Privacy-First Design
Privacy Policy
Last Updated: February 19, 2026
Effective Date: February 19, 2026
Overview
PAICE.work provides behavioral scoring based on human and AI interactions. We are committed to protecting your privacy and being transparent about how we handle your data.
What We Collect
Personal Information (Optional)
Email Address (Optional)
- Collected only if you choose to provide it for receiving assessment results
- Encrypted at rest using AES-128 encryption
- Used solely for sending your assessment results and PAICE.work service communications
- Can be deleted at any time upon request
We do NOT collect other PII:
- No names or contact information (beyond optional email)
- No IP addresses or device identifiers
- No demographic or location data
- No conversation content (disabled in production)
What we DO collect:
1. Anonymized Identifiers
Hashed User IDs and Session IDs (cryptographically hashed, cannot be reverse-engineered)
2. Assessment Data
- 1 aggregate PAICE score™
- 5 dimensional scores (Performance, Accountability, Integrity, Collaboration, Evolution)
- 20+ detailed subscore parameters
- Assessment tier classification
- All scores are numeric values only
3. Session Metadata
- Session start/end times
- Number of conversation turns
- Assessment completion status
- Note: No conversation content stored in production
How We Use Your Data
- Score Calculation: Generate your behavioral assessments
- Service Delivery: Enable your data exports and result sharing
- Email Communication: Send assessment results (only if you provided email)
- Research & Improvement: Analyze anonymized assessment patterns to improve scoring algorithms
- Analytics: Understand service usage through anonymized data
Data Storage & Security
Security Measures
- Email Encryption: All email addresses encrypted at rest using AES-128 (Fernet)
- Hashed Identifiers: User IDs and Session IDs cryptographically hashed (SHA-256)
- Secure Infrastructure: Industry-standard security practices for data storage and transmission
- Access Control: Data access restricted to authorized personnel only
- No Conversation Storage: Conversation content not stored in production environment
Data Retention
- Email Addresses: Retained until you request deletion
- Assessment Data: Retained indefinitely in anonymized form for research purposes
- Session Metadata: Retained indefinitely in anonymized form
- Conversation Content: Not stored in production (disabled by default)
Your Data Rights
Right to Access
- Export: Download your assessment scores (PDF)
- View: Access your results through the application
Right to Portability
- Share: Copy and share your results as you choose
- Download: Export in standard formats (JSON & CSV coming soon)
Right to Deletion (GDPR Article 17 / CCPA)
Request Deletion: Contact us at to request data deletion
Response Time: We will process your request within 30 days (GDPR) or 45 days (CCPA)
What Gets Deleted:
- Your email address (if provided)
- Your user account
- All personally identifiable information
What Gets Anonymized:
- Assessment scores (anonymized, cannot be linked back to you)
- Session metadata (anonymized, cannot be linked back to you)
Why Anonymization?
We retain anonymized assessment data for research and service improvement purposes, as permitted by GDPR Article 89 (research exemption). Once anonymized, this data cannot be linked back to you and is no longer considered personal data under privacy regulations.
Confidential Mode (TEE Protection)
🔐 Hardware-Level Privacy Option
PAICE offers an optional Confidential Mode that provides hardware-level protection for your assessment conversations using Trusted Execution Environments (TEEs).
What TEE Protection Means:
- Your conversation runs inside isolated, encrypted hardware
- Even PAICE and the cloud provider cannot access your data during processing
- Protection is cryptographic and verifiable, not just policy-based
- Only your final PAICE score™ leaves the secure environment
How to Enable:
- Add
?s=confidentialto your assessment URL - Example:
paice.work/individual?s=confidential
Important Notes:
- Confidential Mode is non-reversible within a session (start a new session to return to standard mode)
- Assessment may be slightly slower due to TEE overhead
- Powered by NEAR AI Cloud infrastructure
📖 Learn more: Introducing Confidential Mode
Standard Mode continues to be secure by policy — we still don't store conversations or sell data. Confidential Mode is an additional option for users requiring the strongest possible guarantees.
Third-Party Services
AI Service Providers
PAICE uses multiple AI providers optimized for different tasks. Your conversation data is processed according to each provider's privacy policies:
Standard Mode:
- Anthropic Claude — Primary conversation AI (privacy policy)
- Google DeepMind — Gemini for detection tasks (privacy policy)
- OpenAI — GPT models for evaluation (privacy policy)
Confidential Mode (TEE-Protected):
- NEAR AI Cloud — All inference runs inside Trusted Execution Environments (TEE documentation)
In Confidential Mode, your conversation data is cryptographically protected by hardware — even PAICE cannot access it during processing. Learn more →
- MongoDB Atlas: Provides secure database infrastructure, see their privacy policy
- Render: Secure cloud hosting services (privacy policy)
We do not sell or share your personal data with any other third parties.
Cookies & Tracking
✅ Anonymous users — no cookies
If you use PAICE without creating an account, we set zero cookies. Session state, language preference, and banner dismissal are stored in your browser's localStorage only and are never transmitted to our servers.
🔐 Cookies for authenticated users
Creating an account uses a single authentication cookie to keep you signed in. Details in our cookie detail table below.
HttpOnly means this cookie cannot be read by JavaScript — it is only sent to our server on authenticated requests, protecting it from cross-site scripting attacks.
SameSite=Lax means it is not sent on cross-site requests, protecting against cross-site request forgery.
We do not use this cookie for advertising, analytics, or any purpose other than keeping you signed in.
Browser localStorage — language & session preference
The following items are stored in your browser's localStorage only and are never transmitted to our servers:
paice_language— your chosen UI language (e.g. "es" for Spanish)paice_locale_nudge_dismissed_at— timestamp recording when you dismissed the language suggestion banner (cleared automatically after 30 days)
You can clear these at any time via your browser's developer tools or site settings.
- Analytics: We use PostHog for anonymized usage analytics, configured to use localStorage (not cookies). PostHog respects your browser's Do Not Track setting and is automatically disabled in privacy-first browsers.
- No advertising cookies: We do not use advertising, retargeting, or tracking cookies of any kind.
🔒 Privacy Browser Protection
We automatically detect when your browser blocks our analytics service (PostHog). When blocked:
- ✅ All application features work normally
- ✅ No retry attempts are made
- ✅ No console errors or warnings
- ✅ Your privacy preferences are respected
Privacy-first browsers like Brave, Firefox with strict tracking protection, and others are fully supported. Our graceful degradation ensures you get the full PAICE experience regardless of your privacy settings.
Children's Privacy
PAICE.work is designed for professional use. We do not knowingly collect data from children under 13. If you believe a child has used our service, please contact us at .
Compliance
This privacy policy complies with:
- ✅ General Data Protection Regulation (GDPR)
- ✅ California Consumer Privacy Act (CCPA)
- ✅ Other applicable privacy regulations
Changes to This Policy
We may update this privacy policy as we develop the service. Material changes will be communicated via:
- Email notification (if you provided an email)
- Notice on the application
- Updated "Last Updated" date at the top of this policy
Contact Us
For privacy questions, data requests, or concerns: