Tenth Man logo Access Terminal

TENTH MAN

Privacy Policy

Effective Date: January 17, 2026

This Privacy Policy describes how Tenth Man ("Company," "we," "us," or "our") collects, uses, stores, and protects information in connection with the Tenth Man application, APIs, and related services (the "Service"). By using the Service, you agree to this Privacy Policy.

1. Scope

This Privacy Policy applies to account holders, end users, API users, and website visitors. It does not apply to third-party websites linked through the Service.

2. Information We Collect

A. Account Information

When you create an account, we may collect your name, email address, organization name, plan tier, and billing information. Payment information may be processed by third-party payment processors. We do not store full payment card details.

B. User-Submitted Decision Inputs

When you use the Service, we store the following inputs you submit:

  • Decision prompts and questions
  • Memory declarations (see §3 for special handling)
  • Follow-up context
  • Uploaded documents and files, including PDFs and contracts (see §4 for special handling)
  • API request payloads
  • Web evidence query inputs

These inputs may include business-sensitive, confidential, or proprietary information. You are responsible for ensuring you have the right to submit such information and that doing so does not violate any confidentiality obligations owed to third parties.

C. Memory Declarations

Memory declarations are a distinct category of user-submitted content. When running a follow-up decision, you are required to explicitly declare: assumptions carried forward from the prior decision; new information added; objections claimed as resolved; and objections still open.

Memory declarations are treated differently from other inputs because:

  • They are stored verbatim and never modified or interpreted by the system.
  • They are permanently associated with the decision artifact they accompany as an immutable provenance record.
  • They are treated as authoritative statements of continuity, not as conversational context.
  • They cannot be retroactively amended once a decision run completes.

You are solely responsible for the accuracy and completeness of all memory declarations submitted. Inaccurate declarations are stored as submitted and will be reflected in the associated decision artifact.

D. Generated Decision Artifacts

The Service generates and stores structured artifacts as a function of its operation. These include:

  • Decision artifacts: Full agent outputs from the Strategist, Skeptic, and Synthesizer, including recommendations, critiques, confidence scores, and risk assessments.
  • Rerun provenance artifacts: Records of follow-up decision runs, including prior decision ID, lineage mode, and verbatim memory declaration.
  • Comparison artifacts: Mechanical diffs between two decision artifacts, including recommendation deltas, confidence deltas, and integrity flags.
  • Classification artifacts: Derived metadata describing decision origin, lineage, and structural properties.
  • Skeptic engagement artifacts: Quantitative analysis of lexical overlap between Strategist arguments and Skeptic critique.
  • External evidence snapshots: Frozen records of third-party web content retrieved during a decision run (see §E below).

E. External Web Evidence Snapshots

When web evidence retrieval is enabled, we retrieve third-party web content and store immutable snapshots. Each snapshot may include the source title, URL, domain, snippet text, access timestamp, and the query used to retrieve it. Snapshots are frozen at retrieval time and are not updated to reflect subsequent changes in the underlying source.

We do not control third-party content and do not verify its accuracy. Web evidence retrieval is an optional feature and does not occur unless explicitly enabled for a given decision run.

F. Uploaded Documents and Files

If you upload documents or files through the document ingestion pipeline (including PDFs, contracts, structured data files, or other attachments), the following applies:

  • Uploaded file content is processed to extract text for use as evidence input to the decision engine.
  • Extracted content may be stored as part of the associated decision artifact or evidence record.
  • Uploaded files may contain personally identifiable information, legally privileged communications, or third-party confidential information. You are responsible for ensuring you are authorized to upload and process such content through the Service.
  • The Service does not verify the provenance, accuracy, or legal status of uploaded content.

G. Telemetry and Operational Logs

We collect operational telemetry to maintain and improve the Service. This may include request timestamps, response times, model call durations, timeout counts, plan usage counts, error states, evidence retrieval outcomes, and risk profile classifications assigned during decision runs.

Risk profile classifications and evidence retrieval metadata are behavioral signals derived from your use of the Service. They are retained for reliability, abuse detection, debugging, capacity planning, fraud prevention, and billing enforcement. They are not used for advertising.

H. Technical Data

We may automatically collect IP address, browser type, device type, operating system, usage metadata, and cookies or similar technologies.

3. Immutability and the Audit Trail

The Service is built on an append-only artifact architecture. This is a deliberate design principle, not a technical limitation. The practical consequences for your data are:

  • Decision artifacts, rerun provenance records, comparison artifacts, and evidence snapshots are write-once. Once generated, they are not modified by the system.
  • Memory declarations are stored exactly as submitted and cannot be amended after a decision run completes.
  • Each artifact carries a canonical decision ID and creation timestamp, forming an auditable, tamper-evident record of what the system produced and what you declared.
  • Indexes and derived metadata may be rebuilt from artifacts but cannot alter artifact content.

This architecture exists to ensure that decision outputs are trustworthy, auditable, and resistant to retroactive alteration. It means, however, that certain data submitted through the Service cannot be fully deleted or amended after the fact. See §7 (Data Deletion) for details.

4. AI Model Processing

To generate decision outputs, we transmit user inputs to AI model providers. The current model configuration uses third-party AI providers including OpenAI and Anthropic. Each agent in the three-agent architecture may use a different provider or model.

We take reasonable steps to ensure contractual data protection commitments with model providers, including commitments that your data is not used to train provider models where provider terms permit such commitments. However, third-party AI providers operate under their own terms of service, privacy policies, and legal frameworks, which govern their handling of transmitted data independently of this Policy.

We will provide notice of material changes to the AI providers used in the Service. If provider-level data handling is material to your use case, you should review the current provider terms directly. Contact us at chris@tenthman.ai to request information about current model providers.

5. How We Use Information

We use collected information to provide and operate the Service, generate decision outputs, enforce plan limits, maintain system integrity, detect abuse or misuse, improve reliability, comply with legal obligations, and protect our legal rights.

We do not use user-submitted content for advertising. Unless explicitly stated otherwise in a separate agreement, we do not sell personal data.

6. Data Retention

We retain data for as long as necessary for account maintenance, artifact traceability, system integrity, legal compliance, and dispute resolution.

Immutable artifacts — including decision artifacts, rerun provenance records, comparison artifacts, and evidence snapshots — may be retained indefinitely as part of the audit trail unless you close your account and request deletion, or legal retention obligations require continued storage.

Operational logs may be retained for security and audit purposes on a schedule determined by our data retention policy.

7. Data Deletion

You may request deletion of account information and stored decision artifacts. However, because the Service is built on an append-only architecture, deletion requests are subject to the following constraints:

  • Certain artifacts are structurally immutable and cannot be selectively deleted without compromising the integrity of the audit trail. Full deletion of artifact data may require account closure.
  • Memory declarations stored as part of rerun provenance records cannot be amended after a decision run completes. Deletion of the associated artifact may be possible subject to account closure procedures.
  • System-level operational logs may not be fully deletable due to integrity and fraud prevention requirements.
  • Deletion requests may be limited where legal obligations require retention, ongoing disputes exist, or fraud prevention requires preservation.

To submit a deletion request, contact: chris@tenthman.ai. We will acknowledge your request and describe what can and cannot be deleted given the above constraints.

8. Data Security

We implement reasonable administrative, technical, and organizational safeguards designed to protect information against unauthorized access, alteration, disclosure, or destruction. However, no system is completely secure, and we do not guarantee absolute security. You are responsible for safeguarding your credentials and for ensuring that access to your account is appropriately controlled within your organization.

9. International Transfers

Your data may be processed in jurisdictions outside your country of residence, including by third-party AI model providers. We take reasonable steps to ensure lawful transfer mechanisms where required by applicable law.

10. Business Transfers

If the Company is involved in a merger, acquisition, asset sale, or similar transaction, your information may be transferred as part of that transaction. We will provide notice of any such transfer where required by applicable law. Continued use of the Service following a business transfer constitutes acceptance of the successor entity's privacy practices, subject to any notice provided.

11. Regulatory and Sector Limitations

The Service is not certified for HIPAA compliance, FDA-regulated medical systems, FINRA-regulated trading systems, or government classified systems. If you require sector-specific compliance commitments, a separate enterprise agreement may be necessary. Contact us at chris@tenthman.ai to discuss enterprise data handling arrangements.

12. Children

The Service is not directed to children under 18. We do not knowingly collect personal data from minors.

13. Your Privacy Rights

Depending on your jurisdiction, you may have rights to access personal data, correct inaccurate data, request deletion, restrict processing, data portability, and object to certain processing. To exercise these rights, contact: chris@tenthman.ai. We may require identity verification before processing requests. Note that certain rights may be limited by the append-only architecture described in §3 and §7.

14. Cookies and Tracking

We may use cookies or similar technologies to maintain sessions, authenticate users, analyze usage, and improve reliability. You may adjust browser settings to manage cookies, though doing so may affect Service functionality.

15. Changes to This Policy

We may update this Privacy Policy. Where changes are material, we will provide notice via email or in-product notification. Continued use after changes constitutes acceptance of the revised Policy.

16. Contact

For privacy inquiries, deletion requests, or questions about AI model providers:
chris@tenthman.ai