Privacy & Security
Privacy & Security
Last updated: July 2026
Allorc is an early-stage company building an AI Workforce Platform.
We are transparent about where we are today and where we are heading. This page explains how we handle your data, what security practices we follow, and what you can expect as we grow.
Information We Collect
We collect only the data necessary to provide and improve the Allorc service.
Account information
- Name, email address, and authentication credentials when you sign up
- Profile information you choose to provide
Usage data
- Conversations, prompts, and instructions you send to your AI Workers
- Files, documents, and content you upload or connect to the service
- Interaction logs to improve performance and debug issues
Google account data (if connected)
- Email metadata and content to enable AI-powered email management
- Calendar data for scheduling and meeting preparation
- Basic profile information for authentication
How We Use Your Data
- Deliver, maintain, and improve the Allorc service
- Process your instructions and execute tasks on your behalf
- Debug issues, monitor system performance, and enhance features
- Communicate with you about service updates and support
- We do not train third-party models on your data
- We do not sell your personal data to anyone
Data Sharing
- We do not share your personal data with third parties for their own marketing purposes
- We may use subprocessors (e.g., cloud infrastructure providers) to deliver the service — they are bound by data processing agreements
- We may disclose data if required by law or to protect our legal rights
Data Retention
- We retain your data for as long as your account is active or as needed to provide the service
- You can request deletion of your data at any time — we will honor it subject to legal obligations
- When an account is deleted, associated data is removed within a reasonable timeframe
Your Rights
You have control over your data:
- Access and review the data we hold about you
- Request correction or deletion of your data
- Export your data in a portable format
- Withdraw consent for Google data access at any time (via Google's OAuth consent screen)
- To exercise these rights, contact us at the email below
Security Practices
We follow standard industry practices to protect your data:
- All data is transmitted over secure HTTPS / TLS connections
- Access to production systems is restricted to authorized personnel only
- We follow the principle of least privilege for internal access
- We conduct regular internal reviews of our security posture
- Source code and infrastructure are managed with security best practices
We are a growing startup. We do not yet hold formal security certifications like SOC 2 or ISO 27001, and we have not completed third-party penetration testing. These are part of our roadmap as the company matures.
What We Are Working Toward
Security and privacy are core to our product. Here is what we are building toward:
- Formal compliance programs (SOC 2, GDPR readiness)
- Third-party security audits and penetration testing
- Enhanced access controls and audit logging
- Expanded encryption coverage and key management
Contact
If you have questions about this policy, your data, or our security practices:
samclastine.jesumuthu@allorc.comAllorc Inc.
www.allorc.com