Privacy & Accessibility

What is stored locally

Prior Work uses your browser's localStorage to persist session state between page navigations within a single browser session. This includes:

• •The active model
• •Report context fields you have entered (organisation name, scope, preparer)
• •Report section content generated during the session
• •Demographic column metadata from CSV uploads (column names and unique value lists - not the underlying rows)

This data never leaves your device. It is not transmitted to Prior Work servers and is cleared when you use the "Clear model" button or clear your browser's local storage.

Claude AI integration and your API key

Prior Work's report generation features use the Anthropic Claude API. If you choose to use these features:

• •You supply your own Anthropic API key. Prior Work does not hold, store, or have access to your key beyond the current session.
• •When report generation is triggered, a prompt containing model structure data (node names, marginal distributions, intervention rankings) is sent to Anthropic's API on your behalf. No raw survey response rows are included in the prompt.
• •Your use of the Claude API is governed by Anthropic's usage policies. As the API key holder, you are the contracting party with Anthropic, not Prior Work.
• •If your organisation's data handling policies prohibit sending organisational data to third-party AI services, you should review Anthropic's data processing agreements before using the report generation features.

Backend processing

Model building (structure learning and parameter estimation) is performed on a stateless backend server. Uploaded CSV data is sent to this server only for the duration of the model-building computation and is not persisted. The server returns a fitted model object (nodes, edges, CPTs) which is then stored locally in your browser as described above.

Analytics and tracking

Prior Work does not use third-party analytics, advertising trackers, or session recording tools. No cookies are set beyond those required for application function.

Workforce data and privacy obligations

Survey data about workers is typically sensitive personal information under the Australian Privacy Act 1988 and equivalent State legislation. Prior Work's architecture - local processing, no storage, user-held keys - is designed to minimise Prior Work's role as a data processor. However, the organisation conducting the survey remains responsible for ensuring that collection, use, and disclosure of worker survey data complies with applicable privacy law, enterprise agreements, and any relevant workplace policies.

Target standard

We aim to meet WCAG 2.1 Level AA across all process pages and content pages. This includes:

• •Sufficient colour contrast for all text (minimum 4.5:1 for normal text, 3:1 for large text)
• •Keyboard navigability for all interactive elements
• •Descriptive labels and ARIA attributes on form controls
• •Logical heading hierarchy and landmark regions
• •Meaningful text alternatives for non-decorative images

Known limitations

The following areas have not yet been fully assessed against WCAG 2.1 AA:

• •Network graph (Workspace): The Cytoscape.js graph visualisation is navigable by mouse but not yet by keyboard or screen reader. A tabular fallback view is on the roadmap.
• •Report generation output: AI-generated text is presented as prose HTML which is screen-reader accessible, but the generation controls have not been formally tested with assistive technology.
• •Downloadable templates: CSV and Word document templates have not been assessed for document-level accessibility (e.g. tagged PDF, accessible table structure).

Feedback

If you encounter an accessibility barrier or have a specific access need, please contact patrick@priorwork.au. We aim to respond within five business days.

Assessment approach

Currently assessed via automated tooling (axe-core) and manual review. A formal third-party WCAG audit is planned prior to version 1.0.