Legal & Privacy.
The baseline privacy and data-handling notice for muratov.io, provided by Bonfleur s.r.o., the data controller. Engagement terms — including scope, commercial terms, and governing law — are agreed individually with each customer in a written agreement and are not published here.
What we collect, and why
We collect data necessary to operate the platform and respond to inquiries. No data is sold or shared for marketing purposes.
- Data controller
- Bonfleur s.r.o. (IČO 28169166), Czech Republic. Registered in the Czech commercial register (or.justice.cz).
- Contact form
- Name, email, role (required selector), and message field (required); optional: engagements/year and current tools. Used solely to respond. We do not store submissions in an application database; delivery is handled by a transactional-email sub-processor whose own policy governs retention of delivery metadata and logs.
- Platform accounts
- Authentication data managed by our identity sub-processor. Evidence files stored in your tenant and isolated from other customers.
- AI processing
- Evidence content sent to our AI inference sub-processor for extraction and testing. Not used for model training, per the AI provider's commercial-API terms.
- Retention
- You control your own data lifecycle. Before termination you can export every workpaper via the 13-section export, archive evidence files off-platform, and delete engagements at will. After termination you retain a 30-day export window for the 13-section export; at the end of that window platform access is revoked and tenant-scoped content is deleted. We do not retain your audit workpapers on your firm's behalf — your firm's retention obligations run against your own off-platform copies, not this platform.
- EU / EEA residents
- You may contact us with data-access or erasure requests; we will respond within a reasonable timeframe consistent with applicable law. muratov.io is not actively marketed in the EU; this notice is provided for transparency.
No marketing mailing list. No cross-site tracking cookies, advertising cookies, or marketing-analytics cookies. We use cookieless usage analytics (via our hosting provider) that does not identify individual visitors or set tracking cookies; strictly necessary session cookies only. No cookie consent banner required under this model.
Documentation tools, not audit opinions
Platform outputs are documentation tools, not audit opinions or attestation reports. The platform is provided as-is, without warranties of any kind (express or implied), to the fullest extent permitted by applicable law.
- Not a CPA firm.
- muratov.io does not perform audits, issue audit opinions, provide assurance, or render attestation reports.
- Not legal or accounting advice.
- Platform content is informational; your firm's qualified professionals own all audit conclusions, professional judgments, and regulatory decisions.
- Primary data in the United States.
- Transactional sub-processors may process metadata in their own operational regions per the Sub-processors section below.
- Governing law.
- Governing law and forum are set in the individual written agreement for each engagement, which controls over this public notice.
Platform scope
muratov.io is an ITGC audit automation platform. We are not a CPA firm and do not perform audits, issue audit opinions, provide assurance, or perform attestation services.
- Platform outputs are intended for use by the responsible auditor — sole practitioner, IT audit consultant, or single-headcount corporate IA function — within their own audit and quality-control framework.
- When we operate the platform on a customer's behalf under a written agreement, we run the testing workflow and produce documentation; the customer's licensed auditor reviews, concludes, and signs.
- Workpapers, testing results, and conclusions generated through the platform are documentation tools — not audit opinions or attestation reports.
- Users are responsible for their own professional judgments, conclusions, and regulatory decisions when relying on platform outputs.
AI features
The platform uses AI (Anthropic Claude API) for evidence extraction, testing, and draft generation. AI outputs are probabilistic and require professional review.
- Mandatory auditor review enforced by the platform; AI never auto-finalizes conclusions.
- AI tests run only on samples with mapped evidence (evidence-first — no mapped evidence means inconclusive).
- Data not used for AI model training (per the provider's commercial-API terms).
- Full AI provenance stored with each result.
Set individually, in writing, in private
Engagement terms — including scope, commercial terms, and governing law — are agreed individually with each customer in a written agreement and are maintained privately between Bonfleur s.r.o. and that customer. We do not publish contract terms here.
Whatever the arrangement, all audit conclusions, professional judgments, sign-offs, and determinations of regulatory adequacy remain the responsibility of the customer and their qualified auditors; muratov.io and Bonfleur s.r.o. do not perform audits, issue audit opinions, provide assurance, or render attestation reports.
Some customers arrange for us to operate the platform on their behalf; the specifics of any such arrangement are part of that private written agreement.
The third-party processors that deliver the platform
| Clerk | Authentication |
|---|---|
| Neon | Managed PostgreSQL database |
| Vercel | Hosting + platform delivery + transactional log storage |
| Vercel Blob | Evidence-file blob storage; tenant-scoped paths; customer audit files at rest |
| Anthropic | AI inference |
| Pinecone | Content-retrieval index; tenant-isolated namespacing for evidence excerpts, workpaper narratives, and exception descriptions; matching is exact-text, not semantic similarity |
| Resend | Transactional email for contact-form delivery |
| Upstash | Redis-based rate limiting + distributed locks for AI-test / QC / population concurrency; request IPs + user identifiers only, no customer audit content |
Primary data storage is in the United States; transactional sub-processors may process metadata in their own operational regions per their published policies. Maintained under change-control (30-day notice for material additions). The authoritative Sub-Processor list per customer is the MSA Schedule.
Strictly necessary only
Only strictly necessary cookies for authentication and theme preference. No analytics or marketing cookies.
- theme — light/dark preference (session).
- __session, __clerk_db_jwt, __client_uat, __refresh_* — authentication session + refresh tokens (Clerk; our identity sub-processor).
- No third-party tracking; any usage analytics is cookieless (no cookie is set).