversations by default
- No reuse of customer data for analytics, profiling, or training
Where operational logs are required for security or reliability, such logs are:
- Minimal
- Short-lived
- Not linked to user content
7. Security Measures
Strongwall implements reasonable and appropriate technical and organizational safeguards designed to protect data against unauthorized access, disclosure, alteration, or destruction.
These measures include, but are not limited to:
- Encryption in transit
- Access controls
- Infrastructure isolation
- Least-privilege operational practices
Security controls are continuously reviewed and improved.
8. Subprocessors
Strongwall may engage subprocessors solely as necessary to operate the Services (e.g., infrastructure providers).
Strongwall ensures that any subprocessors are bound by data protection obligations consistent with this Addendum.
A current list of subprocessors may be made available upon request.
9. International Data Transfers
Where applicable, Strongwall takes reasonable steps to ensure that international data transfers comply with applicable data protection laws.
Given Strongwall's minimal data retention model, cross-border data exposure is intentionally limited.
10. Data Subject Rights
To the extent applicable, Strongwall supports Customer obligations to respond to data subject requests (such as access or deletion).
Because Strongwall does not retain personal data long-term, many data subject requests may not be applicable in practice.
11. Audits and Compliance
Strongwall makes reasonable information available to demonstrate compliance with this Addendum upon written request, subject to confidentiality and security considerations.
12. Limitation
This Addendum applies only to data processed in connection with the Services and does not apply to data processed outside the scope of Strongwall's platform.
13. Contact
Questions regarding this Data Protection Addendum or Strongwall's data practices may be directed to:
- Email: privacy@strongwall.ai
14. Updates
Strongwall may update this Addendum from time to time to reflect changes in law or the Services. Material changes will be communicated appropriately.