Data handling & privacy

How customer data is treated at a conceptual level: minimisation, purpose limitation, and operational practices that reduce accidental exposure — without publishing internal architecture diagrams.

Data handling is described in operator terms: what to collect, how long to keep it, and how to reduce exposure — without publishing internal architecture.

Minimisation

Collect what you need

Smaller datasets reduce risk and simplify subject access workflows.

Practical checks

Remove duplicate uploads across threads.
Avoid exporting full workspaces “just in case”.
Prefer structured fields over giant attachments.

Retention mindset

Customer requests

Access / correction / deletion

Route through internal privacy first.
Include workspace identifiers and scope.
Expect identity verification steps.

Support

→

Coordinate sensitive requests with Harold support.

Was this page helpful?