CareDesk
Log inBook a Demo

Privacy Policy

Last Updated: April 7, 2026

1. Information We Collect

We collect information that you or your organization provides directly to us. This includes account information such as your name, email address, phone number, and designated role when your account is created. We also securely collect the contents of the questions you ask the AI, interaction histories, and any feedback or context you provide through our ticketing system.

Automatically, we collect log data, device information (such as browser type and OS), and usage details when you access CareDesk. This telemetry data helps us ensure platform security, monitor performance, and continuously improve the Service.

2. How We Use Information

We use the collected information to:

  • Provide, maintain, and deliver the CareDesk Service efficiently.
  • Process AI queries and accurately route questions and tickets to the appropriate personnel within your organization.
  • Generate anonymized, aggregated usage dashboards for Organization Administrators to track engagement and identify operational gaps.
  • Communicate with you regarding account updates, security alerts, technical notices, and support messages.

3. Data Sharing

We strongly believe in data privacy and never sell your personal data. We only share information under the following strict conditions:

  • Within Your Organization: With authorized users (e.g., your Managers or Administrators) for operational visibility.
  • Service Providers: With trusted third parties who assist us in operating our platform, such as secure hosting providers and LLM APIs (like Google Gemini). These providers are bound by strict data processing agreements and confidentiality obligations.
  • Legal Requirements: When required by law, subpoena, or to protect our rights, users, or the public safety.

4. Community-Scoped Data Isolation

CareDesk employs strict multi-tenant architecture. Your organization's data, including uploaded SOPs, AI interactions, and user information, is logically isolated and scoped exclusively to your community. Cross-organization data leakage is prevented at the application, database, and infrastructure layers.

5. Data Security

We implement comprehensive technical and organizational security measures to protect your personal information and organizational data against unauthorized access, alteration, disclosure, or destruction. All data is encrypted in transit using modern TLS protocols and encrypted at rest within our secure cloud infrastructure.

6. Data Retention

We retain your personal information and interaction logs only for as long as your Organization's account remains active, or as reasonably necessary to provide you with the services, comply with our legal obligations, resolve disputes, and enforce our agreements. Upon termination of an organization's account, data is securely purged in accordance with our data destruction protocols.

7. Your Rights

Depending on your jurisdiction, you may have the right to access, correct, or request the deletion of your personal data. Because CareDesk functions as an enterprise tool where your organization is the data controller, requests to modify or delete data must typically be coordinated through your Organization Administrator. We will assist administrators in fulfilling these requests promptly.

8. Cookies and Tracking Technologies

We use strictly necessary cookies and similar tracking technologies primarily to maintain your authentication session, ensure security, and track basic usage of the Service. We do not use third-party advertising cookies or trackers. You can instruct your browser to refuse all cookies, but doing so may limit your ability to use certain features of the Service.

9. Children's Privacy

CareDesk is an enterprise workplace tool and is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal data from a child without verification of parental consent, we will take immediate steps to remove that information from our servers.

10. International Data Transfers

Your information may be transferred to, and maintained on, computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those from your jurisdiction. By using CareDesk, you consent to this transfer, provided that we ensure appropriate safeguards are in place.

11. Changes to This Policy

We may update our Privacy Policy from time to time to reflect changes in our practices or regulatory requirements. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last Updated" date at the top. We encourage you to review this Policy periodically.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact our privacy team at hello@carelog.co.