Data residency

LLM contract analysis — overview, clause extraction, risk assessment, chat responses.

Data

• Pattern-redacted contract text (PII replaced with ⟦KIND_N⟧ tokens before leaving the browser)
• Analysis prompts in the user's selected UI language (EN, FR, DE, NL, ES, IT) — Mistral is multilingual by training and processes every supported locale natively; no translation service is involved

Legal basis

GDPR Art. 6(1)(b) — performance of a contract

Notes

Default LLM provider. Model pinned to mistral-small-latest (snapshot mistral-small-2603). Mistral La Plateforme runs in the EU, no transfer outside the EU/EEA for either the contract text or the analysis prompts, regardless of the UI language the user has selected.

Policies

Privacy Policy·Data Processing Addendum

Frontend hosting and edge delivery of the Next.js app.

Data

• HTTP request metadata (IP, user-agent) for the duration of the request

Legal basis

GDPR Art. 6(1)(f) — legitimate interest (site delivery)

Notes

Edge hosting only. Contract text is never persisted by Vercel — analysis calls are forwarded to Mistral and responses stream back through the same request.

Policies

Privacy Policy·Data Processing Addendum

Backend hosting (FastAPI) for file upload, OCR, and PDF export.

Data

• Uploaded contract files during processing
• Extracted contract text before redaction (server-side parser only)

Legal basis

GDPR Art. 6(1)(b) — performance of a contract

Notes

Contract text is held in memory during the upload → parse → return cycle and then discarded. Not logged, not stored on disk beyond the request lifecycle.

Policies

Privacy Policy·Data Processing Addendum

Managed Postgres for saved analyses, magic-link sessions, and clause embeddings.

Data

• User email (if you sign in)
• Saved analyses and their provenance metadata
• Session identifiers

Legal basis

GDPR Art. 6(1)(b) — performance of a contract (for saved analyses) and Art. 6(1)(f) — legitimate interest (for session management)

Notes

Only used when the backend DATABASE_URL env var is set. In the zero-backend-state configuration Redline runs without Neon and no personal data is persisted. Saved analyses are auto-deleted after 30 days (SP-5 retention) unless the user pins them.

Policies

Privacy Policy·Data Processing Addendum

Transactional email — magic-link sign-in.

Data

• User email address
• One-time sign-in link

Legal basis

GDPR Art. 6(1)(b) — performance of a contract

Notes

Only used when the backend RESEND_API_KEY env var is set. Email addresses are sent to Resend solely to deliver the sign-in link and not used for marketing.

Policies

Privacy Policy·Data Processing Addendum

Cross-encoder reranker — reorders the top-20 chat-context candidates by semantic relevance to the user's question.

Data

• User chat question (one per reranker call)
• Pattern-redacted clause text for the top-20 candidates from the hybrid retriever

Legal basis

GDPR Art. 6(1)(b) — performance of a contract

Notes

Only used when the frontend JINA_API_KEY env var is set. In the zero-config default Redline skips reranking entirely and the chat context is served from the BM25 + cosine hybrid retriever alone. Redaction runs before the rerank call — no unredacted PII is sent to Jina.

Policies

Privacy Policy·Data Processing Addendum