Overview
Patrick ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Decision Intelligence Platform.
We understand that you're entrusting us with sensitive organizational data. This policy outlines our commitments and your rights.
Information We Collect
Organizational Data
When you connect Patrick to your systems, we process:
- Communication data (Slack messages, emails, meeting transcripts)
- Project management data (Jira tickets, GitHub issues, pull requests)
- Customer data (Salesforce records, support tickets, usage analytics)
- Product data (feature requests, bug reports, user feedback)
- Metadata (timestamps, user IDs, relationships between data points)
Account Information
We collect information necessary to provide and secure your account:
- Business contact details (name, email, company)
- Authentication credentials
- Billing information (processed through secure third-party providers)
- Usage data (queries, features accessed, performance metrics)
How We Use Your Information
We use your data exclusively to:
- Provide the Service: Build your knowledge graph, answer queries, generate insights
- Improve Performance: Optimize response times, accuracy, and relevance
- Ensure Security: Detect and prevent unauthorized access or misuse
- Support Your Team: Respond to technical issues and feature requests
We never: Sell your data, use it to train public models, or share it with third parties for their own purposes.
Data Security
We implement enterprise-grade security measures:
- Encryption: AES-256 at rest, TLS 1.3 in transit
- Access Controls: Role-based permissions, SSO/SAML support
- Infrastructure: SOC 2 Type II compliant hosting
- Monitoring: 24/7 security operations and anomaly detection
- Auditing: Complete audit logs of all data access
Data Retention
We retain your data only as long as necessary to provide the service:
- Active Accounts: Data is retained and continuously updated
- Cancelled Accounts: Data is deleted within 30 days unless you request immediate deletion
- Legal Requirements: Some data may be retained longer to comply with legal obligations
Your Rights
You have the right to:
- Access: Request a copy of all data we hold about your organization
- Correction: Update or correct inaccurate information
- Deletion: Request deletion of your data (subject to legal requirements)
- Portability: Export your data in machine-readable formats
- Restriction: Limit how we process certain data
To exercise these rights, contact us at [email protected]
Compliance
Patrick complies with:
- GDPR (General Data Protection Regulation)
- CCPA (California Consumer Privacy Act)
- SOC 2 Type II standards
- HIPAA (for healthcare customers with BAA)
Third-Party Services
We use carefully vetted third-party services for:
- Cloud infrastructure (AWS, GCP)
- Payment processing (Stripe)
- Analytics (anonymized usage data only)
All third-party providers are contractually required to maintain the same level of data protection as Patrick.
Changes to This Policy
We may update this Privacy Policy to reflect changes in our practices or legal requirements. We will notify you of material changes via email and provide 30 days' notice before they take effect.
Contact Us
For privacy-related questions or concerns: