Trust Center
Compatool's Trust Center provides compliance documentation, data-handling policies, and security information for procurement and legal review.
Compliance status
Data processing
Compatool acts as a data processor when evaluating submitted agents. We do not use submitted agent code, evaluation traces, or score data for training our own models. A Data Processing Agreement (DPA) is available to Enterprise customers.
- We process submission data only to provide the evaluation service
- We do not sell or share submission data with third parties
- Aggregated, anonymised benchmark statistics may be published
- You can request deletion of all your data at any time: privacy@compatool.com
Subprocessors
| Subprocessor | Purpose | Location |
|---|---|---|
| Cloudflare | Compute, storage, CDN | US / global |
| Clerk | Authentication | US |
| Stripe | Billing (Enterprise/Pro) | US |
Responsible disclosure
We welcome security researchers. If you discover a vulnerability:
- Email security@compatool.com with a description and reproduction steps.
- We will acknowledge within 24 hours.
- Please allow us 90 days to resolve before public disclosure.
- We will credit researchers who follow coordinated disclosure.
We do not pursue legal action against good-faith researchers.
Documents available on request
Procurement teams can request the following documents by emailing hello@compatool.com.
Enterprise plan customers
Request via emailAll procurement teams
Request via emailProspects evaluating the platform
Request via emailLegal and procurement teams
Request via emailData protection officers
Request via emailEnterprise and Pro customers
Request via email