Trust
Plain English. No clauses. What we collect, what we do with it, where it sits, and the things we will never do. If you want the legal version, the Privacy Policy and DPA are next door.
The short version
You sign up. We hold your email, name, and what you do on the Platform. Enough to run coaching, support, and billing.
When you paste a deal, a transcript, or a draft email, that text goes to an AI provider so a coach can answer.
We do not train any AI provider's foundation models on your data. The providers we use commit to the same.
We do not sell your data. We do not share it with other customers. Coaches never see another customer's deals.
What we collect
Name, email, job title, password (hashed), and what you sign up for.
Which coaches you talk to, when, how long, and how the Platform performs. This is how we know what to build next.
Messages to coaches, transcripts you paste in, documents you upload to your Knowledge Base, roleplay recordings if you use voice.
Handled by Stripe. We see the invoice, not your card.
What we do with it
Show you the right coach. Remember your past sessions. Bill you correctly.
Send your messages to the AI provider that powers the coach you are talking to. The response comes back, we render it, you see it.
Aggregate, anonymised metrics. Retention, feature use, error rates. Never re-identified, never sold.
When you raise a ticket, we read it. When you book onboarding, we prep based on what you have done.
The coaches and your data
Nothing leaves your account. Nothing in your account is visible to any other account. Inside your account, a user talks to a Coach and that conversation is theirs.
User and Coach
Every Coach runs its own prompt and its own methodology. A conversation between a user and their Coach is a window: the user sees it, the Coach sees it. Other users in your account do not. No user or Coach in any other account does.
Bryce, the analytics layer
Bryce is your account-level analytics and insight layer. He can read user sessions with their Coach across the account, so leaders get the read on what is working and where the gaps are. He never crosses the account wall, and his reports stay inside your account.
Where your data sits
The Platform runs on Google Cloud. The primary database is in the United Kingdom. AI provider calls (OpenAI, Anthropic, Deepgram) hit US infrastructure under standard contractual clauses and the UK addendum, the same legal scaffolding every UK SaaS uses for international transfers.
* We are exploring a US-managed variant for US customers who need their primary data in-region. If that is a requirement for you, talk to us.
The full list of sub-processors lives in Annex 2 of the DPA. We notify customers 14 days before adding any new sub-processor and give you the right to object.
Sub-processors
The authoritative list, with full processing detail, lives in Annex 2 of the DPA.
The line we hold
Not us. Not OpenAI. Not Anthropic. Not Google. Their enterprise terms cover this; ours codify it.
Your Knowledge Base is yours. Your transcripts are yours. Nothing in your account is visible to any other account.
Never to advertisers, never to data brokers, never to competitors.
You get 14 days notice, and you get the right to object.
If you want it deleted
Email legal@handle.tech. We delete your data, and instruct our sub-processors to do the same, within 30 business days. The exception: where law requires us to keep it (billing records, fraud-prevention logs).
A question that is not covered
Email legal@handle.tech. Same-day reply on business days. No ticket maze, no clause-hunting.
This page is the plain-English read. The Privacy Policy and Data Processing Agreement are the binding documents, and they say the same thing in full.
Read the DPA