Policies

Privacy, security, data processing, and accessibility for Trellis LLC.

Security Measures and Data Flow

This document describes Trellis LLC security controls and how data flows through our platform and AI providers based on the current implementation.

Architecture Overview

  • Next.js App Router with React Server Components.
  • Authentication and session via Supabase SSR using httpOnly cookies.
  • Application data in Postgres (managed) accessed via Prisma.
  • Retrieval-Augmented Generation (RAG): OpenAI Embeddings; embeddings and source chunks stored in Postgres.
  • AI text generation: Anthropic (primary), OpenAI (fallback), and Groq (OpenAI-compatible) for some paths.

Data Categories

  • Account metadata for staff users (email, name, role, school).
  • Observation/evaluation content including free-text notes and summaries.
  • RAG/chat content and derived embeddings.

We do not intentionally collect student personal information. Staff are advised to avoid including student PII in free-text fields.

Security Controls

Encryption in transit (TLS) and at rest (managed Postgres defaults).

Strict session handling via Supabase SSR; cookies set as httpOnly, sameSite=lax, secure in production.

Role-based access control enforced at application level.

Content Security Policy limiting external connections to Supabase, Anthropic, OpenAI, and Groq; clickjacking and referrer protections enabled.

Secret management via environment variables; least-privilege access for operators.

Rate limiting on sensitive API routes where applicable.

Data Flow to AI Providers

When a staff user invokes enhancement or evaluation features, the Service may send relevant free-text input and minimal context to AI providers to generate outputs. The following apply:

Anthropic (Claude)

Primary provider for generation; prompts may include staff-entered notes. Outputs (e.g., enhanced notes) may be stored in Postgres.

OpenAI

Fallback for generation and used for embeddings. Only necessary text is sent to obtain embeddings or generation outputs.

Groq

OpenAI-compatible provider used on certain generation paths.

The application does not implement third-party prompt logging; however, providers may process data per their own policies and DPAs.

Retention and Deletion

  • Data retained for the duration of the LEA relationship or as required by law.
  • Upon verified LEA request, Trellis will delete or return data within a commercially reasonable timeframe, subject to provider backups.

Incident Response

  • We maintain procedures for detection, investigation, containment, and notification.
  • LEA will be notified without undue delay upon confirmation of a breach affecting Student Data.

Vulnerability Management

  • Regular maintenance updates and dependency management.
  • Security headers enforced via middleware (CSP, X-Frame-Options, Referrer-Policy, Permissions-Policy).

Contact

For security inquiries, contact Trellis LLC at:

[CONTACT_EMAIL]