TSS
Business Affairs
The Sociable Society · Internal
← Back to sign in

Privacy Policy

Last updated: May 25, 2026

This Privacy Policy describes how TSS Business Affairs ("we", "us", or "TSS AI") collects, uses, and protects information when you use the TSS AI contract redlining dashboard (the "Service"). TSS AI is an internal tool operated by The Sociable Society for the purpose of assisting authorized lawyers in reviewing influencer agreements.

1. Who can use the Service

Access to TSS AI is restricted to specific individuals authorized by The Sociable Society's Business Affairs team. Each authorized user's email address is added to an allowlist; only allowlisted users can sign in.

2. Information we collect

  • Google account profile: when you sign in with Google, we receive your email address, name, and profile picture from Google. We use these to identify you in the dashboard and to verify your authorization.
  • Google Drive / Docs access (optional): if you choose to use the Google Doc features (loading a contract from Drive, posting comments to a Google Doc, or saving edits back to a .docx in Drive), we request your permission to access Drive on your behalf. We only access the specific files you provide URLs for; we do not browse your Drive.
  • Contract text: when you upload a .docx, paste text, or load a Google Doc, we read the document's text for the duration of the analysis. We do not persist contract content on our servers after the request completes.
  • Session metadata: our server logs record authentication events (sign-in time, IP address, browser user agent) and request metadata (API endpoint, response status) for operational monitoring. Logs do not contain contract content.

3. How we use information

  • To provide the Service: we send the contract text and your deal terms to Anthropic's API (Claude) to generate the proposed redlines. The output is returned to you through the dashboard and, optionally, written back to your source document (Google Doc or .docx in Drive).
  • To authenticate you: we use a session cookie signed with a server-side secret to keep you logged in. The cookie is HTTP-only and Secure.
  • For operational monitoring: we use logs to detect errors and diagnose issues.

We do not use your contract content or profile information to train AI models. We do not sell or share your information with third parties for advertising.

4. Third-party processors

  • Anthropic (Claude API): we transmit contract text and deal terms to Anthropic for AI analysis. Anthropic operates under a zero-data-retention policy for its API tier and does not use API submissions to train models. See Anthropic's Privacy Policy.
  • Google: we use Google OAuth for authentication and Google Drive / Docs APIs for the optional Google Doc integration. Your interactions with Google are governed by Google's Privacy Policy.
  • Vercel: our hosting provider. Server logs and session cookies pass through Vercel's infrastructure. See Vercel's Privacy Policy.

5. Chrome extension companion

The optional TSS AI — Redline in Google Doc Chrome extension is a companion to the dashboard that applies the dashboard's redlines as native Suggesting-mode edits inside Google Docs. It is published by The Sociable Society on the Chrome Web Store and is subject to the data-handling terms below.

  • No outbound network requests. The extension does not transmit data to TSS servers, third parties, or any analytics platform. All communication happens between three components inside your own browser: the TSS AI dashboard tab, the extension's background service worker, and the Google Docs tab.
  • Host permissions: the extension is granted access to docs.google.com (to render the redline overlay and drive Google Docs's native Find & Replace dialog) and tss-ai-zeta.vercel.app (to receive redline payloads from the dashboard via window.postMessage). No other origins are accessed.
  • Local storage with 24-hour TTL: the extension uses chrome.storage.local (a private, per-extension area of your Chrome profile) to persist the staged redline payload (Google Doc URL, redline list, brand and influencer names, AI summary) so you can reload the doc tab without losing context. Entries automatically expire 24 hours after receipt and can be cleared earlier from the extension's popup. Storage data is not synced across Chrome installations and is never uploaded.
  • Google Doc content is never extracted. The extension reads UI state inside the Docs editor (to locate menu items, dialog inputs, and the toolbar mode switcher) but never copies, exports, or transmits the body text of your Google Doc. The redlines you ask it to apply pass through Docs's own Find & Replace dialog — the extension fills the dialog and clicks Replace all on your behalf.
  • Source code is open to review. The extension's full source code is available at github.com/lulirl/tss-ai under chrome-extension/ for full transparency about what it does.

6. Data retention

Contracts are not stored on our servers. Each analysis is performed in memory and the contract text is discarded when the request completes. We do not maintain a database of contract content.

Server logs (authentication and request metadata, without contract content) are retained for up to 30 days for operational purposes and then deleted.

Comments and Track Changes that you choose to write back to your own Google Doc or .docx in Drive remain in those files under your control — we do not retain a copy on our servers.

7. Your choices

  • Revoke Google access: at any time you can revoke TSS AI's access to your Google account at myaccount.google.com/permissions.
  • Sign out: you can end your session at any time using the Sign Out control in the dashboard header. Signing out deletes the session cookie from your browser.
  • Request removal: if you would like your account removed from the authorized list (or your name removed from audit logs), contact us at the address below.

8. Security

All traffic between your browser and the Service is encrypted via HTTPS. Authentication uses Google OAuth 2.0 — we never store passwords. Session cookies are signed and verified server-side. The Anthropic API key used to generate analyses is stored as an environment variable on our hosting infrastructure and is not exposed to client browsers.

9. Children

The Service is not intended for individuals under the age of 18 and is not designed for children. We do not knowingly collect information from children.

10. Changes to this policy

We may update this Privacy Policy from time to time. Material changes will be reflected in the "Last updated" date at the top of this page. Continued use of the Service after a change constitutes acceptance of the updated policy.

11. Contact

For questions about this Privacy Policy or to exercise any of the rights described above, contact us at:

The Sociable Society — Business Affairs
4500 Park Granada, Suite 202
Calabasas, CA 91302
Email: lucia@thesociablesociety.com

© 2026 The Sociable SocietyTerms of Service →