Legal

Privacy Policy

Effective Date: April 22, 2026  ·  Last Updated: April 22, 2026

This Privacy Policy describes how Fractional Labs Inc., doing business as DelegateWorker (“DelegateWorker,” we,” “us,” or our”), collects, uses, discloses, stores, and otherwise processes personal information when you access or use our websites, platform, software, APIs, AI workers, meeting participation tools, communications, and related services (collectively, the Services”).

By using the Services, you acknowledge that you have read and understood this Privacy Policy.

1. Who We Are

Company: Fractional Labs Inc.
DBA: DelegateWorker
Address: 1130 Ogletown Road, Suite 2, Newark, DE 19711, USA
Email: hello@delegateworker.com
Phone: 786-578-9097

If you have questions about this Privacy Policy or our privacy practices, contact us using the details above.

2. Scope of This Privacy Policy

This Privacy Policy applies to personal information we collect or process when you:

  • visit our website;
  • create an account;
  • join a waitlist, request a demo, or contact us;
  • use the DelegateWorker platform or related applications;
  • configure, deploy, or manage AI workers;
  • connect integrations, calendars, CRMs, phone systems, meeting platforms, or other third-party services;
  • communicate with us by email, chat, web form, phone, or other channels;
  • participate in a meeting, call, or workflow in which a DelegateWorker AI worker is deployed — whether or not you are a DelegateWorker account holder; or
  • otherwise interact with us online or offline in connection with the Services.

This Privacy Policy does not apply to third-party services, products, websites, or applications that we do not control, even if they integrate with our Services. Those third parties have their own terms and privacy policies.

3. Personal Information We Collect

Depending on how you use the Services, we may collect the following categories of personal information.

A. Account and Profile Information

  • name;
  • email address;
  • phone number;
  • company name;
  • job title;
  • account credentials or authentication identifiers;
  • billing address and account profile details.

B. Workspace and User Management Information

  • organization or workspace name;
  • role and permissions within an account;
  • worker names, labels, instructions, and configurations;
  • seat, worker, and usage records;
  • administrative settings and preferences.

C. Communications and Inquiry Information

  • messages you send to us;
  • support tickets;
  • chat transcripts;
  • call recordings or support call notes where permitted;
  • waitlist, demo, or sales inquiry details;
  • survey responses and feedback.

D. Meeting, Call, and Workflow Data

When you use the Services in meetings, calls, or workflow environments — or when you participate in a meeting where a DelegateWorker AI worker is present — we may collect and process:

  • meeting metadata (for example, title, time, participants, organizer, platform, duration);
  • call metadata;
  • worker instructions, prompts, briefs, and role configurations;
  • transcripts, summaries, notes, structured outputs, action items, and follow-up drafts;
  • uploaded files, attachments, agendas, documents, or reference materials;
  • user-generated prompts, commands, approvals, and edits;
  • contact and event data necessary to operate integrations.

E. Audio, Voice, and Content Data

Depending on the features you or your organization enable, we may process:

  • voice audio;
  • speech-to-text content;
  • text-to-speech output;
  • recordings or snippets;
  • generated outputs, including summaries, recommendations, logs, or action items.

In certain U.S. states and other jurisdictions, voice audio and voiceprint-derived data may be classified as biometric information. See Section 7 for additional disclosures.

F. Device, Log, and Usage Data

We may automatically collect:

  • IP address;
  • browser type and version;
  • device identifiers;
  • operating system;
  • language and time zone;
  • pages viewed;
  • referring URLs;
  • access timestamps;
  • clickstream data;
  • feature usage;
  • crash data;
  • performance logs;
  • diagnostics and error reports.

G. Analytics, Advertising, and Tracking Data

We use analytics and advertising tools that collect information about how visitors use our website and how our ads perform across platforms. This data may include device identifiers, IP address, browser characteristics, pages visited, actions taken on our site, referral source, and behavioral signals used to measure and optimize advertising performance. See Section 10 for a full list of the tools we use and how to opt out.

H. Payment and Transaction Data

If you purchase paid Services, we or our payment processors may collect:

  • billing contact information;
  • payment token or masked payment details;
  • subscription plan;
  • invoices;
  • transaction history;
  • tax-related information;
  • billing status.

Our primary payment processor is Stripe, Inc. Stripe collects and processes payment card information directly and is subject to its own Privacy Policy and Services Agreement. We do not store full payment card numbers ourselves.

I. Integration and Third-Party Account Data

If you connect third-party services, we may receive:

  • OAuth tokens or similar authorization credentials;
  • calendar event information;
  • CRM records or selected fields;
  • communication platform identifiers;
  • contact records;
  • workflow metadata;
  • email headers or limited message content if required by the integration you enable.

J. Marketing and Preference Data

  • subscription preferences;
  • newsletter signup details;
  • webinar or event registrations;
  • content engagement data;
  • marketing attribution information.

K. Sensitive Information

Depending on how the Services are used, some data processed through the Services may be considered sensitive under applicable law, such as:

  • login credentials;
  • voice audio and voiceprint-derived data (see Section 7);
  • precise communications content;
  • calendar details;
  • business-confidential information;
  • recruiting-related information;
  • information that may reveal protected characteristics if included in meeting or interview content.

We ask users not to submit highly sensitive personal information unless it is necessary for the intended use and lawful to process.

4. Meeting Participants Who Are Not DelegateWorker Customers

When a DelegateWorker AI worker joins a meeting or call on behalf of one of our customers, other participants in that meeting — who may never have created a DelegateWorker account — may have their voice, words, and participation processed by our Services.

What we collect: We may process audio, transcribed speech, and meeting metadata for all participants present, including those who are not DelegateWorker account holders.

How it is used: Data from non-customer participants is used only to provide the specific meeting feature requested by the customer who deployed the worker — for example, generating a transcript or summary. It is not used to build profiles, serve advertising, or enrich data about non-customer individuals.

Retention: Meeting-level outputs are retained according to the periods described in Section 13. Non-customer participant data is not retained beyond what is necessary to produce those outputs.

Consent: DelegateWorker requires customers to obtain any legally required consent from meeting participants before deploying an AI worker. Customers are responsible for compliance in their jurisdiction. See Section 8 for recording consent requirements by jurisdiction.

Rights requests: If you participated in a meeting where a DelegateWorker AI worker was present and wish to request access to or deletion of your data, contact us at hello@delegateworker.com. We will respond within 30 days.

5. Sources of Personal Information

  • Directly from you, such as when you sign up, contact us, configure a worker, upload content, or use the Services;
  • Automatically from your device or browser, through logs, cookies, and analytics tools;
  • From your organization or account administrator, if they create or manage your account;
  • From integrations and connected third-party services that you or your organization enable;
  • From service providers such as payment processors, analytics vendors, CRM tools, and cloud infrastructure vendors acting on our behalf;
  • From other participants or users, if they add you to a meeting, workflow, or workspace, or if a DelegateWorker AI worker is deployed in a meeting you attend;
  • From advertising and analytics platforms that return aggregated or matched audience data in connection with our marketing activities; and
  • From publicly available sources, where lawful and relevant.

6. How We Use Personal Information

A. To Provide the Services

  • create and manage accounts;
  • authenticate users;
  • deploy and operate AI workers;
  • process meetings, calls, prompts, and workflows;
  • generate transcripts, summaries, outputs, and follow-up content;
  • enable integrations and requested features;
  • provide requested products and services.

B. To Operate, Maintain, and Improve the Services

  • troubleshoot bugs and errors;
  • monitor performance and uptime;
  • analyze usage and feature adoption;
  • improve reliability, quality, and safety;
  • develop new features and functionality;
  • train internal operational systems, quality systems, and product analytics systems where permitted.

C. To Communicate With You

  • respond to inquiries;
  • provide support;
  • send service announcements, confirmations, and updates;
  • provide transactional notices;
  • send security alerts and policy updates.

D. For Billing and Business Operations

  • process payments;
  • manage subscriptions;
  • send invoices and receipts;
  • enforce contract terms;
  • maintain financial and accounting records.

E. For Security and Abuse Prevention

  • detect, investigate, and prevent fraud, abuse, misuse, and unauthorized access;
  • protect systems, users, and data;
  • monitor compliance with our Terms;
  • maintain backup, recovery, and incident response processes.

F. For Legal and Compliance Purposes

  • comply with applicable laws, regulations, legal processes, and government requests;
  • enforce our rights and agreements;
  • protect the rights, privacy, safety, and property of DelegateWorker, users, and others.

G. For Marketing and Growth

  • send newsletters, product updates, and promotional materials where permitted;
  • measure campaign effectiveness across advertising platforms;
  • retarget website visitors through advertising networks;
  • improve sales and marketing operations;
  • personalize website content and outreach.

H. For Research, Testing, and Quality Assurance

  • test models, prompts, workflows, and product features;
  • evaluate the quality of outputs;
  • improve the performance, reliability, safety, and user experience of the Services.

Where we use personal information for improvement, research, or analytics, we may aggregate, de-identify, or minimize data where feasible.

7. Biometric Information

Certain U.S. states — including Illinois (BIPA), Washington (WBPA), and Texas (CUBI) — classify voiceprints and voice-derived biometric identifiers as biometric information subject to heightened legal protections. Other jurisdictions may apply similar requirements.

When an AI worker participates in a meeting or call involving voice audio, the Services may process audio that could, in certain technical configurations, give rise to voiceprint-derived data. We take the following approach:

  • Consent before collection: Where required by applicable law, we obtain — or require our customers to obtain — informed written consent from individuals before collecting or processing biometric identifiers, including voice audio processed in a manner that could derive a voiceprint.
  • Limited purpose: Biometric data is used only to provide the specific feature requested — such as speech-to-text transcription — and is not used to build biometric profiles or sold to third parties.
  • No sale or profit: We do not sell, lease, trade, or profit from biometric information.
  • Retention and destruction: Biometric data is retained no longer than necessary for the purpose for which it was collected and is destroyed when that purpose is fulfilled or within the timeframes described in Section 13, whichever is earlier.
  • Protection: We store and transmit biometric data with at least the same level of protection we apply to other sensitive personal information.

To exercise rights under BIPA, WBPA, CUBI, or similar biometric privacy laws, contact us at hello@delegateworker.com.

8. Recording, Transcription, and Consent by Jurisdiction

DelegateWorker AI workers may join meetings and calls in a capacity that involves audio capture and transcription. Recording consent requirements vary significantly by jurisdiction.

Federal law (U.S.): The federal Electronic Communications Privacy Act generally permits recording with the consent of at least one party. In most cases, the DelegateWorker customer who deploys the AI worker satisfies single-party consent.

All-party consent states: California, Florida, Illinois, Maryland, Massachusetts, Montana, New Hampshire, Oregon, Pennsylvania, and Washington require the consent of all parties before a conversation may be recorded. If any participant is located in one of these states, all-party consent may be required regardless of where the recording party is located.

International: GDPR (EU/EEA), PIPEDA (Canada), and many other frameworks impose consent or legitimate-interest requirements for recording and processing communications content. Customers deploying AI workers in international contexts are responsible for ensuring compliance with applicable local law.

Employment context: Additional consent and notice requirements may apply when AI workers are deployed in employment-related contexts such as interviews, performance reviews, or internal team meetings.

Customer responsibility: DelegateWorker provides features designed to support pre-meeting disclosure, in-meeting identification of the AI worker, and documentation of consent. Customers are responsible for configuring and using these features appropriately. DelegateWorker is not liable for a customer’s failure to obtain required consent.

9. AI Processing and Model Providers

The Services use artificial intelligence, machine learning, natural language processing, speech-to-text, text-to-speech, and automation tools provided by DelegateWorker and third-party AI model and infrastructure vendors.

When you use AI-powered features, we may send relevant data to model, speech, or infrastructure providers to process prompts and instructions, generate outputs, transcribe or synthesize audio, classify or summarize information, and support safety and service improvement. This data may include prompts, instructions, meeting content, transcripts, audio, metadata, attachments, and outputs, depending on the feature you use.

Because AI systems can generate inaccurate or unexpected outputs, you are responsible for reviewing outputs before relying on them for important decisions.

If we offer settings that limit model-training use by vendors or that route processing through vendors with specific contractual restrictions, those settings will govern where applicable.

10. Cookies, Analytics, and Advertising Technologies

We use cookies, pixels, tags, and similar technologies on our website for functional, analytics, and advertising purposes. The following describes the specific tools we use, what data they collect, and how you can opt out.

A. Essential and Functional Cookies

These cookies are necessary for the Services to operate. They keep you signed in, maintain session state, and support security features. They cannot be disabled without breaking core functionality.

B. Analytics Tools

Google Analytics 4 (GA4) — We use Google Analytics 4, operated by Google LLC, to understand how visitors interact with our website. GA4 collects information such as pages visited, session duration, device type, approximate geographic location (derived from IP address), and referral source. This data is transmitted to and stored on Google’s servers, which may be located in the United States. Google may use this data in accordance with its own Privacy Policy. To opt out of Google Analytics tracking, install the Google Analytics Opt-out Browser Add-on or manage your preferences via Google Ad Settings.

Google Tag Manager (GTM) — We use Google Tag Manager to manage and deploy analytics and marketing tags on our website. GTM itself does not collect personal data; it acts as a container that controls which other tags (including GA4 and advertising pixels) are fired on our site. The data practices of each tag are governed by the respective tool’s disclosures in this section.

C. Advertising and Retargeting Pixels

We use advertising pixels and tracking tags from the following platforms to measure the performance of our marketing campaigns and to show relevant ads to people who have visited our website. These tools may collect device identifiers, IP address, behavioral data, and information about actions you take on our site, and they transmit that data to their respective platforms for ad targeting, attribution, and optimization purposes.

Meta Pixel (Facebook and Instagram) — We use the Meta Pixel, operated by Meta Platforms, Inc., to measure conversions, build audiences, and run retargeting campaigns on Facebook and Instagram. Meta may use this data in accordance with its Privacy Policy. To manage your ad preferences or opt out: Facebook Ad Preferences.

LinkedIn Insight Tag — We use the LinkedIn Insight Tag, operated by LinkedIn Corporation, to track conversions, retarget website visitors, and gather analytics about our LinkedIn advertising campaigns. LinkedIn’s data practices are described in its Privacy Policy. To opt out of LinkedIn retargeting: LinkedIn Opt-Out.

Pinterest Tag — We use the Pinterest Tag, operated by Pinterest, Inc., to measure ad performance and retarget visitors on Pinterest. Pinterest’s data practices are described in its Privacy Policy. To manage your Pinterest ad settings: Pinterest Personalization Settings.

TikTok Pixel — We use the TikTok Pixel, operated by TikTok Inc. and its affiliates, to track website events and optimize advertising campaigns on TikTok. TikTok’s data practices are described in its Privacy Policy. To manage your TikTok ad settings, visit TikTok’s in-app privacy settings or your device’s ad tracking preferences.

YouTube (Google) — We may embed YouTube videos on our website. When you interact with embedded YouTube content, Google may collect device and behavioral data in accordance with its Privacy Policy. Manage your preferences via Google Ad Settings.

D. Industry Opt-Out Tools

In addition to the platform-specific opt-outs above, you may opt out of interest-based advertising from participating companies through the Network Advertising Initiative (NAI) opt-out tool or the Digital Advertising Alliance (DAA) opt-out tool. These opt-outs are browser and device specific and must be renewed if you clear your cookies.

You can also control cookies through your browser settings. Note that disabling certain cookies may affect the functionality of the Services.

E. GDPR and Prior Consent for Analytics

If you are located in the EEA, UK, or another jurisdiction that requires prior consent before placing non-essential cookies, analytics tools and advertising pixels will only be activated after you have provided consent through our cookie preference mechanism. You may withdraw consent at any time by updating your cookie preferences.

11. Legal Bases for Processing (EEA / UK / Similar Jurisdictions)

If data protection laws such as the GDPR or UK GDPR apply, we process personal data on one or more of the following legal bases:

  • Performance of a contract: to provide the Services you request, manage your account, and fulfill our obligations;
  • Legitimate interests: to secure, maintain, improve, and market the Services, prevent fraud, and operate our business, where those interests are not overridden by your rights;
  • Consent: where required by law, such as for analytics cookies, advertising pixels, biometric data, or marketing communications;
  • Legal obligation: where processing is necessary to comply with law, regulation, or lawful requests;
  • Vital interests: where necessary in exceptional circumstances to protect safety;
  • Public interest: where applicable under law.

Where we rely on consent, you may withdraw it at any time, although this will not affect processing already carried out before withdrawal.

12. Service Providers and Third-Party Vendors

We share personal information with vendors and service providers who process data on our behalf. These parties are contractually required to protect personal information and use it only for the purposes we specify. Key vendors include:

A. Infrastructure and Data Storage

  • Fly.io — cloud application hosting and compute infrastructure where the DelegateWorker platform and user data are processed and stored;
  • Supabase — database and authentication services, including storage of account data, workspace data, transcripts, and related records.

B. Payments

  • Stripe, Inc. — payment processing, subscription billing, and invoicing. See Section 3H for Stripe-specific disclosures.

C. AI and Model Providers

We use multiple large language model (LLM) and AI service providers to power the AI worker features of the Services. These providers process prompts, instructions, transcripts, and related content to generate outputs. Specific providers may change as the Services evolve; each is subject to a data processing agreement with us.

D. Meeting Platform Integrations

  • Zoom Video Communications — meeting platform through which AI workers may join and participate in calls;
  • Google Meet (Google LLC) — meeting platform through which AI workers may join and participate in calls.

E. CRM and Marketing

  • HubSpot, Inc. — customer relationship management, marketing automation, and sales pipeline tools. HubSpot processes contact information, email communications, and behavioral data for customers and prospects.

F. Email and Communications Delivery

  • Mailgun (Sinch) — transactional and operational email delivery;
  • Resend — transactional email delivery for product notifications and account communications.

G. Analytics and Advertising

Google LLC (GA4, GTM, YouTube), Meta Platforms Inc. (Meta Pixel), LinkedIn Corporation (Insight Tag), Pinterest Inc. (Pinterest Tag), and TikTok Inc. (TikTok Pixel). See Section 10 for full disclosures and opt-out mechanisms.

H. Security and Incident Management

  • Incident.io — incident management and operational monitoring tools used by our team to respond to service incidents. Incident records may include limited customer-related context where relevant to a reported issue.

I. Other Disclosures

We may also disclose personal information to professional advisors (lawyers, auditors, accountants, insurers), in connection with corporate transactions (mergers, acquisitions, asset sales), to comply with legal obligations (subpoenas, court orders, lawful government requests), and with your consent or at your direction.

We do not sell personal information for money.

13. Data Retention

We retain personal information for as long as reasonably necessary for the purposes described in this Privacy Policy. The following specific retention periods apply:

  • Meeting audio and real-time processing: Audio processed during a meeting is used in real time for transcription and AI worker functions. Unless you or your organization have explicitly enabled recording or storage features, raw audio is not retained after the session ends.
  • Transcripts, summaries, and meeting outputs: Retained for the duration of the active account and for 30 days following account termination. Backup copies may persist for up to 90 days before permanent deletion.
  • Account data: Retained for 60 days following account termination, after which it is deleted or anonymized.
  • Billing and financial records: Retained for 7 years to comply with applicable tax, accounting, and financial regulatory requirements.
  • Security and fraud-prevention logs: Retained as long as necessary to investigate incidents and as required by applicable law.
  • Deletion requests: Processed within 30 days of verification. Certain data may be retained longer where required by legal obligation.

Where appropriate, we may delete, anonymize, aggregate, or de-identify information when it is no longer needed for the purposes for which it was collected.

14. International Data Transfers

DelegateWorker is based in the United States, and we may process or store personal information in the United States and other countries where we or our service providers operate. These countries may have data protection laws that differ from those in your jurisdiction.

Where required by law, we will use appropriate safeguards for cross-border data transfers, such as standard contractual clauses or other recognized transfer mechanisms approved by relevant data protection authorities.

By using the Services, you acknowledge that your information may be transferred to and processed in countries outside your own, subject to applicable law.

15. Security

We use administrative, technical, and organizational measures designed to protect personal information against unauthorized access, disclosure, alteration, loss, or destruction. These measures may include access controls and authentication, encryption in transit and at rest, logging and monitoring, vendor access restrictions, least-privilege access practices, backups and recovery controls, incident response procedures, and security testing and hardening.

No security measure is perfect, and we cannot guarantee absolute security. You are responsible for keeping your credentials secure and for using the Services in a manner appropriate for the sensitivity of the information you choose to process.

16. Your Privacy Rights

A. General Rights That May Apply

Subject to applicable law, you may have the right to:

  • know whether we process your personal information;
  • access the personal information we hold about you;
  • correct inaccurate personal information;
  • delete personal information;
  • restrict or object to certain processing;
  • withdraw consent where processing is based on consent;
  • receive a copy of personal information in a portable format;
  • opt out of certain marketing communications; and
  • appeal certain privacy-rights decisions, where applicable.

B. California Privacy Rights (CCPA / CPRA)

If you are a California resident, you may have rights under the CCPA/CPRA, including the right to:

  • know what personal information we collect, use, disclose, and retain;
  • request deletion of personal information, subject to exceptions;
  • request correction of inaccurate personal information;
  • opt out of the sharing of personal information for cross-context behavioral advertising — we use advertising pixels that may constitute “sharing” under California law; see Section 17 for how to opt out;
  • limit the use and disclosure of sensitive personal information, including voice data, where applicable; and
  • not be discriminated against for exercising your privacy rights.

We honor browser-based opt-out preference signals such as the Global Privacy Control where required by applicable California law.

C. EEA and UK Rights (GDPR / UK GDPR)

If you are in the EEA or UK, you may have rights to:

  • access;
  • rectification;
  • erasure;
  • restriction of processing;
  • objection to processing based on legitimate interests;
  • data portability;
  • rights related to automated decision-making: where we use automated processing — including AI-generated assessments, outputs, or recommendations — that produces decisions with significant legal or similarly significant effects on you, you have the right to request human review, express your point of view, and contest the decision. Contact us at hello@delegateworker.com to exercise this right; and
  • lodge a complaint with your local supervisory authority.

D. Canadian Privacy Rights (PIPEDA)

If you are located in Canada, you may have rights under PIPEDA and applicable provincial privacy laws, including the right to know what personal information we hold and how it is used, to access your personal information within 30 days of a written request, to challenge accuracy and have information corrected, to withdraw consent in certain circumstances, and to file a complaint with the Office of the Privacy Commissioner of Canada.

E. Other U.S. State Privacy Rights

Residents of Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Texas (TDPSA), and other states with comprehensive privacy laws may have rights to access, correct, delete, and obtain a portable copy of their personal information, as well as the right to opt out of certain processing. We honor valid rights requests from residents of any U.S. state with applicable privacy law.

F. How to Exercise Your Rights

To submit a privacy request, contact us at:

Email: hello@delegateworker.com

We may need to verify your identity before acting on your request. If we deny your request, we will explain the basis where required by law. Authorized agents may submit requests on behalf of California residents, subject to verification and applicable legal requirements.

17. Advertising Data Sharing and Opt-Out (CCPA / Cross-Context Behavioral Advertising)

We do not sell personal information for money.

We do use advertising pixels and tracking technologies — including Meta Pixel, LinkedIn Insight Tag, Pinterest Tag, TikTok Pixel, and Google advertising tags — that may constitute “sharing” of personal information for cross-context behavioral advertising under the California Consumer Privacy Act (CCPA/CPRA) and similar state privacy laws. This sharing occurs when these tools transmit behavioral data about your website activity to their respective platforms, which may use that data to serve you targeted advertisements on other websites, apps, and services.

To opt out of this sharing:

  • Use the platform-specific opt-out links listed in Section 10C;
  • Use the NAI opt-out tool or DAA opt-out tool;
  • Enable the Global Privacy Control (GPC) signal in your browser — we will treat a valid GPC signal as an opt-out of sharing for cross-context behavioral advertising where required by California law; or
  • Contact us at hello@delegateworker.com to request that we cease sharing your personal information with advertising platforms.

Opting out of advertising sharing does not affect the operation of the core Services, but may mean that ads you see for DelegateWorker on other platforms are less relevant to your interests.

18. Marketing Communications

We may send you newsletters, product updates, event invitations, or promotional communications where permitted by law. You can opt out of marketing emails by clicking the unsubscribe link in any email or contacting us at hello@delegateworker.com. Even if you opt out of marketing messages, we may still send you transactional or service-related communications.

19. Children’s Privacy

The Services are not directed to children under 13, and we do not knowingly collect personal information directly from children under 13 without legally required consent. If we learn that we have collected personal information from a child under 13 in a manner not permitted by law, we will take steps to delete it. If you believe a child under 13 has provided personal information to us, please contact us at hello@delegateworker.com. If a higher minimum age applies in your jurisdiction for consent to personal data processing, we expect users to meet that age or have appropriate authorization.

20. Business Customers; Controller / Processor Roles; DPA

If you use DelegateWorker through a business or enterprise account, we may act in different privacy roles depending on the context:

  • DelegateWorker acts as a controller of personal information for account management, billing, support, security, analytics, and our own business operations.
  • DelegateWorker may act as a processor or service provider on behalf of a customer when processing customer-submitted meeting content, prompts, transcripts, or workflow data according to customer instructions.

If you are an end user of a business customer, your organization may control certain processing activities. You should also review that organization’s privacy notice.

Enterprise customers may request a Data Processing Addendum (DPA) by contacting us at hello@delegateworker.com. A DPA governs our processing of personal data on your behalf and includes the contractual safeguards required under GDPR and other applicable law.

21. Third-Party Services and Links

The Services may contain links to or integrations with third-party services. We are not responsible for the privacy, security, or data handling practices of those third parties. When you connect or interact with third-party services, their privacy policies and terms govern their handling of your data.

22. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we may provide notice by posting the updated policy on our website, updating the “Last Updated” date, and/or providing notice through the Services or by email where appropriate. Your continued use of the Services after the effective date of an updated Privacy Policy means the updated version will apply to your use, to the extent permitted by law.

23. Contact Us

If you have questions, concerns, or requests related to this Privacy Policy or our privacy practices, contact us at:

Fractional Labs Inc.
1130 Ogletown Road, Suite 2
Newark, DE 19711, USA
Email: hello@delegateworker.com