Conduit cares about your privacy and protecting your data. A lot.
Like many companies, we always limit and protect the data we store. But we also go above and beyond, aligning our incentives with yours and adding extensive measures to limit our own access too.
Conduit's business model
Why does Conduit need this data in the first place?
Conduit is a good tool for managing relationships and stakeholders because it's low effort for you. Unlike most tools, we do the hard work of figuring things out, using state-of-the-art AI and data science technology.
To be most effective at our work, we need to continuously sync your data-- including email, contacts, and calendar-- to detect new changes and process them behind the scenes.
One necessity of AI- and data science-driven tools, including Conduit, is the need for a complete set of data. This helps us best understand and help you.
Can I choose not to provide any data?
If you don't sync your accounts, you'll still be able to use Conduit-- but it will be significantly less useful. For example--
- Without calendar sync, we won't be able to suggest meetings for review, or assemble timelines for your contacts.
- Without contacts sync, we won't be able to automatically generate contacts or people, or automatically match them to recent events.
Does Conduit make money from selling my data?
No, and we never will.
Conduit is a professional software-as-a-service product. We will make money by selling subscriptions and by providing value to our users. This business model makes sense and aligns incentives for you and for us.
We won't sell your data to third parties or data aggregation companies. We don't consider that behavior ethical.
How we fix problems and improve our product
Can Conduit employees see any of my personal data?
No. Conduit has one of the strictest policies around data privacy of any company in this space.
Our employees can only see a narrow slice of aggregate information (see below) to help us offer you support, fix problems when they arise, and improve our product. All data processing is done by automated algorithms with no human access. And we audit access that does happen (more on this below).
What kind of information is accessible to Conduit employees, and how?
To run Conduit, employees can access some extremely limited-- and reasonable-- information:
- Basic account information. For example, your name, email address, and when you last accessed Conduit.
- Sync Service information. For example, the number of accounts you're syncing, and the volume of information from each account (but never the data itself).
- Aggregate statistics. For example, the total number of contacts, emails, or emails you have connected to Conduit (but never the data itself).
- Diagnostic information for errors. For example, if you encounter a problem, we will receive what the error was, as well as the type of computer and browser you are using.
- Anonymous feature usage statistics. For example, whether you had created a todo (but not what the todo was).
Although limited in scope, we go further and also control, audit, and log all user-related actions to create a trail of evidence. No arbitrary access is allowed.
Employees are not be able to access contact, calendar, email, LinkedIn, or any other private information.
What kind of external services have access to my data?
To keep exposure of your information to a minimum, we conduct the vast majority of analytics in-house using a system we built ourselves.
No one except us has direct access to our data systems. Within the app, we do use two external services:
- Intercom, which provides support messaging capabilities in case you need to contact our team. Intercom has access to basic account information, such as your name and email address.
- Sentry, which provides our engineering team context when problems arise. When an error occurs, Sentry automatically shares some information-- such as the browser you use and where in our code the problem occurred. Private information is automatically redacted from Sentry.
Data privacy & security in Europe, including GDPR
For information on GDPR compliance, see Conduit and GDPR.