AgrStak  /  Data Governance Framework  /  v1.0  ·  February 2026  ·  NumeriXGPT LLC
Home / Trust / Data Governance
Data Governance

How AgrStak governs research data, user data, and AI.

This page summarizes AgrStak's Data Governance Framework — the policies, roles, and processes that govern how we source USDA research, handle user information, manage AI systems, and partner with institutions responsibly.

Overview

AgrStak, powered by NumeriXGPT LLC, transforms USDA agricultural research into AI-powered calculators for farmers, researchers, and agricultural professionals. As the platform scales toward enterprise contracts with USDA research institutions and extension services, formal data governance is essential to maintaining research integrity, user trust, and institutional credibility.

Our governance framework covers three interconnected domains:

🌿

Research Data

How USDA datasets and scientific models are sourced, versioned, validated, and maintained across all 431 calculators.

🗄️

User & Platform Data

How farmer inputs, calculation outputs, analytics, and account information are classified, stored, and protected.

🤖

AI & Cloud Data

How AI model interactions, cloud infrastructure, and third-party APIs are governed to protect partner and user data.

Patent Pending

AgrStak's methodology for translating USDA research into AI-powered calculators is patent pending. Data governance records — including model sourcing logs and versioning history — serve as supporting documentation for IP protection.

Governance Structure & Roles

AgrStak operates as a lean startup. Governance roles are assigned with clear accountability and will expand as the organization grows.

Role Responsibility Current Owner
Data Governor Policy authority and final decisions on all data use across domains CEO / Founder
Research Data Steward USDA dataset sourcing, versioning, citation accuracy for all 431 models CEO / Founder
Platform Data Steward User data, privacy compliance, analytics hygiene CEO / Founder
AI/Cloud Data Steward AI model inputs/outputs, cloud security, API contracts CEO / Founder
External Auditor Annual third-party compliance review TBD — Year 2

Research Data Governance

AgrStak's core value proposition is built on USDA agricultural research. How that research is sourced, maintained, and cited directly affects credibility with institutional partners and the accuracy of every calculator output.

Sourcing Standards

  • All agricultural models derived from peer-reviewed USDA-ARS publications or official USDA technical reports
  • Source documents archived internally at the time of each model's creation
  • No proprietary third-party datasets incorporated without a written licensing agreement
  • Model inputs and coefficients must be traceable to the original USDA publication
  • No proprietary third-party data incorporated without written licensing agreement

Model Versioning

Each calculator model is tied to a specific version of the underlying USDA research. When USDA updates its findings, AgrStak updates the corresponding model. Every model in the registry carries the following metadata:

Field Description Required
Model ID Unique identifier per calculator (e.g., AGRSTAK-SB-001) Yes
Source Citation Full APA citation of USDA source publication Yes
Version Number Semantic version of the model (e.g., v2.1.0) Yes
Last Validated Date model was reviewed against current source data Yes
Research Contact USDA researcher who authored the source publication Recommended
Deprecation Date Date model will be retired if not updated with current research Yes
Validation Policy

All models undergo internal validation before deployment. Material discrepancies greater than 5% deviation from USDA source data trigger a model review before launch. All 431 models are reviewed annually against the latest USDA publications.

User & Platform Data Governance

AgrStak collects data from farmers, researchers, and agricultural professionals. This section governs what is collected, how it is stored, and how it is protected.

Data Classification

Class Examples Protection
Public Calculator descriptions, USDA model summaries, published citations Standard
Internal Business logic, pricing, model coefficients, internal analytics Restricted
Confidential Partner contracts, LOIs, unpublished USDA research, DSA data Highly Restricted
User PII Names, emails, farm location, subscription records Maximum Protection
Calculator Inputs Soil data, crop parameters, field measurements Ephemeral — session only, never stored

Data Retention

Data Type
Description
Retention
Calculator Inputs
All field values entered into calculators by users
Session Only
User Account Data
Name, email, subscription status
Account + 90 days
Analytics Events
Anonymized GA4 usage and interaction events
26 Months
Payment Records
Transaction records for tax and financial compliance
7 Years
Support Communications
Email and support ticket history
2 Years
Research Model Logs
Model sourcing, versioning, and validation records
Indefinite (IP)

AI & Cloud Data Governance

AgrStak's calculators are powered by AI models, including the Anthropic Claude API for the AgrStak Chat Widget (ACW). Every AI interaction carries governance implications — particularly when pursuing federal institutional contracts that have strict data handling requirements.

PRINCIPLE 01

Decision Support Only

AI outputs are decision support tools. All AI-assisted results carry a disclaimer recommending validation with a qualified agronomist or extension agent.

PRINCIPLE 02

No Training on Partner Data

Institutional partner data and non-public USDA research is never used to train or fine-tune AI models without explicit written consent.

PRINCIPLE 03

No PII in AI Calls

All prompts sent to the Anthropic API are reviewed to ensure no personally identifiable information is transmitted. API data processing agreements prohibit training use.

PRINCIPLE 04

Hallucination Monitoring

AI outputs referencing non-existent USDA studies are flagged for review. Users can report inaccuracies via the feedback mechanism on every calculator page.

PRINCIPLE 05

Version Transparency

AI model version changes are documented. Calculator outputs are re-validated against USDA source data before any new AI model version is deployed.

PRINCIPLE 06

Cloud SOC 2 Standards

AgrStak's hosting infrastructure (Vercel) maintains SOC 2 Type II certification. All data is encrypted in transit (TLS 1.2+) and at rest (AES-256).

Data Incident Response

A data incident is any event that compromises the confidentiality, integrity, or availability of AgrStak data. Our response protocol follows a six-step process with defined timelines.

Step Phase Action Timeline
1 Detect Identify incident via monitoring alerts, user reports, or internal discovery Immediate
2 Contain Isolate affected systems, revoke compromised credentials, disable affected APIs Within 1 hour
3 Assess Determine scope, data types affected, and number of users impacted Within 4 hours
4 Notify Notify affected users, institutional partners, and regulators as required by law Within 72 hours
5 Remediate Fix root cause, implement additional controls, restore services Within 7 days
6 Review Post-incident report documenting cause, impact, and prevention measures Within 30 days
Institutional Partners

In the event of a data incident involving Shared Data governed by a Data Sharing Agreement (DSA), the affected party will notify the partner institution within 72 hours of discovery per the DSA breach notification clause.

Governance Review Calendar

Data governance is not a one-time activity. AgrStak maintains a structured review cadence to keep the framework current and effective.

Monthly

Analytics Review

GA4 data quality, event tracking accuracy, anomaly detection across all storefronts.

Quarterly

Security Audit

API key rotation, GitHub secret scanning, vendor access review, and cloud configuration check.

Quarterly

AI Output Review

Flagged AI outputs reviewed, hallucination rate assessed, user feedback patterns analyzed.

Annually

Full Framework Review

All policies updated, USDA model validation completed, privacy policy refreshed.

Annually

Vendor Review

All third-party Data Processing Agreements reviewed. New vendors assessed before integration.

Per Partnership

DSA Execution

A custom Data Sharing Agreement executed with each new institutional partner prior to data exchange.

Governance Roadmap

As AgrStak scales, governance infrastructure grows with it. The following milestones define our path from startup to enterprise-grade data governance.

Phase 1 — Q1–Q2 2026 · Active

Foundation

Publish this Data Governance Framework publicly. Complete the internal model registry for all 431 calculators. Execute first DSA with a USDA-ARS institutional partner.

Phase 1 — Q1–Q2 2026 · Active

Section 508 Compliance Audit

Complete WCAG 2.1 AA accessibility audit across all storefronts. Remediate any barriers to ensure the platform serves the full spectrum of agricultural professionals.

Phase 2 — Q3–Q4 2026

Team & Role Separation

Hire a dedicated Platform Data Steward as the team grows. Separate governance roles across research, user, and AI/cloud domains.

Phase 2 — Q3–Q4 2026

SOC 2 Type I Certification

Pursue SOC 2 Type I to meet the security requirements of enterprise and federal institutional customers.

Phase 3 — 2027

SOC 2 Type II & External Audit

Achieve SOC 2 Type II certification. Establish a formal annual external audit cycle with a qualified third-party auditor.

Phase 3 — 2027

Automated Data Lineage

Implement automated data lineage tracking across all 14 storefronts — tracing every data point from USDA source to calculator output.