Privacy
aa-factory only stores what's necessary to operate the factory: GitHub identity for operator auth, plus job/PR metadata.
Stub for v0.1. The full policy lands in P6 alongside the rest of the trust surface.
The factory does not run user-facing services in v1; it is operator-only. The full policy will cover: how operator GitHub identity is stored (iron-session cookie, ≤ 30 day rolling), what is logged about jobs (prompt, telemetry, PR URL), and our retention defaults.