mancitrus/system-prompts-and-models-of-ai-tools
1
0
Fork 0
mirror of https://github.com/x1xhlol/system-prompts-and-models-of-ai-tools.git synced 2026-06-17 23:09:35 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
40ab7b86c2
system-prompts-and-models-o.../salesflow-saas/docs/legal/templates/PRIVACY_POLICY_EN.md
Claude 40ab7b86c2
feat(dealix): Phase 1 completion + Phase 2 foundation scaffolded 
PHASE 1 COMPLETION:

TASK-005 — Live gitleaks scan:
  Scanned 146 commits with gitleaks v8.20.1
  Result: 1 finding — FALSE POSITIVE (model name llama-3.1-70b-versatile
    in test fixture, not an API key)
  Added to .gitleaksignore
  rotation_log.md updated with scan results
  VERDICT: No real secrets in git history — repo clean for extraction

TASK-006 — Legal templates (bilingual):
  docs/legal/templates/IP_ASSIGNMENT_AGREEMENT.md — bilingual IP assignment
  docs/legal/templates/PRIVACY_POLICY_EN.md — PDPL/GDPR-aware template
  docs/legal/templates/PRIVACY_POLICY_AR.md — Arabic privacy policy
  docs/legal/templates/TERMS_OF_SERVICE_EN.md — SaaS ToS with MENA pricing
  docs/legal/templates/DPA_EN.md — Data Processing Agreement with annexes
  All marked as "DRAFT — must be reviewed by Saudi counsel before use"

TASK-006 — Trademark Filing Kit:
  docs/legal/templates/TRADEMARK_FILING_KIT.md
  Covers: DEALIX (Latin) + ديلكس (Arabic) + logo
  Classes 9, 42, 35 across KSA, UAE, Egypt, Jordan, Kuwait
  Application text ready to paste into SAIP + equivalents
  Agent recommendations (AGIP, Saba, Bird & Bird, Al Tamimi)
  Budget: ~90-120K SAR for full MENA coverage

Founder Decision Package:
  FOUNDER_DECISION_PACKAGE.md — single file with 4 decisions:
    1. GitHub org name (recommend: dealix-io)
    2. Entity structure (MISA vs DIFC vs ADGM)
    3. Saudi counsel engagement (15-30K SAR)
    4. Trademark filing (30-50K SAR initial)
  Total founder time to unblock: ~1 week + ~50K SAR

PHASE 2 FOUNDATION:

DEALIX_PHASE2_BLUEPRINT.md — 18-month category leadership plan:
  10 parallel streams (Frontend, Product, AI, Enterprise, Integrations,
    Scale, Commercial, Customer Platform, Trust, Category POV)
  Executable NOW vs Requires External Services vs Wait-for-PMF
  Phase 2 completion criteria (NPS >=50, NRR >=120%, etc.)

TASK-F201 — Design System foundation (scaffolded):
  packages/design-system/tokens/primitive.json — W3C Design Tokens format:
    Brand palette (50-900), neutral (50-950), critical/warning/success/info
    Space, radius, motion (duration + easing) tokens
    Typography with Arabic fontFamily + arabic-adjustment (1.15) for size
    Arabic line-height (1.8) for diacritics
  packages/design-system/tokens/semantic.json — light + dark themes:
    surface, fg, border, interactive, status semantic layers
  packages/design-system/README.md — principles + integration guide

TASK-CAT1340 (prep) — @dealix/arabic-ui package (scaffolded):
  packages/arabic-ui/src/normalize.ts:
    Diacritic-insensitive search (fatha/kasra/damma stripped)
    Hamza variants normalized (أ/إ/آ → ا)
    Waw-hamza, ya-hamza, taa-marbuta, alef-maksura handled
    arabicMatch() + arabicCompare() helpers
  packages/arabic-ui/src/numerals.ts:
    Western/Arabic-Indic/Eastern Arabic-Indic conversion
    formatCurrency() for SAR/AED/EGP/USD/JOD/KWD
    formatNumber() with locale awareness
  packages/arabic-ui/src/direction.ts:
    detectDirection() via Unicode bidi algorithm
    isolate() using U+2068/U+2069 for mixed-direction content
    isRTL() locale check
    hasArabic() presence check
  Future: release as OSS after 12 months of internal use

TASK-CAT1310 — Manifesto (bilingual draft):
  marketing/manifesto.md — 4 principles in Arabic + English:
    1. Arabic first, not Arabic translated
    2. Decisions backed by evidence, not opinion
    3. AI recommends, systems commit, humans approve
    4. Saudi compliance built-in, not bolted on
  Publication target: dealix.io/manifesto + dealix.io/بيان

TASK-CAT1320 — Dealix Labs (scaffolded):
  docs/labs/README.md — research program structure:
    Annual State of Arabic Enterprise AI report
    Quarterly Arabic LLM Benchmarks
    OTel semantic conventions proposal
    Open source: @dealix/arabic-ui + @dealix/design-system

TRUTH.yaml updated:
  Added Phase 2 capabilities section (all as 'partial' or 'roadmap')
  Added ISO 27001/17/18 and bug bounty to security_claims (all false)

All gates GREEN:
  Architecture Brief: 40/40
  Release Readiness Matrix: 71/71 (up from 53/53)
  Release Readiness Gate (blueprint): PASS
  Truth Registry Validator: VALID

https://claude.ai/code/session_01W1rJthWDkasijTdXCfxVHs
2026-04-17 10:52:28 +00:00

4.6 KiB
Raw Blame History

Privacy Policy — Dealix (Template)

DISCLAIMER: Template only. Must be reviewed by qualified Saudi counsel before publication. Not legal advice. Version: 1.0 DRAFT Effective Date: [DATE] Last Updated: [DATE]

1. Who We Are

Dealix ("we", "us", "our") is operated by [LEGAL ENTITY NAME], a [LLC/company type] registered in [JURISDICTION] under commercial registration [CR NUMBER], with registered office at [ADDRESS].

Contact: privacy@dealix.sa | +966 [NUMBER]

Data Protection Officer (DPO): [NAME], [EMAIL]

2. Scope

This Privacy Policy explains how we collect, use, store, and disclose personal data when you:

  • Use the Dealix platform (the "Service")
  • Visit our website
  • Interact with our team

This Policy is compliant with:

  • Saudi Personal Data Protection Law (PDPL)
  • UAE Personal Data Protection Law (if applicable)
  • GDPR (where applicable to EU visitors)

3. Data We Collect

3.1 From Account Holders

  • Name, email, phone number
  • Company name, role, tax identification
  • Authentication credentials (passwords hashed)
  • Usage data (logs, activity, IP address)

3.2 From Workflow Execution

  • Partner/vendor data entered into the Platform
  • Deal data (values, terms, counterparties)
  • Approval records with decision audit trail
  • Evidence packs (hash-chained)

3.3 From Integrations

  • Data from connected systems (WhatsApp, email, CRM) per integration scope and consent

3.4 Cookies and Tracking

  • Session cookies (essential)
  • Analytics cookies (with consent)
  • We do not sell cookie data to third parties

4. Legal Basis for Processing (PDPL compliance)

We process personal data based on:

  • Consent (explicit, withdrawable)
  • Contract performance (to deliver the Service)
  • Legal obligation (tax, audit, regulatory)
  • Legitimate interest (security, fraud prevention)

5. How We Use Data

  • Provide and improve the Service
  • Process approvals and generate evidence packs
  • Send transactional notifications
  • Billing and payment processing
  • Security monitoring and incident response
  • Regulatory compliance (ZATCA, PDPL, NCA)

We do NOT:

  • Sell personal data to third parties
  • Use customer data to train public AI models
  • Share data across tenants

6. Data Retention

Category Retention Period
Account data Duration of engagement + 2 years
Audit logs / evidence packs 7 years (regulatory requirement)
Billing records 10 years (tax law)
Marketing preferences Until withdrawn
Session logs 90 days

Deletion requests per §8 are honored within 30 days, subject to legal retention obligations.

7. Data Sharing

We share personal data only with:

  • Sub-processors (cloud hosting, email delivery) — listed at /trust/subprocessors
  • Professional advisors (auditors, counsel) under confidentiality
  • Law enforcement when legally compelled

All sub-processors sign a Data Processing Agreement (DPA) with equivalent protections.

8. Your Rights (PDPL Articles)

You have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Delete your data (subject to retention obligations)
  • Restrict processing
  • Port your data (receive in machine-readable format)
  • Object to processing based on legitimate interest
  • Withdraw consent at any time

Exercise rights via: privacy@dealix.sa

We respond within 30 days.

9. Cross-Border Transfers

We primarily process data in AWS me-south-1 (Bahrain). Transfers outside GCC are:

  • Subject to Data Subject consent where required
  • Protected by Standard Contractual Clauses or equivalent
  • Disclosed in this Policy

10. Security

We implement:

  • TLS 1.3 for data in transit
  • AES-256 encryption at rest
  • PostgreSQL Row-Level Security for tenant isolation
  • Role-based access with MFA for staff
  • Annual penetration testing
  • SOC 2 Type II audit (in progress)
  • PDPL-aligned controls

Breach notification: We notify affected users and the Saudi Data and AI Authority (SDAIA) within 72 hours of confirmed breach affecting personal data.

11. Children

The Service is for business use only. We do not knowingly collect data from anyone under 18.

12. Changes to This Policy

Material changes will be announced via in-app notification + email 30 days before effect. Historical versions are archived at /trust/policy-archive.

13. Contact and Complaints

Privacy concerns: privacy@dealix.sa Data Protection Officer: dpo@dealix.sa

You may also lodge a complaint with:

  • Saudi Data and AI Authority (SDAIA): https://sdaia.gov.sa
  • Or the relevant data protection authority in your jurisdiction