Add Privacy & Compliance Documentation (#2620)

Adds a new "Privacy & Compliance" page to the Quivr documentation.

- **Introduces a comprehensive overview** of Quivr's commitment to
privacy and compliance, including the open-source security model,
responsible telemetry use, row-level policy enforcement, local data
handling, and LLM compatibility.
- **Details the open-source security model**, emphasizing transparency
and community-driven security enhancements.
- **Explains the responsible use of telemetry**, highlighting minimal
data collection, anonymization, secure storage, and opt-out options.
- **Describes row-level policy enforcement** for database security,
ensuring controlled data access.
- **Clarifies local data handling**, ensuring all data remains local
with no external data transfer without user consent.
- **Highlights compatibility with any LLM**, including local server-run
models, offering flexibility for user needs.
- **Includes information on SOC2 compliance** through partnership with
Porter & Oneleet, aiming for compliance within 90 days for managed
instances.


---

For more details, open the [Copilot Workspace
session](https://copilot-workspace.githubnext.com/QuivrHQ/quivr?shareId=e9ecbf64-d06d-45b6-ab73-c04b9ed7916d).

docs/privacy-and-compliance.mdx

@@ -0,0 +1,33 @@
+---
+title: Privacy & Compliance
+---
+
+# Privacy & Compliance
+
+At Quivr, we prioritize the security and privacy of our users. This document outlines our commitment to privacy and compliance, detailing our security measures, telemetry use, row-level policy enforcement, local data handling, and compatibility with various Language Learning Models (LLMs).
+
+## Open-Source Security Model
+
+Quivr is built on an open-source model, allowing for transparency and community-driven security enhancements. Our codebase is publicly available for review, ensuring that security experts can audit and contribute to our security practices.
+
+## Responsible Use of Telemetry
+
+Telemetry data is used to improve user experience and product performance. We collect minimal data necessary for these purposes, ensuring it is anonymized and securely stored. Users have the option to opt-out of telemetry collection.
+
+## Row-Level Policy Enforcement
+
+Security is enforced at the database level through row-level policies. This ensures that data access is strictly controlled, with users only able to access data they are explicitly permitted to view or modify.
+
+## Local Data Handling
+
+All data processed by Quivr remains local, ensuring that no data is sent outside without explicit user consent. This local-first approach guarantees data privacy and sovereignty.
+
+## Compatibility with Any LLM
+
+Quivr is compatible with any Language Learning Model, including local server-run models. This flexibility allows users to choose the most suitable model for their needs, whether it's for privacy reasons or specific feature requirements.
+
+## SOC2 Compliance
+
+Through our partnership with Porter & Oneleet, we offer SOC2 compliance within 90 days for instances managed by Quivr. This demonstrates our commitment to maintaining high standards of security and data protection.
+
+By adhering to these principles, Quivr ensures a secure, private, and compliant environment for all users.