The Input Recovery App

Privacy & Data Compliance

How we protect your data across every layer of the platform — from client-side processing to cloud infrastructure.

Last updated: March 2026

Platform Architecture

The Input Recovery App is designed with a layered architecture that minimizes data exposure at every stage of processing.

Client-Side CSV Parsing
Your CSV files are parsed directly in the browser using a shared, quote-aware parser before any data leaves your device. Column mapping and validation happen locally, reducing server-side data exposure.
SOC 2 Compliant Gateway
AI-powered analysis is routed through Manus Forge, a SOC 2 compliant gateway infrastructure. All API calls use bearer token authentication over encrypted HTTPS connections.
Isolated Task Execution
Each processing task runs in a fully isolated cloud virtual machine following Zero Trust architecture principles. Operations within one task cannot access or affect any other task or the broader service.
No Raw Data Retention
Uploaded CSV data is processed in-session for audit analysis and risk screening. The platform does not retain raw transaction data beyond what is needed to generate your results and reports.

Data Compliance — Manus (Meta)

Our cloud infrastructure is powered by Manus, now part of Meta, providing enterprise-grade security and compliance standards.

SOC 2 Compliance

Manus maintains SOC 2 compliance, independently audited and verified through the Manus Trust Center .

Data Encryption

Data is encrypted in transit (TLS/HTTPS) and at rest. Sensitive credentials are encrypted locally before upload and re-encrypted for cloud storage — never stored or transmitted in plaintext.

No Model Training

Your data is never used to train AI models. Manus explicitly prohibits model providers from using customer data for training purposes. Only aggregated or de-identified data may be used to improve services.

Three-Tier Safeguards

Security is implemented across technical safeguards (encryption, access controls), organizational safeguards (internal policies, restricted personnel access), and physical safeguards (facility and equipment protection).

Terms of Use

No-Reliance Disclaimer
This platform identifies potential areas for further review using automated ratio-based analysis and AI-assisted classification. It does not constitute professional advice, assurance, or a professional opinion. No reliance should be placed on these results. Consult a qualified tax professional for definitive guidance on GST/HST recovery, ITC eligibility, and compliance matters.
Data Ownership
You retain full ownership of all data you upload and all outputs generated by the platform, including audit reports, risk screening results, and extracted invoice data. These may be used for both personal and commercial purposes without restriction.
Service Availability
The platform is provided on an "as-is" basis. While we strive for accuracy across all 29 detection types and 13 risk screening checks, no warranty is made regarding the completeness, accuracy, or fitness for a particular purpose of any results. Tax rules change and edge cases exist — always verify findings with a qualified professional.
Eligibility
You must be of legal age in your jurisdiction to use this service. By using the platform, you represent that you have the authority to upload the data you provide and that its use for tax analysis does not violate any applicable laws or agreements.