Last updated: March 12, 2026 · Applies to WispherFlow Enterprise workspaces
This Enterprise Privacy Policy describes how WispherFlow collects, uses, and protects information within Enterprise workspaces. It supplements our general Privacy Policy.
1. Data Controller Relationship
For Enterprise workspaces, WispherFlow acts as a data processor on behalf of the Enterprise Customer (the data controller). The Enterprise Customer is responsible for ensuring a lawful basis for processing member personal data within their workspace, and for informing their members about how their data is used.
2. Information We Collect in Enterprise Workspaces
Member profile data: Name, email address, and authentication credentials.
Session metadata: Basic information needed to operate the Service (such as session timestamps and counts). We do not record or retain audio, video, or transcripts of member sessions, and we do not store browser or device fingerprints.
Uploaded documents: Resumes and supporting materials provided by members.
Workspace settings: Configuration provided by workspace administrators.
Notification records: In-app communication and read status.
3. How We Use Enterprise Data
To provide and operate the Enterprise workspace and session features.
To enable administrators to view usage analytics for workspace members.
To send transactional emails (invitations, approvals, password resets, reminders) on behalf of the Enterprise Customer.
To maintain workspace security and audit logs.
Enterprise workspace data is never used to train AI models.
Enterprise data is never sold or shared with third parties for marketing purposes.
4. Administrator Access
Workspace administrators have access to member profile data and aggregate usage metadata for their workspace. Administrators do not have access to the content of member sessions.
5. Member Privacy
Members can view their own analytics, session history, and approval request history through the "My Progress" section. Members should be aware that workspace administrators have access to their usage metadata as described in Section 4.
6. Data Retention
Active workspace data is retained for the duration of the Enterprise subscription.
Upon workspace termination, data is retained for 30 days then permanently deleted.
Members removed from a workspace retain their individual WispherFlow account (if any) but their enterprise-specific session data remains associated with the workspace until deletion.
Session slot records are retained for analytics purposes for 12 months after completion.
7. Security
Data is encrypted in transit and at rest using industry-standard protocols.
Authentication credentials are stored in hashed form.
Access controls and session expiration are enforced on every request.
We engage qualified third-party providers for payments, hosting, and infrastructure under appropriate data protection agreements.
8. Data Portability and Deletion
Enterprise Customers may request a data export or deletion of their workspace data at any time by contacting enterprise@wispherflow.com. Individual members may request deletion of their personal data; such requests will be fulfilled subject to legitimate business record retention requirements.
9. International Data Transfers
WispherFlow is based in the United States. Enterprise workspace data may be processed and stored in the US. For Enterprise Customers in the EU/EEA, processing is conducted under standard contractual clauses. Contact us for Data Processing Agreements (DPA).
10. Changes to This Policy
We will notify workspace administrators by email at least 14 days before material changes to this policy take effect.
11. Contact
For inquiries related to Enterprise workspaces, please use the most appropriate address below: