Privacy Policy

1. Introduction

Deception TRACER LLC (“Company,” “we,” “us,” or “our”) operates the TRACER platform, a web-based AI-powered linguistic analysis service. This Privacy Policy describes how we collect, use, store, protect, and disclose information when you use our website, platform, and services (collectively, the “Service”).

By accessing or using the Service, you acknowledge that you have read, understood, and agree to the practices described in this Privacy Policy. If you do not agree, please do not use the Service.

2. Who We Are

Deception TRACER LLC is a limited liability company organized under the laws of the State of Michigan, United States of America. For the purposes of applicable data protection laws, including the GDPR and UK GDPR, we act as the data controller for account registration information and as a data processor for Input Data submitted by Users for analysis.

3. Information We Collect

3.1 Account Registration Information

When you create an account, we collect: full name, email address, and organization or agency name. We do not collect phone numbers, physical addresses, demographic information, or any other personal identifiers beyond those listed.

3.2 Payment Information

Payment is processed through Stripe, Inc. We do not collect, store, process, or have access to your full credit card number or other sensitive financial information. We receive only a transaction confirmation, the last four digits of your payment method, and billing metadata necessary for our records.

3.3 Input Data (Transcripts and Case Information)

When you use the Service, you submit Input Data which may include interview transcripts, written statements, case metadata, baseline information, known truths, known lies, and evidence. We handle Input Data as follows:

• No permanent storage of originals: Original transcripts and source documents are never permanently stored. Input Data is processed and not retained after processing is complete.
• Transient processing only: Input Data exists in our systems only for the duration necessary to complete the analysis.
• Third-party processing: Input Data is transmitted to Anthropic, PBC for processing through the Claude large language model.

3.4 Generated Outputs (Reports)

Generated Outputs are stored temporarily for a retention period chosen by you. You have the ability to immediately and permanently delete any Output at any time. Once deleted, it is permanently removed and cannot be recovered. You own all Outputs generated by the Service.

3.5 Information We Do NOT Collect

• Personal data about the subjects of analyzed transcripts
• Biometric data of any kind
• Location data or geolocation information
• Device fingerprints or browser identifiers for profiling
• Behavioral or usage analytics data
• Cookie-based tracking data (we do not use cookies)
• Data from third-party data brokers or aggregators

4. How We Use Your Information

4.1 Providing the Service

To create and manage your account, authenticate your identity, process your Input Data and generate Outputs, and process payments.

4.2 Communication

To send service-related notices including account confirmations, security alerts, billing notifications, and policy updates. To respond to your inquiries or feedback.

4.3 Legal Compliance and Protection

To comply with applicable legal obligations, protect the rights and safety of the Company and Users, and enforce our Terms of Service.

4.4 Purposes We Do NOT Pursue

We do not use your information for marketing or advertising, profiling or automated decision-making, selling or renting to third parties, or training AI models beyond the transient processing required for your specific analysis request.

5. Cookies and Tracking Technologies

We do not use cookies, web beacons, pixel tags, tracking scripts, browser fingerprinting, or any other tracking technologies on our website or within the Service. We do not deploy first-party or third-party analytics tools to monitor your browsing behavior. If we change this practice in the future, we will update this Privacy Policy and, where required by law, obtain your consent before deploying any tracking technologies.

6. Data Sharing and Disclosure

6.1 No Sale of Data

We do not sell, rent, lease, trade, or otherwise transfer your personal information, Input Data, or Outputs to any third party for monetary or other valuable consideration.

6.2 Third-Party Service Providers

We share limited information with the following categories of providers, solely to operate the Service:

• Payment Processor (Stripe, Inc.): Receives payment information directly from you. We do not have access to your full payment credentials.
• Third-Party AI Provider (Anthropic, PBC): Receives Input Data for processing through the Claude large language model.
• Cloud Hosting Provider: Maintains physical and network security of our servers but does not access or analyze User data.

6.3 Legal Requirements

We may disclose your information if required by law, subpoena, court order, or governmental request, or to protect the rights, property, and safety of the Company, our Users, and the public.

6.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred. We will notify you of any change in ownership or uses of your information.

7. Third-Party AI Processing (Anthropic, PBC)

7.1 What Data Is Transmitted

When you submit Input Data for analysis, the text content of your submission is transmitted to Anthropic's API for processing. This transmission is necessary to perform the linguistic analysis that constitutes the core function of the Service.

7.2 How Anthropic Handles Data

According to Anthropic's published policies: data submitted through the API is not used to train Anthropic's models, and API inputs and outputs are retained for a limited period for trust and safety purposes, after which they are deleted. We encourage you to review Anthropic's privacy policy directly for the most current information.

7.3 Data Minimization

We transmit only the data necessary for the specific analysis being performed. We do not transmit your account registration information (name, email, organization) to Anthropic as part of the analytical pipeline.

8. Data Security

We implement commercially reasonable technical and organizational measures including encryption of data in transit using TLS/SSL, access controls limiting data access to authorized personnel, secure authentication mechanisms, and regular review of security practices.

No method of electronic transmission or storage is completely secure. We cannot guarantee the absolute security of your information. Because Users control the retention period for generated Outputs and have immediate deletion capability, you bear responsibility for the security of any Output you choose to retain, download, or store outside the Service.

9. Data Retention

• Account Information: Retained while your account is active; deleted within 30 days of account deletion or termination.
• Input Data: Not permanently stored. Processed transiently and not retained after analysis is complete.
• Generated Outputs: Retained for the period you select. You may delete any Output immediately. Remaining Outputs deleted within 30 days of account termination.
• Payment Records: Retained for the period required by applicable tax and financial reporting laws, typically seven (7) years.

10. Your Rights

10.1 Rights Available to All Users

Access, Correction, Deletion, Data Portability, and Objection rights — contact us at sdinaro@gmail.com to exercise any of these.

10.2 Additional Rights for EEA, UK, and Swiss Users (GDPR/UK GDPR)

You have rights to restriction of processing, withdrawal of consent, and to lodge a complaint with your local data protection supervisory authority. We process your personal information on the following legal bases: (a) performance of a contract; (b) legitimate interests; and (c) compliance with legal obligations.

10.3 Additional Rights for California Residents (CCPA/CPRA)

Right to Know, Right to Delete, Right to Non-Discrimination, and Right against Sale of Personal Information. We do not sell personal information and do not share it for cross-context behavioral advertising.

10.4 Additional U.S. State Privacy Rights

Residents of states with comprehensive privacy laws (Colorado, Connecticut, Virginia, Utah, Texas, Oregon, Montana, Iowa, Indiana, Tennessee, and others) may have similar rights. We will honor these rights in accordance with applicable state law.

11. International Data Transfers

The Service is operated from the United States. If you are located outside the United States, your information will be transferred to, stored, and processed in the United States. For EEA, UK, or Swiss users, we rely on Standard Contractual Clauses or other approved transfer mechanisms as applicable.

12. Children's Privacy

The Service is designed for enterprise and organizational use and is not directed at individuals under the age of eighteen (18). We do not knowingly collect personal information from children under 18. If you believe a child under 18 has provided us with personal information, please contact us at sdinaro@gmail.com.

13. Automated Decision-Making and Profiling

TRACER uses artificial intelligence to perform linguistic analysis of submitted text. This constitutes automated analysis of text content, not automated decision-making about individuals in the legal sense. TRACER does not make any decisions about individuals — it produces analytical observations about linguistic patterns. Any decision based on TRACER's Outputs is made by the User, not by the Service.

14. Controlled Unclassified Information (CUI)

TRACER processes Controlled Unclassified Information (CUI) as defined by 32 CFR Part 2002. All CUI is handled in accordance with NIST SP 800-171 Rev 2 requirements. CUI is encrypted in transit (TLS 1.2+) and at rest (AES-256), and access is restricted to authenticated, authorized users. For questions about CUI handling, contact the System Owner at sdinaro@deceptiontracer.com.

15. Processing of Sensitive Data

We recognize that Input Data may contain sensitive information related to criminal investigations, employment matters, or personal statements. We treat all Input Data with the highest level of confidentiality. We do not request or require Users to submit data revealing racial or ethnic origin, political opinions, religious beliefs, health data, or other special categories. If such data is incidentally included in a transcript, it is processed transiently and not extracted, categorized, or stored for any other purpose.

16. Do Not Track Signals

Because we do not use cookies, analytics, or any tracking technologies, the Service inherently respects Do Not Track (DNT) and Global Privacy Control (GPC) signals. There is no tracking to disable.

17. Third-Party Links and Services

The Service may contain links to third-party websites or services. We are not responsible for their privacy practices. This Privacy Policy applies only to the Service operated by Deception TRACER LLC.

18. Changes to This Privacy Policy

When we make material changes, we will update the Effective Date, post the revised policy on our website, and make reasonable efforts to notify you via the email address associated with your account. Your continued use of the Service after changes constitutes acceptance of the revised policy.

19. Data Protection Inquiries

All data protection inquiries, privacy-related questions, complaints, and requests to exercise your rights should be directed to:

We will respond to all privacy inquiries within thirty (30) days, or within the timeframe required by applicable law.

20. Governing Law

This Privacy Policy shall be governed by and construed in accordance with the laws of the State of Michigan, United States of America, except where superseded by applicable mandatory data protection laws such as the GDPR or UK GDPR.

21. Contact Us