Use Case

Data Handling & Privacy

Operational guidance for how workflow materials, customer messages, and sensitive information should be handled during delivery work.

What materials may be reviewed

  • Workflow descriptions
  • Approved answers and business rules
  • Real or anonymized message samples
  • Escalation rules and exception patterns

Handling expectations

  • Prefer anonymized or redacted examples whenever possible
  • Share only the materials needed to design and test the workflow
  • Flag sensitive categories before using them in prompt or test design

Default boundaries

  • No default authority to process payments, refunds, or contract actions
  • No assumption of unrestricted access to customer systems
  • No claim that every workflow should run without human review

When human review is required

  • Sensitive customer issues
  • Legal, financial, or high-risk judgment calls
  • Low-confidence answers or knowledge-base gaps

Current privacy-policy scope

This page should cover more than sample handling during delivery. It should also explain current boundaries for inquiry, portal access, and shared project materials.

What this page is

  • This is the current public Data Handling & Privacy page for operational, delivery, and material-handling boundaries.
  • It works as a commercial trust page before detailed project sharing, but it does not replace lawyer-reviewed contract attachments.
  • For formal engagements, NDA terms, contract scope, and access boundaries should still be confirmed per project.

Where it applies

  • Inquiry and workflow-assessment submissions
  • Client portal login, project-view access, and message exchange
  • Workflow design, test-sample review, delivery review, and revision phases

Retention, deletion, and processors

Commercial trust depends on more than redaction. Buyers also need to know how long materials stay, how deletion works, and which processors may be involved.

Data retention period

  • Inquiry and assessment data should be retained only for a reasonable period needed for follow-up, scoping, and communication history.
  • Project delivery materials may be retained as needed for review, revision, and acceptance records, but not assumed to live forever by default.
  • If a client has stricter retention limits, those should be defined at project start as an explicit delivery constraint.

Deletion request process

  • Clients can request deletion or further redaction before or during delivery work.
  • A deletion request should identify the materials, project context, and requested handling scope clearly.
  • If records must be retained for legal, audit, or contractual reasons, those limits should be explained before deletion is promised.

Third-party processors

  • Public-site processing may involve hosting, storage, logging infrastructure, notification/email components, and the LLM or workflow platform selected for a project.
  • The specific model provider, automation platform, or internal system involved depends on the chosen delivery path.
  • If a processor is not allowed, that restriction should be stated before the project starts.

LLM provider data-handling boundary

  • Agentitek should not treat “model-capable” as permission to send raw sensitive materials into a model by default.
  • Customer messages, internal documentation, and high-sensitivity fields should be redacted, sampled, or handled through a more controlled path where needed.
  • Provider-level retention, logging, and training policies must be checked against the platform actually chosen for the project.

NDA, terms, and security contact path

If the site is going to collect real leads, support portal access, and accept uploaded materials, these boundaries should be public and explicit.

NDA availability

If the project involves sensitive samples, internal systems, customer lists, or unpublished business material, NDA and contract scope should be confirmed before detailed raw material is shared.

Terms / contract boundary

  • The public site can explain handling expectations, but formal responsibility, retention, access rights, delivery scope, and termination terms still belong in contract language.
  • That is why this page is a public privacy and data-handling explanation rather than a pretend fully settled legal package.

Security contact

  • The current public human-contact path is the workflow assessment / inquiry form.
  • Security, privacy, or deletion requests should be labeled clearly in the first message.
  • A human contact path should be confirmed before highly sensitive materials are transferred.

Next Step

Start With Workflow AssessmentSee delivery package scopeReview about and trust notes
Data Handling & Privacy | Agentitek