Privacy as Infrastructure: How Okerl Protects Your Data

The Business Model

The typical AI platform business model works like this: provide useful services to users while collecting data from those interactions to improve the underlying models. Your usage makes the platform more valuable—not just to you, but also to your competitors. The service is the mechanism; data collection and model improvement are the core business.

Okerl inverts this model. We built Chris to function as dedicated infrastructure for your business. The data Chris processes—your client conversations, your scheduling patterns, your business intelligence—stays isolated to your account. We're not aggregating insights across users to build a better universal AI. We're providing you with AI infrastructure that gets better at serving your specific business without that learning crossing over to other users.

Our Approach to Data

What we collect: Operational data necessary to run your service business—client communications, scheduling information, service preferences, and business metrics that enable Chris to function effectively.

Why we collect it: To provide intelligent business operations—customer communication, calendar coordination, and administrative automation.

Your control: Complete data access, export capabilities, and deletion rights exercisable directly through your account settings or by contacting privacy@okerl.com.

The Training Data Question

We do not use your business data or client conversations to train publicly available models.

Chris learns from your interactions to serve your business better—adapting to your communication style, understanding your services, and optimizing your operations. But that intelligence stays with you. The insights Chris develops about your client relationships, your pricing strategies, your operational efficiencies—these remain your competitive advantages. A consultant's proprietary methodologies don't inform how Chris serves their competitors. A therapist's clinical approach doesn't transfer to other practitioners on the platform.

This isolation is essential for professional services where accumulated expertise and relationship knowledge define business value.

For businesses handling sensitive client information—healthcare providers managing medical records, consultants developing proprietary frameworks, financial advisors working with confidential data—this isolation is a prerequisite for responsible AI deployment.

Data Collection and Usage

Client Communication Data: Chris maintains conversation history to provide context-aware service, enabling continuity across interactions—remembering client preferences, prior requests, and relationship history.
Retention: Maintained while client relationships are active. Deletion requests processed within 30 days, subject to legal requirements.

Scheduling and Calendar Data: Availability parameters, appointment history, and booking patterns enable automated appointment management, conflict prevention, and capacity optimization.
Retention: Current data maintained for operations. Historical data supports utilization analysis but can be deleted upon request where not legally required.

Business Configuration Data: Service descriptions, pricing models, policies, and operational guidelines that define how Chris represents your business to clients.
Retention: Current configurations maintained actively. Deprecated information archived briefly for transition continuity, then removed.

Operational Analytics: Inquiry patterns, conversion metrics, utilization rates, and revenue distribution provide strategic intelligence for capacity planning and business optimization.
Retention: Aggregated for trend analysis. Transaction-level detail maintained per your preferences and compliance requirements.

Your Data Rights

You maintain comprehensive control:

Access: Complete data export in portable formats

Rectification: Correction of inaccurate information

Erasure: Deletion of specific records or entire account

Portability: Machine-readable export for migration

Restriction: Selective suspension of processing

Objection: Opt-out of particular processing activities

Exercise these rights through your account settings or privacy@okerl.com. Requests processed within 30 days with confirmation.

Client Data Protection

Your clients' information receives equivalent protection standards:

Purpose limitation: Processing exclusively for contracted services—scheduling, communication, business operations. No secondary use.

Data minimization: Chris collects only operationally necessary information.

Security controls: Encryption in transit (TLS 1.3) and at rest (AES-256), role-based access restrictions, continuous monitoring.

Transparency: Clients understand they're communicating with an AI agent.

No monetization: We never sell client data, share it with third parties for their purposes, or use it for advertising.

AI Model Development

This requires explicit clarity: Okerl does not use identifiable business data, client information, or account-specific operational details to train models that benefit other competitors.

Chris adapts to your business through account-isolated learning—calibrating to your communication style, understanding your service catalog, optimizing for your operational patterns. This learning remains contained to your deployment.

We analyze anonymized, aggregated system-level patterns to improve Okerl's infrastructure—for example, optimal timing for appointment reminders or effective conversation structures. This analysis uses only de-identified data stripped of business-specific context.

Future changes to this policy will be communicated explicitly with advance notice and opt-out mechanisms before implementation.

Third-Party Processing

Okerl relies on select service providers:

• Cloud hosting for secure data storage and compute

• Communication delivery for email and messaging notifications

• Payment processing for secure billing (we don't store complete payment credentials)

• Analytics systems for operational metrics compilation

We maintain a Subprocessor List documenting each provider's function, data access scope, and location, updated before adding new vendors. You can request the list by emailing privacy@okerl.com.

These providers process data strictly for contracted service delivery under data processing agreements enforcing equivalent protection standards.

We never share data with advertising platforms, marketing automation services, data aggregators, or third parties unrelated to core operations.

Security Architecture

Encryption: TLS 1.3 for data in transit; AES-256 for data at rest.

Access controls: Role-based restrictions limit system and personnel access to operational necessity.

Authentication: Multi-factor authentication and secure session management.

Monitoring: Continuous security monitoring with automated threat detection.

Incident response: Documented procedures including prompt notification with clear incident details and remediation steps.

Ongoing assessment: Regular security reviews addressing evolving threats.

Compliance Framework

California Privacy Rights (CCPA/CPRA): California residents have rights including knowledge of collection practices, deletion, opt-out of sale (we don't sell data), and non-discrimination. We honor Global Privacy Control (GPC) and similar opt-out signals automatically.

European Union and UK (GDPR): For EU/UK users, rights include access, rectification, erasure, restriction, portability, and objection. We operate as data processor for client data (you control) and as controller for account data. EU data transfers utilize Standard Contractual Clauses with appropriate supplementary safeguards.

Multi-State Privacy Laws: We apply consistent privacy practices across jurisdictions rather than fragmenting protections geographically.

Change Notification

Our commitment for policy updates:

• Updated "Last Modified" date for all changes.

• Email notification 30 days before material changes affecting data use.

• Maintained change log for transparency.

• Data export and account closure options if you disagree with changes.

Okerl for Teams

Team deployments include multi-user considerations:

Access control: Administrators define team member access to specific client data and operational information

Shared context: Client information available to authorized team members for service continuity

Administrative visibility: Team administrators monitor operational activities within appropriate boundaries

Transition procedures: Administrators manage client relationships and access when team composition changes