Privacy Policy

1. INTRODUCTION

Welcome to HandledRight.com ("Site", "Service", "Platform", "we", "us", "our"), operated by Golden Ratio, LLC, a Utah limited liability company doing business as "HandledRight.com" (the "Company"). HandledRight.com is a professional follow-up, coordination, and correspondence service offered in affiliation with BusyWork.com.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our professional correspondence and follow-up services. We respect your privacy and are committed to protecting your personal information.

Please read this Privacy Policy carefully to understand our policies and practices regarding your information. By accessing or using our Service, you agree to this Privacy Policy and our Terms of Service. If you do not agree with our policies and practices, do not use our Service.

This Privacy Policy should be read in conjunction with our Terms of Service, which contains additional information about data handling, AI usage, Correspondence Services, and your rights and obligations.

2. INFORMATION WE COLLECT

We collect several types of information from and about users of our Service:

2.1 Personal Information

Personal information is data that can be used to identify or contact you individually. We may collect:

• Contact Information: Name, email address, mailing address, phone number
• Business Information: Company name, job title, industry, business address
• Payment Information: Credit card numbers, banking information, billing address (processed by secure third-party payment processors and not stored directly by us)
• Communication Records: Records of your communications with us, including emails, customer support interactions, phone call recordings (including calls conducted by AI voice agents), and SMS/text message logs
• Task Information: Details about follow-up tasks, correspondence requests, and related instructions you provide

2.2 Third-Party Account Access

To perform certain tasks on your behalf (such as accessing vendor portals, submitting applications, or coordinating with platforms requiring login), we may require access to your third-party account credentials.

When you authorize password vault access:

• Credentials are accessed through the vault platform's secure sharing features
• We do not store copies of credentials on our systems
• Access is used solely for the specific task you authorize
• All credential access is logged and auditable
• You maintain full control and can revoke access at any time through your vault platform

2.3 Non-Personal Information

Non-personal information is data that does not permit direct association with any specific individual. We may collect:

• Device Information: IP address, browser type, operating system, device information
• Usage Data: How you use our Service, including pages visited, features used, and time spent on the platform
• Location Data: General geographic location based on IP address
• Cookies and Similar Technologies: Information collected through cookies, web beacons, and similar technologies as described in Section 3
• Service Preferences: Types of services requested, frequency of service, service history, and feedback
• Task Patterns and Workflow Data: Anonymized data about task types, completion rates, and operational metrics

2.4 Correspondence and Communication Data

When using our Correspondence Services (as defined in our Terms of Service), we collect:

• Outbound Communications: Emails sent on your behalf via branded domains (such as @handledright.com)
• Inbound Communications: Responses and replies received through our correspondence channels
• Phone Call Data: Recordings and transcripts of phone calls made on your behalf, including calls conducted by AI voice agents via third-party telecommunications providers such as Twilio
• SMS/Text Messages: Text messages sent and received on your behalf
• Communication Metadata: Timestamps, recipient information, delivery status, and outcomes
• AI-Generated Content: Drafts, responses, and communications generated by our AI systems on your behalf

2.5 Information From Third Parties

We may receive information about you from third parties, including:

• Service Providers: Information from third-party service providers who perform services on our behalf
• Business Partners: Information from our business partners related to the services you have requested
• Public Databases: Information from publicly available sources

2.6 Aggregated and Anonymized Data

We may collect, aggregate, and anonymize data derived from your use of the Services, including task patterns, workflow data, communication metadata, service utilization statistics, and operational metrics ("Aggregated Data"). Aggregated Data is processed to remove or obscure all personally identifiable information such that it cannot reasonably be used to identify you or any individual. See Section 6 for how we use Aggregated Data.

3. HOW WE COLLECT INFORMATION

3.1 Direct Collection

We collect information directly from you when you:

• Email us task requests or forward threads for follow-up
• Request services through our platform
• Authorize access to password management vaults
• Complete forms or surveys
• Communicate with us via email, phone, or other means
• Provide feedback on services
• Make payments for services
• Authorize Correspondence Services on your behalf

3.2 Automated Collection

We use automated technologies to collect information, including:

3.2.1 Inbound Email Processing

When you forward emails to your designated HandledRight.com address, we receive and process the full email content, including any attachments, sender information, and message headers, to fulfill your task request. This processing is handled through our email infrastructure providers (such as SendGrid inbound parse) and is necessary to understand and execute the tasks you delegate to us.

3.2.2 Cookies and Similar Technologies

Cookies are small data files stored on your device that help us improve our Service and your experience. We use the following types of cookies:

• Essential Cookies: Required for the operation of our Service
• Analytical/Performance Cookies: Allow us to recognize and count the number of visitors and see how visitors move around our Service
• Functionality Cookies: Enable us to enhance your experience

You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.

3.2.3 Analytics

We use third-party analytics services, such as Google Analytics and similar tools, to help us understand how users engage with our Service. These services may use cookies and similar technologies to collect information about your use of the Service and other websites. This information helps us improve our Service, understand user behavior, and optimize our platform.

Analytics data may include:

• Pages visited and time spent on each page
• Referring websites and search terms
• Device type, browser, and operating system
• Geographic location (country/region level)
• User flow and navigation patterns

3.2.4 AI and Automated Systems

We utilize artificial intelligence technologies, including large language models (such as Claude by Anthropic, ChatGPT by OpenAI, and similar tools), AI voice agents, and automated communication systems to process tasks, generate content, and conduct correspondence on your behalf. These systems may automatically collect and process information necessary to fulfill your service requests.

3.2.5 Call Recording

Phone calls with our representatives, including calls conducted by AI voice agents via third-party telecommunications providers (such as Twilio), may be recorded for quality assurance, training purposes, service improvement, and to maintain accurate records of communications made on your behalf.

4. HOW WE USE YOUR INFORMATION

We use the information we collect about you for various purposes, collecting only what's necessary to provide and improve our Services:

4.1 Providing Our Services

• Processing and fulfilling your follow-up and correspondence requests using AI tools (such as Claude by Anthropic, ChatGPT by OpenAI, and similar technologies)
• Conducting Correspondence Services on your behalf, including sending emails from branded domains and making phone calls via AI voice agents
• Providing customer support via email, phone, and other channels
• Facilitating payments and transactions
• Scheduling, monitoring, and managing service tasks
• Communicating with you about service status, updates, and changes
• Accessing third-party accounts using credentials shared through authorized password vault platforms to complete authorized tasks

4.2 Improving Our Services

• Developing new features, products, and services
• Monitoring and analyzing trends, usage, and activities in connection with our Service
• Improving the functionality and user experience of our platform
• Conducting research and analysis to better understand our customers
• Testing and developing new features and functionality
• Training and improving our internal AI models and automated systems using Aggregated Data (see Section 6)

4.3 Communications

• Sending you technical notices, updates, security alerts, and administrative messages
• Providing news, special offers, and general information about other services and events (you may opt out via unsubscribe links or by contacting us)
• Responding to your comments, questions, and requests
• Contacting you about your services
• Sending correspondence on your behalf through Correspondence Services

4.4 Legal and Security Purposes

• Protecting our rights, property, and safety, and that of our users and the public
• Detecting, preventing, and addressing fraud, unauthorized access, and other illegal activities
• Complying with legal obligations, such as responding to court orders and legal processes
• Enforcing our Terms of Service and other agreements

5. HOW WE SHARE YOUR INFORMATION

We may share your information in the following circumstances:

5.1 Service Providers

We share information with third-party service providers who perform services on our behalf, such as:

• Payment processors who process transactions (payment data not stored by us)
• Cloud service providers who host our data (such as Supabase, Railway, Vercel)
• Analytics providers who help us understand how our Service is used
• Customer service providers who assist with user support
• Email service providers (such as SendGrid, Resend) who facilitate our email communications

5.2 AI and Technology Providers

We share data with third-party artificial intelligence providers to process tasks, generate content, and improve service quality. These providers include:

• Anthropic (Claude): For AI-assisted task processing and content generation
• OpenAI (ChatGPT): For AI-assisted task processing and content generation
• Google: For AI services and analytics
• Other AI Providers: As needed to deliver our Services

We use commercially reasonable efforts to anonymize or redact sensitive information before processing through AI tools. However, data processed by third-party AI providers may be subject to those providers' own privacy policies and terms of service.

5.3 Telecommunications Providers

For phone and SMS communications conducted on your behalf as part of our Correspondence Services, we share data with third-party telecommunications providers, including:

• Twilio: For phone calls (including AI voice agent calls) and SMS/text messaging
• Other Telecom Providers: As needed to deliver Correspondence Services

These telecommunications providers are independent third-party services. Phone numbers provisioned through these providers may be recorded, logged, or retained in accordance with their policies.

5.4 Password Management Platforms

When you authorize us to access credentials through third-party password vault platforms (such as 1Password, Keeper Security, LastPass, or Bitwarden), we access credentials solely through those platforms' secure sharing features. We do not store copies of credentials accessed through vault integrations. These password management platforms are independent third-party services subject to their own privacy policies and security practices.

5.5 Third Parties You Direct Us to Contact

To fulfill your service requests, we may share necessary information with third parties you instruct us to contact on your behalf, including vendors, service providers, government offices, clients, and other entities relevant to your follow-up and correspondence tasks.

5.6 Business Transfers

If we are involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will notify you of any change in ownership or uses of your personal information.

5.7 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or government agency). We may also disclose your information to:

• Enforce our Terms of Service and other agreements
• Protect and defend our rights or property
• Prevent or investigate possible wrongdoing in connection with the Service
• Protect the personal safety of users of the Service or the public

5.8 With Your Consent

We may share your information with third parties when you have given us your consent to do so.

6. AGGREGATED DATA AND AI MODEL IMPROVEMENT

6.1 Use of Aggregated Data

We may use Aggregated Data (as defined in Section 2.6) for any lawful purpose, including but not limited to:

• Training, developing, improving, and optimizing our internal artificial intelligence models, machine learning algorithms, and automated systems
• Enhancing the quality, efficiency, and accuracy of our Services
• Developing new products, services, and features
• Conducting internal research and development
• Generating benchmarks, analytics, reports, and insights regarding service performance
• Creating and distributing anonymized industry reports and case studies

6.2 De-Identification Practices

We employ industry-standard de-identification practices to ensure that Aggregated Data cannot reasonably be used to identify individual users. These practices include:

• Removing or hashing direct identifiers such as names, email addresses, phone numbers, and account identifiers
• Generalizing or binning location data, dates, and other potentially identifying attributes
• Applying statistical techniques to ensure datasets meet de-identification thresholds
• Implementing access controls and data governance policies to prevent re-identification

6.3 Third-Party AI Provider Data Sharing

We may share Aggregated Data with third-party artificial intelligence platform providers (such as Anthropic, OpenAI, Google, and similar providers) for the purpose of training, fine-tuning, or improving AI models that are used to deliver our Services. We require such third-party providers to maintain the confidentiality of Aggregated Data.

6.4 Opting Out of Aggregated Data Collection

If you do not wish for your data to be included in Aggregated Data used for AI model training and improvement, you may opt out by sending a written request to busyworkhq [at] gmail.com with the subject line "Opt-Out: Aggregated Data." Upon receipt of your opt-out request, we will exclude your prospective data from Aggregated Data processing within 30 days.

Please note that opting out will not affect Aggregated Data that was processed prior to the effective date of your opt-out request, as such data has already been de-identified and aggregated in a manner that cannot be practicably reversed.

6.5 No Sale of Personal Data

For the avoidance of doubt, our use of Aggregated Data as described in this Section does not constitute a "sale" of your Personal Data as defined under the California Consumer Privacy Act (CCPA), Utah Consumer Privacy Act (UCPA), or other applicable privacy laws, because Aggregated Data is fully de-identified and does not constitute Personal Data.

7. CORRESPONDENCE SERVICES DATA

7.1 Nature of Correspondence Services

Our Correspondence Services allow us to send emails, make phone calls, and send SMS/text messages on your behalf through branded communication channels (such as @handledright.com) and third-party telecommunications providers (such as Twilio). These services may utilize AI systems, including AI voice agents, to conduct communications autonomously within defined parameters under human supervision.

7.2 AI-Generated Communications

You acknowledge and agree that:

• AI systems may draft, send, and respond to communications on your behalf without human review of each individual communication
• AI-generated communications may occasionally contain errors, inaccuracies, or contextually inappropriate content
• Human oversight is provided on a commercially reasonable basis but does not guarantee detection or prevention of all AI errors
• You are responsible for reviewing summaries and reports of correspondence and promptly reporting any concerns

7.3 Recording and Retention

All correspondence conducted through our Correspondence Services, including AI voice agent phone calls, may be recorded, transcribed, and retained for quality assurance, training, service improvement, dispute resolution, and compliance purposes. Call recordings are stored securely and retained in accordance with Section 9 of this Privacy Policy.

7.4 Opting Out of Correspondence Services

You may opt out of Correspondence Services at any time by notifying us in writing at busyworkhq [at] gmail.com. Upon receipt of your opt-out request, we will cease using Correspondence Services on your behalf within 5 business days. Opting out may limit the scope of services we can perform on your behalf.

8. DATA SECURITY

We implement appropriate technical and organizational security measures designed to protect your personal information from loss, misuse, unauthorized access, disclosure, alteration, and destruction. These measures include:

• Encryption of sensitive data in transit and at rest
• Secure credential access exclusively through authorized password management platforms (1Password, Keeper Security, etc.)
• Strict access controls and role-based permissions
• Comprehensive logging and monitoring of all access
• Secure authentication procedures
• Regular security assessments
• Employee training on data security and privacy
• Standard email authentication protocols (SPF, DKIM, DMARC) for Correspondence Services domains

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee its absolute security. You are responsible for maintaining the security of your own email account and any credentials you share with us through authorized password vault platforms.

9. DATA RETENTION

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Our general retention practices include:

• Service Request Data: Retained for 1 year post-completion unless legally required otherwise
• Communication Records: Retained for 2 years or as required for legal compliance
• Correspondence Services Data: Call recordings and correspondence logs retained for 1 year
• Payment Records: Retained as required by tax and accounting regulations
• Aggregated Data: May be retained indefinitely as it does not contain personal information

When we no longer need your information, we will securely delete or anonymize it.

10. YOUR PRIVACY RIGHTS

Depending on your location, you may have certain rights regarding your personal information:

10.1 Access and Portability

You may request access to your personal information that we hold and, in some cases, request that we provide it in a portable format.

10.2 Correction

You may request that we correct inaccurate or incomplete personal information that we hold about you.

10.3 Deletion

You may request that we delete your personal information in certain circumstances, subject to certain exceptions (such as legal retention requirements or data that has already been anonymized).

10.4 Restriction and Objection

You may request that we restrict our processing of your personal information or object to our processing in certain circumstances.

10.5 Withdrawal of Consent

Where we rely on your consent to process your personal information, you have the right to withdraw your consent at any time.

10.6 Opt-Out Rights

You have the right to opt out of:

• Marketing Communications: Via unsubscribe links or by contacting us
• Aggregated Data Collection for AI Training: By emailing us with subject line "Opt-Out: Aggregated Data" (see Section 6.4)
• Correspondence Services: By emailing us to cease correspondence on your behalf (see Section 7.4)

10.7 Exercising Your Rights

To exercise any of these rights, please contact us using the information provided in Section 15. We may need to verify your identity before responding to your request. We will respond within the timeframe required by applicable law.

11. CALIFORNIA AND UTAH PRIVACY RIGHTS

11.1 California Consumer Privacy Act (CCPA) and Utah Consumer Privacy Act (UCPA)

If you are a California or Utah resident, you have rights under the CCPA and UCPA to:

• Know what personal information we collect and disclose about you
• Request deletion of your personal information
• Opt-out of the sale of your personal information (we do not sell your personal data)
• Not be discriminated against for exercising these rights

11.2 No Sale of Personal Information

We do not sell your personal information as defined under the CCPA or UCPA. Our use of Aggregated Data for AI model training and improvement does not constitute a "sale" because such data is fully de-identified.

11.3 California Shine the Light Law

California's "Shine the Light" law permits users who are California residents to request and obtain from us once a year, free of charge, a list of the third parties to whom we have disclosed their personal information (if any) for direct marketing purposes in the preceding calendar year and the categories of personal information disclosed to those parties.

11.4 Exercising California and Utah Privacy Rights

To exercise your rights under California or Utah law, please contact us using the information provided in Section 15. We will verify your request using information such as your email address. Government identification may be required.

12. CHILDREN'S PRIVACY

Our Service is not directed to children under the age of 18, and we do not knowingly collect personal information from children under 18. If we learn that we have collected personal information from a child under 18, we will promptly take steps to delete such information. If you believe we might have any information from or about a child under 18, please contact us using the information provided in Section 15.

13. INTERNATIONAL DATA TRANSFERS

Our Service is hosted in the United States. If you are accessing our Service from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States where our servers are located. The data protection and other laws of the United States might not be as comprehensive as those in your country.

By using our Service, you consent to your information being transferred to and processed in the United States. Where required by applicable law, we implement appropriate safeguards for cross-border transfers of personal information, such as standard contractual clauses.

Additionally, your data may be processed by third-party AI providers, telecommunications providers, and other service providers who may have servers or operations in various countries. We require our service providers to maintain appropriate safeguards for data protection.

14. CHANGES TO THIS PRIVACY POLICY

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date at the top of this Privacy Policy. For material changes, we will provide more prominent notice, which may include email notifications to the email address you provided.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page. Your continued use of the Service after changes are posted constitutes your acceptance of the updated Privacy Policy.

15. CONTACT INFORMATION

If you have any questions or concerns about this Privacy Policy or our privacy practices, or to exercise any of your privacy rights, please contact us at:

16. SENSITIVE INFORMATION

We ask that you do not send us, and you do not disclose, any sensitive personal information (e.g., Social Security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background, or trade union membership) on or through the Service or otherwise to us, unless specifically requested and necessary for a particular task.