Privacy Policy

This policy applies to anyone who visits our website, books a demo, signs in to the SkillRoad platform, or otherwise interacts with our Services. If you’re a member of an organization that uses SkillRoad, that organization is the controller of any data you submit through the Services; this policy still describes what we do as the processor.

Account information. When you create an account or book a demo, we collect your name, work email, company, and any details you choose to share in a scoping conversation.

Usage data. When you use the Services, we collect events about how you interact (logins, pages visited, actions taken), agent-run metadata (which agents ran, what tools they called, how long they took), and device and browser information.

Customer data submitted to the Services. This includes prompts, configurations, integration credentials, content shared with agents, and content returned by agents. We treat all of this as confidential.

Communications. When you email us, talk with us on Slack, or chat with our forward-deployed engineering team, we keep a record of the conversation to maintain context.

Cookies and similar. We use a minimum set of cookies for authentication, session continuity, and product analytics. We do not use advertising cookies.

We use the information we collect to: (a) operate and improve the Services; (b) run, debug, and observe agents on your behalf; (c) authenticate you and protect your account; (d) communicate with you about your account, security, and product updates; (e) comply with legal obligations; and (f) prevent fraud, abuse, and unauthorized access.

We do not sell personal information. We do not use Customer Data submitted to the Services to train foundation models without your written consent.

With service providers. We share information with vendors that help us run the Services (hosting, model providers, observability, email delivery, billing). These vendors are contractually bound to use the data only as we instruct.

With third-party platforms you connect. When you connect Meta, Google, Stripe, Shopify, or similar platforms, we exchange data with those platforms as needed to perform the actions you authorize.

For legal reasons. We may share information if required by law, to enforce our terms, to prevent fraud or harm, or to defend our rights. We will push back on overly broad requests where appropriate.

In a business transition. If we’re involved in a merger, acquisition, or sale of assets, your information may be transferred. We’ll notify you before any transfer that would materially change how your information is handled.

SkillRoad uses foundation models from third-party AI providers (e.g., OpenAI, Anthropic, Google) to power agents. We have agreements with our providers that prohibit them from using Customer Data to train their underlying models.

We will not use Customer Data to train any foundation model — ours or a third party’s — without your written consent.

We take security seriously. Highlights: SOC 2-aligned controls, encryption in transit (TLS 1.2+) and at rest, least-privilege scoped credentials per integration, role-based access controls for our team, two-factor authentication for employee accounts, and an immutable audit log of agent actions.

No system is impenetrable. If you believe you’ve found a vulnerability, please reach out at security@skillroad.ai. We respond quickly and credit good-faith researchers.

We retain account information for as long as your account is active and for a reasonable period after to comply with our legal obligations. We retain usage data and audit logs as long as needed to operate, secure, and improve the Services — typically up to 24 months.

You can request deletion of your account and associated personal data at any time by emailing privacy@skillroad.ai. We will honor verified requests within 30 days, subject to legal retention requirements.

Depending on where you live, you may have the right to access, correct, delete, restrict, or port your personal information, and to object to certain processing.

To exercise any of these rights, email privacy@skillroad.ai from the address associated with your account. We will verify your request and respond within the timeframes required by applicable law.

We are based in the United States. If you access the Services from outside the U.S., your information may be transferred, stored, and processed in the U.S. and in other countries where our service providers operate.

Where required, we rely on appropriate transfer mechanisms (e.g., Standard Contractual Clauses) to protect personal data that moves across borders.

The Services are not directed to children under 16 and we do not knowingly collect personal information from them. If you believe a child has provided personal information to us, email privacy@skillroad.ai and we will delete it.

If you are a California resident, you have additional rights under the California Consumer Privacy Act, including the right to know what categories of personal information we collect and the right to request deletion. We do not sell or share personal information for cross-context behavioral advertising as those terms are defined under the CCPA.

Residents of other U.S. states with comparable privacy laws have similar rights. To exercise them, email privacy@skillroad.ai.

We will update this policy from time to time as the Services and the regulatory landscape evolve. When we make material changes, we will notify you by email or in-product notice. The most current version is always posted at skillroad.ai/privacy.

Questions, requests, or concerns? Email privacy@skillroad.ai. For security-related disclosures, write to security@skillroad.ai. For everything else, hello@skillroad.ai.