Data & Privacy
Data & privacy.
What Prova stores, for how long, and how to control it. This page covers the control plane (the Audit Vault). The legacy reasoning verifier is a separate path, summarized at the bottom.
What we store
The signed receipt is the audit trail, so by design the receipt is stored. Each receipt is an AIDecisionEvent: the decision kind, source, the payload you send, any policy verdicts and detector findings, and the Ed25519 signature over all of it.
Receipt metadata (event id, kind, source, timestamp)
Identifies the AI decision and the app / run / framework it came from.
Receipt payload (the content of the decision)
The payload IS the audit trail. Send only what you need recorded; do not put secrets in payloads you do not want retained.
Policy verdicts + detector findings
What fired (loop, PII, injection, policy block) and the severity.
Ed25519 signature + key id
Required for the receipt to stay tamper-evident and offline-verifiable.
Caller metadata you provide
app_id, model name, run id, environment.
API key (raw)
Only a hash of your key is stored.
Operational + SLO logs
Per-request latency, ok/error, and admin self-audit events. No payload content.
Where it lives, and self-hosting
The managed offering stores data in Supabase (US region by default). EU data residency is available on the Enterprise plan. For full control, the self-hosted bundle (docker-compose / Helm, air-gapped supported) keeps every receipt inside your own perimeter, with nothing sent to Prova.
What Prova does NOT do
- ✓ Train any AI model on your receipts or payloads
- ✓ Share your data with third parties beyond the listed subprocessors
- ✓ Use your data for any purpose other than providing the service to you
- ✓ Store raw API keys (only hashes)
- ✓ Sell data or allow advertising targeting based on your content
Retention and deletion
Receipts are retained as your audit trail for as long as your account is active. Operational and SLO logs are retained on a rolling window. Account data is deleted within 30 days of account closure, and you can request deletion of your receipts at any time (self-hosted deployments give you direct control over retention and deletion).
Legacy verifier (separate path)
The original reasoning-chain verifier stores a certificate (verdict, the argument graph, a SHA-256 hash, and a fingerprint of the input). It accepts a retain flag: with the reasoning text not persisted unless you opt in, so privileged or proprietary text can be verified without being stored. The verifier runs on a separate backend from the control plane.
Contact
Data questions: privacy@cobound.dev
For GDPR data subject requests, include your account email and the nature of the request.