Security & data controls

Designed for the hesitation, not against it.

Most owners pause before sharing financial or customer data with a new vendor. Summit Signal is built so that pause is honored: defaults are restrictive, every level above the default is opt-in, and you control what we see and how long we hold it.

Controlled by design

We ask for the least data that produces a useful insight.

Most owners hesitate to connect sensitive systems to a new vendor. Summit Signal is designed for that hesitation, not against it.

Upload-only by default: You provide the data we analyze. No system credentials. No deep integrations required to begin.
Upload path first; scoped access only when needed: Most diagnostics start from CSV or XLSX exports. When read-only system access is part of the engagement, it is scoped to the diagnostic and revoked at the end.
No write-back without explicit authorization: We do not modify your invoices, your customer records, or your CRM. Ever, by default.
Audit logs on every action: Every file uploaded, every analyst review, every report generation is logged with actor and timestamp.
Findings are human-reviewed: AI assists analysis. A Summit Labs analyst reviews and approves every finding before it reaches your report.
Your data is not used to train AI models: Anthropic's commercial terms confirm customer data is excluded from training. We pass that commitment to you.
Delete-on-request: You can request deletion at any time. Client data is removed through a documented process, while audit records needed for legal and operational integrity are retained separately.

AI governance

The AI is implementation detail, not a marketing claim.

AI assists, doesn't decide: Numbers come from structured calculations and analyst review against your uploaded data - never from the model inventing metrics. AI assists with narrative, recommendations, and explanations.
Every finding cites its data: Each published finding includes the metric and the record set behind it. If a number appears in the body, review traces it back to source data before delivery.
Human review before publication: An analyst reviews every finding. Confidence is set explicitly. Findings without sufficient evidence are demoted to 'area for review' rather than presented as confirmed.
No model training on your data: Anthropic's commercial terms exclude customer data from training. We pass that contractual commitment to you.
Hedged language, never overpromise: Findings use calibrated language, not false certainty. Estimates carry ranges, never single-point savings claims.

Your data, your rights

Modeled around GDPR / CCPA-style access, correction, portability, and deletion rights.

Right to access: Authenticated clients can request an export of retained files, normalized records, findings, and reports from the portal. Summit Labs still reviews the scope before releasing a downloadable artifact.
Right to portability: Request a portable export at any time. Summit Labs confirms the scope and format before releasing retained data, file copies, and delivered report artifacts.
Right to deletion: Request deletion at any time. We confirm scope, remove retained client files and diagnostic records manually, and preserve only the minimum audit records required for operational accountability.
Right to correction: Re-upload corrected files at any point. Mappings revalidate; analysis can be re-run on request.

A complete list of data subprocessors and optional vendors (Vercel, Supabase, Clerk, Anthropic, Resend, Stripe when applicable, Calendly, Sentry when enabled, PostHog) is published in our Privacy Policy. A signed Data Processing Agreement is available on request - see the DPA link in the footer.