A detailed reference for InfoSec, procurement, and IT review teams. The architecture, the data flow, the compliance posture, and the questions executives' security organizations actually ask — answered in full.
This page exists to give executives evaluating CaliberSuite™ a clean, focused URL to forward when their IT, security, or procurement team asks for documentation.
CaliberSuite™ is built on a principle of architectural separation: your organization's sensitive data does not enter the system. It does not integrate with HRIS, payroll, or talent management systems. It does not ingest raw employee data, PII, PHI, or MNPI. It does not perform autonomous monitoring of your organization.
This is a deliberate design choice. By keeping sensitive data outside the system at the architectural level, we eliminate the most common AI security risks — data leakage, unauthorized retention, and regulatory exposure — rather than relying on policy enforcement alone.
At this time, CaliberSuite™ is not a BAA-eligible vendor and is not intended for processing PHI, PII, or MNPI.
Sensitive organizational data never enters the system. Compliance frameworks designed to protect that data don't apply — because the data isn't there.
Context inputs are persisted under your direct control, with the most sensitive inputs residing on your own device. You can extend, modify, or delete your context at any time.
GGenesis operational visibility is limited to login events, session metadata, and error logs — never participant content.
Four data classes, four locations. The architectural design ensures that no single layer accumulates a complete picture of your organizational context.
The platform has no integration capability with your organization's systems. By design.
Note: Subscription administrative data — your account, billing, and platform access — is handled exclusively by GGenesis for operational purposes only, and never includes your conversations with the advisor.
Your request goes from your browser to Anthropic's Claude API — an enterprise-grade AI service used by major companies worldwide. The response comes back to your browser. Anthropic does not train on your inputs.
Hosting is provided by Vercel, whose platform operations carry SOC 2 Type II certification. CaliberSuite™ itself is not currently SOC 2 certified — the architecture intentionally does not require it for individual-only access.
Any context inputs you choose to persist are stored locally, under your control, with the most sensitive inputs residing on your own device rather than on GGenesis servers.
Each layer has a defined role with a specific data-handling boundary. The architectural design ensures that no single layer accumulates a complete picture of your organizational context.
A common question from review teams: if Anthropic doesn't train on inputs, how does the advisor follow up on something the executive worked on yesterday? Two different things, often confused.
This means the underlying Claude model doesn't learn from conversations — context never updates Claude's behavior for anyone else. It is a privacy guarantee, not a memory mechanism.
The advisor's continuity is a separate mechanism. Context — board map, priorities, communication style, prior conversations — is saved in the executive's browser's local storage on their device. When they return, the platform reads that context and brings it into the new session before Claude sees the prompt.
The memory lives on the executive's device, in their hands — not on GGenesis servers, not in Claude's training. If they clear browser data, the context is gone. By design.
Clearing the browser's cache — temporary files that help pages load faster — does not affect CaliberSuite™ context. Context is stored separately in browser local storage, not in the cache.
Clearing cookies and site data for CaliberSuite™ typically does clear local storage in most browsers — which is exactly how an executive deletes their CaliberSuite™ data on purpose if they want to. Sign-in will be required on next visit.
Recommendation: when doing routine browser cleanup, leave CaliberSuite™ unselected in the site-data list — or clear cache only. Selecting CaliberSuite™ in a cookies-and-site-data clear will wipe the context, and the executive will need to rebuild it.
Export & Import your data: you can export your context as a portable backup file and import it later. Save a copy before clearing browser data and reload it any time — your context is fully portable, stays under your control, and never sits on GGenesis servers.
Not at this time, and that's intentional.
CaliberSuite™ is currently individual-use only. The architecture is specifically designed so that no PHI, no PII of your employees, no MNPI enters the platform, and your data doesn't reach GGenesis servers.
This is why we don't require SOC 2 / HIPAA certifications — because the platform isn't a covered system handling protected data. You are the data controller; your device is the data storage.
When we expand to team and enterprise deployment, we will complete the relevant certifications first. Until then, CaliberSuite™ remains an individual-only personal tool.
If the executive is considering CaliberSuite™ as a personal tool for themselves, the IT conversation is short:
If the company is asking about team or enterprise deployment, the answer is: not available yet — until our compliance certifications are completed.
The architecture is built to avoid this. Because the platform doesn't touch company data, doesn't run on company systems, and doesn't store company information on third-party servers, it sits outside most corporate data policies.
That said, executives should review their specific employer's policies on personal AI tool use. Many organizations explicitly permit personal AI use; some require disclosure. We recommend a brief conversation with the executive's manager or compliance team if there is any uncertainty.
CaliberSuite™ is not a platform where GGenesis staff routinely review participant content. The platform is designed for participant-driven use, not GGenesis-mediated use.
What no one at GGenesis sees by default: context inputs, conversations with the advisor, specific outputs the advisor generates.
What system logging does capture, for operational purposes: login events and timestamps, session metadata (not content), system-level error logs (not content), acknowledgment of the onboarding consent screen.
When operational access might occur: if the executive contacts GGenesis for support and explicitly shares details, if they grant access for a coaching session, or if required by valid legal process (with notification to the extent legally permitted).
Hallucination — when an AI generates plausible-sounding but inaccurate information — is a real risk in any AI tool. CaliberSuite™ uses three layers to reduce that risk.
Built on Anthropic's Claude. Anthropic's published training approach — Constitutional AI — is designed to make the model express uncertainty more often than competing approaches, rather than fabricate when it doesn't know.
When the advisor cites a statistic, it's anchored to verifiable public research (SHRM, Gallup, BLS, NIS). The executive can verify.
The advisor scaffolds the executive's thinking; the executive makes the decisions. We don't generate autonomous outputs. We don't make claims for the executive.
Before using any specific statistic, calculation, or external citation in a high-stakes setting — board presentations, CEO conversations, regulatory filings — verify the specifics. The advisor is a structured thinking partner, not a source of truth.
Context is stored in the executive's browser. They can review what's there at any time.
Clearing browser data clears CaliberSuite™ data. No "delete my account" process to trust — clearing local data accomplishes the deletion directly.
Context lives where the executive chooses to use the platform. They control which devices.
Access is the executive's to manage. There's no lock-in on the data side because GGenesis isn't holding it.
CaliberSuite™ is designed for individual, participant-driven use, not shared workspace use. Each executive operates in their own session with their own data boundaries.
Each participant has unique credentials. Access is participant-specific.
Each participant's context is stored on their own device. No shared server-side context repository.
The advisor's responses are generated per session — Participant A's context informs A's response, Participant B's informs B's, and the sessions don't share state.
Operational logging is tagged to the individual participant for system health, not pooled across participants.
Practical implication: A participant could be the CHRO of one organization while another participant is the CHRO of a direct competitor. The architecture ensures neither party's context is visible to or influences the other.
If you're an executive evaluating CaliberSuite™ for yourself, return to the overview. If you're an IT or procurement reviewer with additional questions, route them through the executive who shared this URL with you.
← Back to CaliberSuite™ overview