Privacy commitments for Anchrix customers.

This policy explains what data we process, why we process it, and how we support privacy and security controls.

Privacy summary

High-level principles for data handling across Anchrix services.

We process customer data needed to run payout workflows, policy checks, investigations, and support operations.

Access is constrained by organization scope and role boundaries to reduce unnecessary data exposure.

Key actions are recorded to support auditability, reliability, and incident analysis.

Privacy questions and requests are handled through the contact channels listed on this page.

Examples of data types processed by Anchrix and the purposes they serve.

Data category	Examples	Purpose
Account and profile data	Name, work email, role, organization membership metadata	Authenticate users, enforce permissions, and support workspace administration
Workflow and transaction data	Batch records, payout row fields, policy outcomes, route decisions, disposition notes	Execute compliance workflows and provide investigation and approval tooling
Operational and audit data	Action timestamps, actor identifiers, status transitions, generated artifact metadata	Support traceability, governance review, debugging, and system integrity
Usage and diagnostics data	Service logs, request metadata, error traces, performance telemetry	Monitor reliability, detect abuse, and improve product performance

Section-by-section details for operational and legal review.

This Privacy Policy explains how Anchrix handles data in connection with the Anchrix web application, APIs, and related support activities.

This policy applies to customer and user data processed when using Anchrix services.
Commercial agreements and executed data-processing terms may include additional obligations.
Policy updates are posted on this page with revised effective dates.

Data collection is scoped to what is needed to provide the service, secure the platform, and support customer operations.

Customer-submitted workflow data is processed according to product functionality and account configuration.
Account data is used to manage identity, authentication state, and access boundaries.
Operational telemetry is used for reliability and incident response.

We use processed data to deliver services, enforce controls, improve reliability, and provide customer support.

Run policy evaluation, routing, investigation, and approval workflows requested by customers.
Maintain service availability, performance, and abuse protection.
Generate records and exports that support compliance and operational review.

We do not sell customer data. Data may be shared with service providers strictly to operate and support the platform.

Service providers may process limited data on our behalf under contractual and security obligations.
Data may be disclosed when required by applicable law or valid legal process.
Shared data is limited to the minimum necessary for the relevant purpose.

Anchrix applies technical and operational safeguards to protect confidentiality, integrity, and availability of service data.

Role-based access controls and organization scoping are enforced in product workflows.
Operational events are captured to support traceability and incident review.
Security controls continue to evolve with product and infrastructure requirements.

Retention depends on service functionality, contractual obligations, and legal or operational requirements.

Data is retained for as long as needed to provide services and satisfy legitimate business obligations.
Retention windows may differ by data type, account plan, and customer agreement terms.
Deletion and export requests are handled through support and legal channels where applicable.

Users and customers may submit privacy-related inquiries regarding access, correction, export, or deletion requests.

Requests are evaluated in the context of account role, contractual terms, and legal requirements.
Some requests may require verification and may be limited where legal exceptions apply.
For organization-managed accounts, requests may be coordinated with your account administrators.

For privacy requests, questions, or concerns about this policy, contact the Anchrix privacy team.

Privacy outcomes depend on both platform controls and customer governance choices.

Area	Anchrix	Customer
Workspace access control	Provides role model and org-scoped permission enforcement.	Assigns least-privilege roles and maintains member lifecycle hygiene.
Workflow data governance	Processes uploaded records to execute configured product workflows.	Determines what data to submit and validates legal basis for processing.
Data retention strategy	Supports records and export capabilities within platform constraints.	Defines retention periods and downstream archival/compliance obligations.
Privacy request handling	Provides request intake channels and operational review process.	Coordinates internal approvals for organization-managed account requests.

Privacy requests

Contact privacy@anchrix.com for access, correction, export, or deletion. For security: security@anchrix.com