Privacy Policy

How CoreStaff handles information.

Effective date: . Last updated: . CoreStaff's public site is currently an informational surface with manual review and setup paths. This policy explains the information we may handle now and the boundaries that apply until a feature is explicitly offered.

Current product state

What this policy covers today.

  • We may respond to setup, support, and privacy questions sent through our published contact routes.
  • We may prepare and support customer workspaces, AI employee instructions, and review notes when you choose to share them.
  • We do not claim live connectors, OAuth, business-email retrieval, or live billing unless we explicitly say so in a separate offering.

Information we may collect

Data categories we handle.

  • Website visit and basic technical data, such as browser type, device details, page requests, and similar log information.
  • Contact and setup request information you send through forms, email, or other published contact routes.
  • Account or signup interest information if you submit it.
  • Customer workspace and setup information, including role definitions, routing preferences, and configuration you ask us to use.
  • AI employee instructions, prompts, configuration, and outputs that you choose to provide or store with us.
  • Support communications, troubleshooting notes, and any follow-up needed to resolve a request.
  • Billing-related information if billing is active later, with payment details handled by payment providers or processors rather than stored by CoreStaff when a billing flow is offered.
  • Files and content the customer chooses to provide, including documents, text, screenshots, or other working materials.
  • Future connector, business-email, or OAuth-derived data only when you explicitly authorize that access in a feature that is actually offered.

How we use information

Why we process data.

  • To respond to inquiries and support requests.
  • To prepare and set up AI employees and customer workspaces.
  • To operate, support, and improve CoreStaff.
  • To troubleshoot issues and secure the service.
  • To prevent abuse, fraud, or unauthorized use.
  • To maintain audit and review records for operational and support purposes.
  • To comply with legal obligations and lawful requests.

AI, model, and provider processing

How AI features may handle content.

When an AI feature is active, customer-provided content may be processed through model or tool providers to produce outputs or complete a request. The exact provider, connector, or tool path depends on the feature, the workspace configuration, and the permissions you have explicitly authorized. We do not claim that every provider or connector is currently live, and we do not promise any specific provider behavior, retention choice, or output quality beyond the feature description you are given at the time.

  • We may send only the data needed for the requested feature or workflow.
  • Any future connector, OAuth, or business-email access must be explicitly authorized before use.
  • Provider terms and privacy policies may also apply to a provider's handling of data.

Sharing and disclosure

When information may be shared.

  • With service providers that help us host, support, secure, or operate CoreStaff.
  • With payment processors if billing is active later, so they can process payments and related billing activity.
  • For security, abuse prevention, fraud prevention, or incident response.
  • To comply with law, regulation, subpoena, court order, or similar legal process.
  • In connection with a business transfer, merger, acquisition, financing, or similar transaction if applicable.
  • We do not sell customer personal information as a business model.

Retention, deletion, and export

How long we keep information.

Retention depends on operational, legal, security, and support needs. We may keep some records longer when necessary for audit, dispute resolution, security review, or legal compliance. You may request deletion or export through the contact routes below, and we will handle the request according to the data we actually maintain and any legal or security obligations that apply.

  • Requests can be sent to hello@corestaffai.com for general, privacy, and setup questions.
  • Requests can be sent to support@corestaffai.com for support-related follow-up.
  • Some records may need to be retained even after a deletion request if law or security requires it.

Security

Safeguards and limits.

We use reasonable administrative and technical safeguards designed to protect information under our control. No system is perfectly secure, and we cannot guarantee that unauthorized access, disclosure, loss, or misuse will never happen. Customers remain responsible for what they submit, what they connect, and how they classify the sensitivity of their own data.

Customer responsibilities

What customers should not send.

  • Do not submit highly sensitive or regulated data unless the workflow is explicitly approved and supported for that purpose.
  • Do not provide passwords, API keys, recovery codes, or other secrets through normal prompts or forms.
  • Make sure you have the rights, permissions, and authority to provide the data, files, prompts, or workspaces you share with CoreStaff.
  • Review AI outputs and connected actions before using them when law, policy, or risk requires human review.

Children

Not directed to children under 13.

CoreStaff is not directed to children under 13, and we do not knowingly collect personal information from children under 13 through the public site or current contact paths.

Changes

How this policy may change.

We may update this policy as features launch, workflows change, or legal requirements change. If the way we handle information changes in a material way, we will revise the policy text and update the effective and last-updated dates accordingly.

Contact

Questions, setup, and support.