Privacy · Last updated May 12, 2026
What we collect, what we use it for, and what we never do.
Prism is an AI co-pilot for benefits consultants. Consultants upload plan documents, claims data, and carrier reports, then ask Prism to draft analyses. This page explains how that data is handled.
1 · Who we are
Prism is operated by Haun Lab (Chicago, Illinois). For any privacy question, write to taylor@haunlab.com. The product is in private beta with two consulting practices.
2 · What we collect
- Authentication data. When you request a sign-in link, we store your email and a single-use magic-link token. After you sign in, an HMAC-signed session cookie is set in your browser. The session expires after 8 hours.
- Client documents you upload. Plan documents (PDF), claims data (CSV), carrier reports. Stored in the Vault, scoped to the client engagement you upload them under.
- Conversations and artifacts. Chat messages, workflow runs, and generated artifacts you create.
- Audit log. Every upload, run, and export is written to an audit table: who, when, what action. Used for security review and our SOC 2 evidence trail.
We do not run third-party analytics, ad pixels, or session replay on this site or in the application.
3 · De-identification
This is the part we built first. When you upload a CSV that may contain member-level identifiers (names, SSNs, dates of birth, member IDs, addresses, phone numbers, ZIP codes, email addresses), Prism inspects the columns server-side, flags them, and shows you a diff. After you confirm, the identifying columns are stripped before the file is saved. The raw upload is discarded.
PDFs and plan-design files bypass this step because they are not expected to carry member-level PII. If you upload a PDF with embedded PII, it is treated as untrusted content but not auto-stripped.
Prism never sends raw member-level identifiers to the AI model. This is enforced in the upload pipeline before storage.
4 · Sub-processors
Prism is a small product running on a small stack. The vendors below process data on our behalf:
- Anthropic. Claude (Sonnet 4.6, Opus 4.7, Haiku 4.5) for chat and workflow inference. Receives de-identified content only.
- Google. Gemini 2.5 (Pro and Flash), wired in as a second AI provider for select use cases. Receives de-identified content only.
- Voyage AI. Embedding and reranking for the published-benchmark retrieval layer. Operates on the industry corpus, not on customer documents.
- Vercel. Hosts the application. Vercel Blob stores uploaded vault files.
- Neon. Serverless PostgreSQL. Stores users, clients, vault metadata, artifacts, conversations, and the audit log.
- Resend. Sends magic-link sign-in emails.
- Doppler. Secret management. Holds API keys; does not see customer data.
None of these vendors train AI models on our traffic, per their published API terms. We will update this list when sub-processors change.
5 · How long we keep your data
- Vault files. Kept until you delete them. Nothing auto-expires in v1.
- Artifacts. Kept until you delete them. Versions are preserved via the parent-artifact chain so you can roll back.
- Audit logs. Kept indefinitely. They are part of our security evidence.
- Magic-link tokens. Single use; deleted on verification or after 15 minutes, whichever first.
- Session cookies. Expire after 8 hours. HttpOnly, SameSite=lax.
6 · What we never do
- We do not sell or rent your data.
- We do not train AI models on your data.
- We do not store raw member-level PII server-side after de-identification.
- We do not share data with third parties beyond the sub-processors named above.
7 · Your rights
Write to taylor@haunlab.com to request:
- A copy of any data we hold about you.
- Deletion of your account and all associated data.
- Correction of any inaccurate data.
We respond within 7 days.
8 · Cookies and security
We use a single HMAC-signed session cookie for sign-in. No tracking, advertising, or analytics cookies are used.
All traffic is HTTPS. Magic-link tokens are single-use. Magic-link requests are rate-limited per IP. Every state-changing API call requires a same-origin check (Origin header verification on top of SameSite=lax). The project is tracking toward SOC 2 Type II and uses OWASP ASVS Level 2 as a design target.
9 · Changes to this policy
When this policy changes, we update the date at the top. Material changes are emailed to allowlisted users before they take effect.
10 · Contact
taylor@haunlab.com. Haun Lab, Chicago, Illinois.