Cohesive360

Privacy Policy

Last updated: 5/9/2026

This policy explains what Cohesive360 collects, why, and how we protect it. The short version: we store your SmartAdvocate URL, username, and an encrypted copy of your password on our servers so the hosted Claude connector can authenticate to SmartAdvocate on your behalf. We do not store your case data — it flows just-in-time between our server and your SmartAdvocate tenant when Claude invokes a tool, and we do not retain it after the response.

What we store

  • Account: your email, hashed password (scrypt), full name, organization name, timestamps, and your acceptance of these Terms + AI disclaimer.
  • Subscription: Stripe customer and subscription IDs, plan, status, seat count, trial and renewal dates.
  • License: license key, issue date, tenant binding (SmartAdvocate host), active-device records (random per-device UUID stored locally on each Claude install + last-seen timestamps).
  • SmartAdvocate credentials (encrypted): your SA URL, your SA username, and your SA password encrypted at rest with AES-256-GCM. The 256-bit master key lives in Azure Key Vault; per-row encryption uses random 12-byte IVs and 16-byte authentication tags. Each row's ciphertext is bound to your user ID via Additional Authenticated Data, so a stolen blob can't be decrypted in another user's context. The plaintext password only exists in server memory during a tool invocation, when our server uses it to authenticate to your SA tenant on your behalf; it is never logged, never echoed in any HTTP response, and never written to disk.
  • OAuth tokens: for the Claude Connector flow we issue Bearer access tokens (1-hour TTL) and refresh tokens (90-day, rotated on each use), each tied to your account. Revoking the connector in Claude or removing your SA credentials in our dashboard invalidates them.
  • Operational: last-seen and last-verified timestamps for active devices and credentials, for seat counting and connection-health display.

What we do NOT store long-term

  • Case data, notes, tasks, contacts, calendar entries, or document text retrieved from SmartAdvocate. When Claude invokes a tool, our server fetches just-in-time from your SA tenant, returns the result to Claude, and discards the response. We do not log SA response bodies and we do not retain them.
  • Prompt contents or Claude responses. Those are handled by Anthropic under its own privacy policy.
  • Your SA password in plaintext. The plaintext exists only briefly in server memory during an authenticate request to your SA tenant; the at-rest copy is always AES-GCM encrypted.

Ephemeral document staging

Two document workflows briefly hold your file bytes in our infrastructure to bridge between your machine, our server, SmartAdvocate, and Claude. Both windows are short, scoped, and physically deleted by Azure's lifecycle policy. We never log the bytes.

  • Upload staging — when you drop a file at /upload for the upload_document tool, the file is written to a private Azure Blob, a short-lived signed URL is issued for SmartAdvocate to retrieve it, and the blob is deleted on successful upload. Stragglers are auto-deleted by the Azure lifecycle policy within ~1 hour.
  • Download staging — when Claude calls download_documenton a file too large to inline (over 2 MB), our server fetches it from your SmartAdvocate tenant using your encrypted credentials, places the bytes in the same private staging container, and issues a read-only signed URL valid for 10 minutes for Claude to ingest. Smaller documents skip this step and travel inline in the tool response. The blob is auto-deleted within ~1 hour by the Azure lifecycle policy. We do not log the bytes; per-document blob names are random 96-bit tokens not tied to any user-identifying data.

Document bytes flow from staging to Claude as part of a normal tool result; once Claude has them, Anthropic's data-handling policy applies (the same policy that governs files you drag-drop into Claude.ai directly). We do not broker that relationship. Claude Enterprise plans receive zero retention; other Claude plans follow Anthropic's published policy.

Why we store your SA credentials

The hosted Claude connector lets Claude (Desktop, web, and mobile) act on your SA data without requiring an install on every device. For that to work, our server has to authenticate to your SA tenant when Claude makes a tool call. SmartAdvocate's API uses username + password authentication today — there is no OAuth or service-account option — so we have to hold a decryptable copy of your password to be able to log in on your behalf. We chose to disclose this trade-off explicitly. If you prefer credentials never leave your machine, the legacy stdio install path is still available from the Dashboard (Advanced section); it runs locally and reads credentials from a file on your computer.

Third parties

  • Stripe — payment processing, customer portal, billing emails.
  • Resend — transactional email (welcome, trial reminders, receipts).
  • Anthropic — you use Claude under Anthropic's terms; we do not broker that relationship.

Security

Data in transit is protected by TLS. Passwords are hashed with scrypt. License keys are stored in full; cached client-side state is HMAC-signed to detect tampering. Our infrastructure is hosted on Microsoft Azure (US region).

Your rights

You may request export or deletion of your account data by emailing privacy@cohesive360.com. We complete requests within 30 days. Deleting an account cancels your subscription, revokes all active seats, and removes license and account records. Stripe retains billing records per its own retention policy.

Children

The Service is not directed at children under 18 and we do not knowingly collect their data.

Changes

We may update this policy here. Material changes will be communicated by email at least 14 days before taking effect.

Contact

privacy@cohesive360.com

Terms of Service · Home