JCGA Legal & Security Documentation

1. Introduction

Welcome to JCGA. These Terms and Conditions ("Terms") govern your access to and use of the web application, custom dashboards, and AI-powered vault services (collectively, the "Services") provided by JCGA, LLC ("JCGA," "we," "us," or "our").

By accessing or using our Services, you agree to be bound by these Terms. If you do not agree to these Terms, you may not access or use the Services.

2. Description of Services

JCGA collaborates with clients to build custom business intelligence dashboards and secure AI-powered data vaults. Our Services allow users to visualize data, store sensitive information securely, and utilize Artificial Intelligence to gain insights into business performance.

3. User Accounts and Security

To access certain features of the Service, you may be required to register for an account. You agree to:

• Provide accurate, current, and complete information.
• Maintain the security of your password and identification.
• Notify JCGA immediately of any unauthorized use of your account.
• Accept responsibility for all activities that occur under your account.

4. Data Ownership and License

Your Data: You retain all rights and ownership of the data, files, and information you upload to the JCGA dashboards and vaults ("Client Data").

License to JCGA: You grant JCGA a non-exclusive, worldwide, royalty-free license to access, store, and process Client Data solely for the purpose of providing the Services to you (e.g., rendering dashboards or indexing data for the AI vault).

Aggregated Data: JCGA may use anonymized, aggregated usage data for service improvement, provided that such data cannot identify you or your business.

5. AI Services and Disclaimer

Our "AI-powered vaults" utilize machine learning and Large Language Models (LLMs) to analyze your data.

Accuracy: While we strive for precision, AI technology is probabilistic. JCGA does not guarantee that AI-generated insights, summaries, or predictions will be error-free. You should verify critical business information independently.

No Professional Advice: The Services provide information and analysis, not professional financial, legal, or tax advice.

6. Intellectual Property

The underlying software, algorithms, UI design, and proprietary methodologies used to build your custom dashboards remain the property of JCGA, LLC. You are granted a revocable, non-transferable license to use these tools for your internal business purposes.

7. Confidentiality

JCGA treats your data as Confidential Information. We will not disclose your data to third parties except as required by law, as described in our Privacy Policy, or with your explicit consent.

8. Limitation of Liability

To the maximum extent permitted by law, JCGA, LLC shall not be liable for any indirect, incidental, special, consequential, or punitive damages, or any loss of profits or revenues, whether incurred directly or indirectly, or any loss of data, use, goodwill, or other intangible losses, resulting from (a) your use or inability to use the Service; (b) any unauthorized access to or use of our servers and/or any personal information stored therein.

9. Governing Law

These Terms shall be governed by and construed in accordance with the laws of [Insert State/Country], without regard to its conflict of law provisions.

1. Information We Collect

• Personal Information: Name, email address, phone number, and billing information when you create an account.
• Business Data: Financial records, operational metrics, and proprietary documents uploaded to the AI Vaults and Dashboards.
• Usage Data: Information on how you interact with the application (e.g., logins, dashboard views).

2. How We Use Your Information

• Service Delivery: To configure your custom dashboards and secure your data in the vault.
• AI Processing: To enable the AI to answer questions about your specific data.
• Communication: To send you updates, security alerts, and support messages.

3. AI and Data Privacy

Isolation: Your data is isolated. We do not use your proprietary Business Data to train public-facing AI models or models available to other clients.

Third-Party Processors: If we utilize third-party LLM providers (e.g., OpenAI, Anthropic, Azure), your data is transmitted via enterprise-grade, encrypted APIs with "zero-retention" policies where applicable, meaning the provider does not store your data for their own training purposes.

4. Data Sharing

We do not sell your personal or business data. We may share data with trusted third-party service providers (e.g., cloud hosting, payment processors) strictly to perform tasks on our behalf and under confidentiality agreements.

5. Data Retention and Deletion

We retain your data only as long as your account is active or as needed to provide you Services. You may request the deletion of your account and all associated data by contacting [Insert Contact Email]. Upon termination, data is purged from our active databases within [e.g., 30 days].

1. Data Encryption

At Rest: All data stored in our databases, object storage, and AI vector indexes is encrypted using industry-standard AES-256 encryption.

In Transit: All data transmitted between your browser and our servers is encrypted using TLS 1.2 or higher (HTTPS).

2. Access Control

• Role-Based Access Control (RBAC): We implement strict permission levels. Only authorized users within your organization can view specific dashboards or query the vault.
• Multi-Factor Authentication (MFA): We recommend (or enforce) MFA for all user accounts to prevent unauthorized access.
• Least Privilege: JCGA employees do not have access to your raw data unless explicitly authorized by you for support purposes, and such access is logged and audited.

3. AI Vault Architecture

Vector Isolation: When you upload documents to the AI Vault, they are converted into vector embeddings. These embeddings are stored in isolated namespaces unique to your tenant ID, ensuring no cross-contamination of data between clients.

Sanitization: Inputs to the AI and outputs from the AI are screened to prevent prompt injection attacks and data leakage.

4. Infrastructure Security

Cloud Provider: Our infrastructure is hosted on [e.g., AWS/Google Cloud/Azure], utilizing their world-class physical and network security measures.

Backups: We perform automated daily backups of your dashboard configurations and encrypted data to ensure business continuity in the event of a failure.

5. Incident Response

In the unlikely event of a data breach, JCGA has an established Incident Response Plan. We will notify affected clients within [e.g., 72 hours] of becoming aware of a breach that compromises the security of their data, in compliance with applicable laws.

6. Contact Us

If you have questions about this Security Policy or suspect a vulnerability, please contact us at: