Privacy Policy
At Vor Energy, we understand that your data is valuable and sensitive. Our AI-assisted due diligence & deal platform employs robust security measures to ensure your information remains protected throughout the analysis process.
Key Privacy Commitments
Privacy for your data is at the core of our business model, and when you use our platform we agree:
We do not share your data with other platform customers
We do not train models on your data
We use API licenses that contractually prohibit third-party vendors such as OpenAI from training on your data, and we configure our integrations to prevent our LLM partners from training on any data that we transfer via API
We limit external vendor access to only those critical for our business operations
How We Protect Your Data
Secure Cloud Infrastructure
Built on Supabase, which provides enterprise-grade PostgreSQL database infrastructure with comprehensive security controls including row-level security (RLS)
All data encrypted at rest using AES-256 encryption and in transit using TLS 1.2+
Responsible AI Implementation
We leverage industry-leading AI models (e.g. Claude, Gemini, OpenAI) through secure API integrations
We implement industry-standard measures to secure your information from accidental loss and unauthorized access
Data Minimization & Retention
We only collect information necessary for providing our services
We retain personal information only where we have an ongoing legitimate business need
When we have no ongoing business need to process your information, we delete or anonymize it
Common Questions
Q: Who has access to our uploaded documents?
A: Only authorized members of your team and a limited number of Vor Energy support personnel who have signed confidentiality agreements. All access is logged and auditable.
Q: Do you have SOC 2 certification?
A: As an early-stage company, we're actively working toward SOC 2 certification. In the meantime, we adhere to SOC 2 principles and leverage infrastructure providers who maintain these certifications.
Q: How long do you retain our data?
A: We are developing formal retention policies and currently delete data upon customer request. Custom retention policies are available upon request, including immediate deletion.
Q: Can your AI models "learn" from our proprietary information?
A: No. We do not train models on your data. Your information is processed in accordance with this privacy commitment, and we maintain strict boundaries between customer data sets.
Q: What are my rights regarding my data?
A: You can request information about your data, receive a portable copy, correct or delete your information, and withdraw consent at any time by contacting us.
Q: What's your security roadmap?
A: We're actively working toward SOC 2 certification and regularly conduct security assessments.
Deeper Dive Questions
Q: Tell us more about your training stance?
A: We are not building or training our own models, nor are we fine-tuning or otherwise modifying 3rd party models. Our fundamental belief is that the models are already capable of incredible intelligence and reasoning capabilities without further training (see #6 in this a16z study). We don’t need our own models because the way we deliver value and achieve great results is by giving the existing frontier models the proper context and guidance.
We use API licenses that contractually prohibit third-party vendors such as OpenAI from training on your data, and we configure our Google integrations to use only paid services that include the same training prohibitions. Additionally, we have configured our integrations to prevent our LLM partners from training on any data that we transfer via API.
We are using API licenses that differ from consumer-grade LLM terms of service (e.g. chatgpt.com). These licenses default to no training on data, prompts, or context, and limited data retention solely for the purposes of fraud, abuse, and legal/regulatory disclosure.
These LLM providers’ privacy and security commitments apply across their hundreds of millions of users worldwide.
Q: What are the security and privacy policies of your LLM partners?
Anthropic (not currently in use)
Organization & Contact Information
For additional security questions or special requirements, please contact our security team at security@vorenergy.com.