Draft — This privacy policy is pending formal legal review. Last updated: February 2026.
Privacy Policy
Solaisoft Pty Ltd (ABN pending) trading as Assay
1. Who We Are
Assay is a read-only COBOL documentation generation service operated by Solaisoft Pty Ltd, an Australian proprietary company. We generate comprehensive documentation from COBOL source code using AI analysis. We never modify, execute, or deploy source code.
2. Data We Collect
2.1 Business Contact Information
- Company name, contact name, email address, phone number
- Billing information (processed via Stripe — we do not store card details)
2.2 Source Code (Temporary)
- COBOL source files (.cbl, .cpy) provided by you for analysis
- Source code is processed via the Anthropic API and is not stored persistently
- All source copies are deleted within 30 days of delivery, with written confirmation
2.3 Generated Documentation
- The documentation we generate from your source code
- Retained until you request deletion
- Ownership of generated documentation transfers to you upon payment
3. How We Process Source Code
Your source code follows a strict processing pipeline:
- Intake: Encrypted file transfer (SFTP or encrypted ZIP)
- Processing: Transmitted to Anthropic's API over TLS 1.3. Under Anthropic's commercial terms, inputs are not used for model training.
- Storage: No persistent storage of source code. Files exist only in memory during processing.
- Delivery: Time-limited secure download link for generated documentation
- Deletion: All source copies destroyed within 30 days of delivery. Written confirmation provided.
4. Who Has Access
Access to your source code is strictly limited to:
- Macdara (Director, Solaisoft Pty Ltd) — sole operator with access to source files during processing
- Anthropic API — processes source code under commercial terms (no training, no retention beyond API call)
No other employees, contractors, or third parties have access to your source code.
5. Third-Party Processors
| Processor | Purpose | Data |
|---|---|---|
| Anthropic | AI analysis | Source code (transient) |
| Stripe | Payment processing | Billing details |
| Vercel | Website hosting | Web analytics (anonymous) |
6. Data Retention
| Data Type | Retention Period |
|---|---|
| Source code | Deleted within 30 days of delivery |
| Generated documentation | Until customer requests deletion |
| Business contact info | Duration of relationship + 7 years (tax) |
| Invoices/billing records | 7 years (Australian tax law) |
7. Your Rights
Under the Australian Privacy Act 1988, you have the right to:
- Access your personal information held by us
- Request correction of inaccurate information
- Request deletion of your data (subject to legal retention requirements)
- Withdraw consent for marketing communications
- Lodge a complaint with the Office of the Australian Information Commissioner (OAIC)
8. Security Measures
- TLS 1.3 encryption for all data in transit
- Encrypted file transfer for source code intake
- No persistent storage of source code
- Stripe PCI-DSS Level 1 for payment processing
- Professional Indemnity insurance to $10M (via ACS membership)
9. Changes to This Policy
We will notify existing customers of material changes via email at least 14 days before they take effect. The current version is always available at assay.software/privacy.
10. Contact
For privacy enquiries or data requests:
- Email: privacy@assay.software
- Mail: Solaisoft Pty Ltd, Perth, Western Australia