Data Privacy & Document Security — Gallant Project Solutions LLC

Summary — What you need to know

Your documents are treated as confidential project information from the moment Gallant receives them — used only to generate your analysis and deliverables, never for any other purpose.
Documents are not shared with other clients or accessible across engagements.
Documents are not used to train AI models. Anthropic's terms of service explicitly prohibit use of customer data for model training.
Documents are retained for 90 days after your final deliverable, then deleted — or earlier on request.
Gallant uses Claude by Anthropic as the AI processing tool within its requirements analysis workflow. AI is used strictly as a processing tool, not as a storage system.
Federal clients: Gallant does not accept CUI-marked documents without a specific handling agreement. Contact Gallant before submitting restricted materials.

Section 01

Purpose

Gallant Project Solutions LLC ("Gallant") processes client documents to generate structured requirements analysis and related project intelligence outputs, including the Gallant Requirements Intelligence Report™. This policy defines how client documents and derivative data are handled, protected, and retained throughout that process.

All client data is treated as confidential project information from the moment it is received. No exceptions.

Section 02

Scope

This policy applies to:

All documents submitted by clients for analysis
All derivative outputs generated from those documents — requirements registers, Gallant Requirements Intelligence Reports™, traceability matrices, conflict reports, and related deliverables
All internal handling, processing, and storage activities conducted by Gallant in connection with a client engagement

Section 03

Core Principles

Purpose-Limited Use. Client documents are used solely for generating requirements extraction, analysis, and related project deliverables for the submitting client's engagement. They are not used for any analysis unrelated to the client's engagement, internal product development beyond what is necessary to deliver contracted scope, or any third-party purpose.

No Cross-Client Data Sharing. Client data is never shared, reused, or exposed across projects. Each engagement is treated as a fully isolated dataset. Requirements, document content, project names, and all derivative outputs are confined to the engagement from which they originated.

No AI Training Use. Client documents and outputs are not used to train AI models. This applies to internal model training by Gallant, external model training by any third party, and any form of dataset aggregation for training purposes.

Controlled Use of AI Tools. Gallant uses Claude by Anthropic strictly as a processing tool within a controlled, purpose-bound workflow. AI tools are not used as a storage system for client data, a knowledge repository accessible across engagements, or a shared dataset for any purpose beyond the immediate analysis session. All AI processing is session-specific, output-directed, and controlled by Gallant personnel.

Data Access Control. Access to client data is restricted to Gallant personnel directly supporting the engagement. It is not accessible to other clients or other engagements and is not made publicly available in any form.

Section 04

Data Storage & Retention

Client documents may be stored temporarily to support analysis, deliverable preparation, and post-delivery clarifications. Gallant's default retention schedule:

Retention Period	Condition
90 days post-delivery	Default. Covers post-delivery clarifications and follow-on questions about the deliverable.
Extended per engagement	For active retainer engagements, retention continues for the duration of the engagement plus 90 days from the final deliverable.
Immediate on request	Clients may request full deletion of submitted documents at any time. Gallant will confirm deletion within 5 business days.

Section 05

Confidentiality & NDA

Gallant operates under client confidentiality expectations by default — no formal NDA is required for Gallant to treat client documents as confidential. For engagements involving particularly sensitive project information, Gallant will:

Execute a mutual NDA upon request, prior to document submission
Align all data handling practices with contractual confidentiality obligations
Incorporate specific handling requirements into the engagement agreement as needed

Section 06

Federal Project Handling — CUI & Controlled Documents

Important — Federal Clients

Gallant does not accept Controlled Unclassified Information (CUI)-marked documents without a specific handling agreement in place. Clients are responsible for ensuring that documents submitted to Gallant are appropriate for contractor review under applicable federal regulations and contract terms.

Most VA and DoD project documents encountered in AEC design and construction engagements — design guides, program requirements, scope documents — are not CUI-marked and are appropriate for contractor review. If you are uncertain whether a document is CUI or otherwise restricted, contact Gallant before submitting. Gallant will work with federal clients to establish appropriate handling procedures consistent with the applicable contract vehicle and agency requirements.

Section 07

What Does Not Happen

Client documents are never:

Accessible to other clients or shared across engagements
Used to train AI models — by Gallant or by any AI tool provider
Made publicly available in any form
Used for any purpose beyond generating deliverables for the submitting client
Retained indefinitely — default 90-day post-delivery retention applies unless extended by agreement

Section 08

AI Processing Transparency

Gallant uses Claude, an AI assistant developed by Anthropic, as the primary AI processing tool within its requirements analysis workflow. Anthropic's terms of service explicitly prohibit the use of customer conversation data for training AI models. Client documents processed through Gallant's Claude-based workflow are not incorporated into any AI training dataset.

Clients should be aware that AI tools used by Gallant are third-party technologies operated by Anthropic. Document content is processed within those systems for the purpose of analysis. Gallant mitigates exposure through:

Purpose-bound, session-specific workflows — no persistent storage of client data within AI systems
Controlled usage practices — all AI processing is directed by Gallant personnel
Anthropic's contractual prohibition on using customer data for model training

Gallant cannot make representations about the internal data handling of Anthropic beyond what is stated in Anthropic's published privacy policy and terms of service. Clients with requirements that cannot be met within a cloud-based AI processing model should discuss custom handling arrangements with Gallant before submitting documents. Current Anthropic data handling policy: anthropic.com/privacy

Section 09

Client Responsibilities

By submitting documents to Gallant, clients confirm:

They are authorized to share the submitted documents with a third-party contractor for analysis purposes
The documents do not contain CUI-marked, classified, or otherwise legally restricted information unless a specific handling agreement has been established with Gallant
They have removed any highly sensitive personal, financial, or proprietary information that is not necessary for the requested analysis

Section 10

Common Questions

"Does AI learn from my documents?"

No. Your documents are used only to generate your analysis. Gallant uses Claude by Anthropic, and Anthropic's terms of service explicitly prohibit using customer data for model training. Your documents are not incorporated into any AI training dataset.

"Can other clients see my project information?"

No. Each engagement is fully isolated. Your documents, requirements, and deliverables are never shared across projects or accessible to other clients.

"Where are my documents stored?"

Documents are stored within Gallant's controlled work environment for the duration of your engagement plus 90 days after your final deliverable. You can request deletion at any time and Gallant will confirm deletion within 5 business days.

"Is this secure enough for a VA or DoD project?"

For standard VA and DoD AEC documents — design guides, program requirements, scope documents — yes. These are not typically CUI-marked and are appropriate for contractor review. If you have CUI-marked materials, contact Gallant before submitting to establish a specific handling agreement.

"Do you sign NDAs?"

Yes. Gallant will execute a mutual NDA prior to document submission upon request. Gallant also operates under client confidentiality expectations by default — no formal NDA is required for your documents to be treated as confidential.

"What AI tool does Gallant use?"

Gallant uses Claude, an AI assistant developed by Anthropic, as its primary AI processing tool. Claude is used strictly as an analysis instrument — not as a storage system or knowledge repository.

"Who owns the deliverables?"

All deliverables — requirements registers, traceability matrices, intelligence reports, and related outputs — are owned by the client upon delivery. Gallant retains no rights to client-specific deliverable content.

Section 11

Policy Updates

This policy is reviewed annually and updated when material changes occur to Gallant's workflow, AI toolset, storage practices, or applicable legal or contractual requirements. Clients engaged under a prior version will be notified of material changes.

Questions about data handling?

Contact Gregory Tuite directly — before submitting documents if you have specific concerns.

gregory.tuite@gallantprojectsolutions.com

(407) 404-3555