:Harvey:Support

Security, Data, and Privacy for Sharing in Harvey

Learn how Harvey protects your organization’s data when you share Spaces and resources with collaborators and what controls you have.

Last updated: Mar 4, 2026

Overview

Harvey’s collaboration features (Shared Spaces, external sharing, and guest accounts) are designed to support cross-organization work without moving data out of the originating Harvey environment.

Before you begin: We recommend reading our Shared Spaces Overview to understand key sharing concepts that will be referenced in this article.

This article covers:

  • How sharing works at a high level (Shared Spaces vs. direct sharing)
  • What access levels mean (run, view, edit, and when full access applies)
  • Governance and approvals for external sharing
  • Data residency and hosting for shared resources and guests
  • Auditability and revoking access
  • Query privacy when working across organizations

Note: This article serves as an overview. Harvey applies consistent enterprise-grade protections across all external collaboration capabilities. For more detailed information, reach out to your Harvey account team.

How Sharing Works and What Can Be Shared

Harvey supports external collaboration in two ways:

  1. Share via a Shared Space (best for ongoing collaboration)
  2. Share a resource directly (best for targeted access)

You can share these resource types with internal and external collaborators, subject to your organization’s governance and sharing controls:

  • Data: Vaults and Knowledge Bases
  • Artifacts: Drafts, Review Tables, and Threads
  • Tools: Workflows and Playbooks

Important: for those with Early Access to Guest Accounts, guests cannot receive direct resource shares. They access shared resources only through Shared Spaces.

Access Levels for Direct Sharing

Harvey uses least-privilege access levels, which means only the minimum permissions required to perform necessary tasks. Available access levels vary by resource type and sharing method.

Access Level

What it Typically Allows

Run

Run a tool (for example, a Workflow) without seeing its configuration (prompts, files)

View

View the resource and its contents (and, for some tools, view configuration)

Edit

Modify the resource (for example, update a vault, Playbook, or Workflow configuration)

Full access

Only available for direct resource sharing. Includes full control and ability to share with others.

Query Privacy in Shared Spaces

What’s private by default

When you run a query in a Shared Space, the full conversation (your questions and answers) is stored in your own private workspace history. Your queries stay private to you until you choose to share a thread or artifact with a specific Shared Space or set of users.

When users in your own workspace may see more

If you run a query directly over a single vault, that thread may appear in the "recent queries" section of that vault for other vault members in your workspace. Query history over a single vault are never shared with vault members outside of your organization.

Important: If your workflow requires supervision of downstream use, plan how collaborators will share work back (for example, by sharing threads, outputs, or review artifacts into the Shared Space).

Governance and Approval Controls for External Sharing

External sharing is designed to be admin governed. As a baseline: all external sharing requires admin-approval.

  • Admins establish trust; collaboration happens after. Admins manage sharing between workspaces, and collaborators work within approved permissions.
    • Workspace Admins manage external sharing for the entire workspace and can approve new external relationships (connections).
    • Connection Admins manage and approve sharing within the specific external relationships (connections) they administer.

What to Expect When Sharing Externally

You may see approvals in situations like:

  • Sharing with a new external organization: admins may need to approve establishing a new relationship (connection) before collaboration starts.
  • Adding people to an external Shared Space: admins may need to approve access before the new participant can collaborate.
  • Directly sharing a specific resource externally: admins may need to approve the share before the recipient can access the resource.

Preventing Unintended Sharing

To help you control how shared data moves across organizations:

  • No cross-workspace data leakage. Harvey never exposes internal materials unless you intentionally share them.
  • Users can never share a resource received from one workspace to another workspace.
  • Users can only further share externally received resources within their own workspace if they have Full Access.
  • Deletion of externally shared resources is prohibited for recipient users.
  • Admins can revoke access at any time for individual users, Shared Spaces, or an entire connection.
    • When the original resource is revoked or deleted, recipients lose access to that resource and any shared threads immediately. Their own queries and threads will remain in their workspace, but will show the shared resource as no longer available (e.g. broken link).

Data Residency and Hosting

Important: Harvey collaboration is designed so that data residency, hosting, and resource ownership stay with the owner of each resource. Shared resources remain in the originating workspace’s region and follow that workspace’s retention policies. Further analysis and derivatives of a shared resource remain in each workspace’s threads and follow its policies.

Cross-region collaboration

Shared Spaces are currently limited to workspaces in the same data processing region.

Guest accounts and regional hosting

When a guest is invited, they are placed into a dedicated workspace, and the guest workspace is hosted in the same processing region as the initiating (host) workspace.

Guest accounts data retention

Guest account data follows a default 7-day retention policy.

Audit Capabilities

Harvey provides audit logs for collaboration activity, including logs related to resource sharing and user approvals. These logs can be exported or integrated with SIEMs. Learn more in our developer guide for Audit Logs.

Guest Accounts: Security, Capabilities and Limits

Reminder: Guest Accounts are in Early Access, guest access information only applies to those enrolled in this early access program.

Guests can:

  • Access only the Shared Spaces they’re invited to
  • Use shared resources at their granted access level
  • Submit grounded queries when a Vault or Knowledge Base is shared in the Space
  • Use Improve prompt and Harvey’s default prompt library

Guests cannot:

  • Create new Workflows, Playbooks, Vaults, or Knowledge Bases
  • Invite other users to the Shared Space
  • Access your organization’s governance controls (for example, SSO, SCIM, RBAC), integrations, analytics, or workspace history
  • Receive tools or artifacts outside the context of a Shared Space

How guests sign in

Guests authenticate through a secure email code flow.

  • Guests enter their email to access the Shared Space.
  • Harvey sends a time-limited code to that email address. This code expires after 5 minutes.
  • After log-in, the session has a 24-hour timeout

Allowed email domains

Personal email domains (for example, Gmail or Yahoo) are blocked for guest invitations.

Tips for Success

Our Shared Spaces Overview article includes tips for success that support secure, external collaboration.

FAQs

Shared Spaces Overview

Learn how Shared Spaces help your organization collaborate securely inside and across workspaces.

Set Up and Manage Shared Spaces (For Admins)

Learn how to enable and configure Shared Spaces, external sharing, and guest accounts for your organization.

How Sharing Works in Harvey

This article explains how sharing works in Harvey, including how to share resources with external teams, what stays private, and what admins can manage.