Skip to main content
cf0 is built so analysts can put their name on the output. That starts with knowing exactly where data lives and who can touch it.

Storage

WhatWhere
Threads, messages, generated reportsImmutable per-org storage, US region
User accounts, org membership, rolesEnterprise identity layer with a relational record
Uploaded documentsOrg-scoped object storage, US region
SEC + global filings indexStructured, queryable index
Threads and reports live as an immutable canonical record, not in a mutable database or codebase. Deletion is immediate from the user’s view; backing storage is purged on the next sync cycle.

Sub-processors

cf0 uses a curated set of sub-processors covering:
  • Cloud infrastructure — primary compute, storage, and AI inference, US region
  • Identity and access — enterprise authentication and organisation management
  • Durable workflow orchestration — long-running ingestion and processing
  • Frontend hosting — global edge delivery
  • Product analytics — usage telemetry (no thread or report content)
  • AI observability — model I/O tracing (content stays inside the platform perimeter)
  • Semantic retrieval — vector index for source lookup
  • Data feeds — read-only ingest of filings, market data, transcripts, and macro data; do not process customer data
The complete sub-processor list — vendor, role, and data scope per processor — is disclosed under the DPA. Contact filippo@cf0.ai to request it.

Boundaries

  • Org isolation — every thread, document, and report is scoped to your organisation. There is no cross-org visibility.
  • No training on your data — cf0 never uses customer threads, documents, or reports to train any AI model.
  • Inference inside the platform perimeter — AI inference runs inside cf0’s cloud infrastructure; customer data does not leave the platform to reach a model.

Compliance

For regulated workflows, the DPA, or sub-processor disclosure, contact filippo@cf0.ai.
Last modified on May 25, 2026