Privacy Policy

1. About This Policy

This policy explains how Wake ("we," "our," or "us") handles data for the Wake Intelligence Platform — the business-facing World Model Platform at drpaulk.ai, where a business ("you," a "tenant" or "partner") runs a pilot, sends its own data through our gateways, and grows a private, specialized intelligence that is yours.

It is written for the B2B / partner world: tenants, the people you name to run a pilot, and the contacts who talk with us about one. It is not the policy for our consumer app — that lives separately at wakeai.app. Please read this policy alongside our Terms of Service and your pilot data agreement, which governs the specifics of any engagement.

2. The Data We Handle, and Why

We keep this deliberately narrow. We collect what we need to set up, run, and improve your intelligence — and nothing we don't.

2.1 Tenant Data You Send Through the Gateways

During a pilot, your systems send your own data to Wake through six gateways — Perception, Configurator, World Model, Cost, Short-term Memory, and Actor. This is the material your specialized intelligence learns from and reasons over. Depending on what you choose to send, it may include:

• Signals and inputs your application passes to the Perception Gateway to be turned into a read of the moment
• Goals, objectives, and the steps you give the Configurator Gateway to shape and steer the model
• States, plans, predictions, and corrections exchanged with the World Model and Short-term Memory Gateways
• Plan evaluations and real-world outcomes you report to the Cost Gateway so the model learns from what actually happened
• Actions chosen and delivered through the Actor Gateway
• Your historical records, where you choose to share them, so the first version of your intelligence can be grown from your own history

Why: solely to provide the service — to grow, run, and improve your model and return useful guidance to you. You decide what data to send; you bring what you know, and Wake turns it into an intelligence that is yours.

2.2 Account and Contact Data

To give your team access and to administer the engagement, we collect:

• Account information: names, work email addresses, and organization details for the users you authorize
• Authentication data: sign-in identifiers (for example, via Google) used to gate access to platform pages
• Roles and authorizations: who on your side is a Shaper, who may act on the calls, and what each person may access

Why: to authenticate users, control access, support your team, and meet our legal and security obligations.

2.3 Pilot Communications

To plan and run a pilot well, we keep the working record of our conversation with you:

• Messages, scheduling, and pilot-request details you send through our contact and scheduling pages
• Notes from discovery, domain mapping, checkpoints, and reviews — the agreed outcome, its baseline, and the number that means "scale it"
• Support requests and our responses

Why: to scope the pilot, keep honest checkpoints, measure the agreed result, and support you.

2.4 Operational and Usage Data

To keep the platform reliable and secure, we automatically collect limited operational data — gateway request metadata, access times, IP address, error and performance logs, and similar telemetry. We use it to operate, secure, and troubleshoot the service, not to profile your business.

3. How Your Data Is Processed — and Kept Apart

Your intelligence is yours alone. We process your data only to deliver the service to you, and we keep every tenant's world separate from every other tenant's.

• Per-tenant isolation: each tenant's data, model state, memory, and outputs are logically separated and scoped to that tenant. Your data is used to grow and run your model — never to train, tune, or inform another tenant's intelligence.
• Access scoped to the engagement: only the people who need to build and run your pilot can reach your data, under role-based access controls. Authorizations are scoped to your tenant.
• Fit, fair & governed from day one: your data is shaped to be fit and fair from the start, with oversight, traceability, and a clear data agreement built in.
• Parallel and shadow modes: a pilot can run on the sidelines — in parallel with your current system, or in shadow mode against a holdout — so the model can be measured without touching your live decisions until you give the go-ahead.
• No advertising, no profiling: we do not use your tenant data for advertising, cross-tenant profiling, or any purpose beyond providing and improving your own service.

4. Transparent Recommendations

Wake is built to be trusted on purpose, not on faith. Every recommendation the platform returns carries its reasoning, a likely result, and a worst case — so the people you name can understand a call, weigh it, and accept or overrule it deliberately. The Cost Gateway scores how good a plan is and learns from the outcomes you report back; guidance reaches real decisions only within the guardrails you choose. You bring the judgment and own the outcome.

5. Your Data Is Yours: Ownership, Retention & Deletion

5.1 Ownership

You own the data you send and the specialized intelligence grown from it. By the end of a pilot you walk away with a model you own and can scale, the world-model architecture shaped around your business, and a team that can run and explain it. We claim no ownership of your tenant data or your model, and we do not repurpose either for our own products.

5.2 Retention

We retain tenant data, model state, and pilot records only as long as needed to provide the service and as set out in your data agreement:

• Tenant data and model state: kept for the duration of your engagement, then deleted or returned per your data agreement
• Account and authorization data: kept while your account is active; removed after the engagement ends, subject to a short wind-down window
• Pilot communications and support records: kept for the engagement and a limited period afterward for reference and legal obligations
• Operational logs: kept for a limited period for security, reliability, and audit, then deleted

5.3 Deletion and Export

You may request access to, export of, correction of, or deletion of your tenant data and model at any time. On request — and in any case at the end of an engagement — we delete or return your data and decommission your model on the timeline set in your data agreement. To make a request, contact us using the details below.

6. Sub-Processors

We rely on a small number of vetted infrastructure providers to run the platform. Each is bound by a written data protection agreement, may process your data only on our instructions and only to deliver the service, and is held to security standards equivalent to our own. Our primary sub-processors are:

• Google Cloud Platform: secure cloud hosting, compute, and storage
• Authentication providers (for example, Google Sign-In): verifying the identity of authorized users

We do not add a sub-processor that handles tenant data without due diligence and the contractual protections above, and we will identify our current sub-processors on request.

7. Security

We protect your data with layered, industry-standard controls:

• Encryption of data in transit (TLS) and at rest
• Role-based access controls, least-privilege access, and per-tenant scoping
• Authentication on every access path and on all platform gateways
• Network isolation, secrets management, and pinned, regularly patched dependencies
• Logging, monitoring, and regular security review of the platform

No system is perfectly secure, but security is designed in from day one, not bolted on. If a breach affecting your data occurs, we will notify you promptly in line with our agreement and applicable law.

8. We Do Not Sell Your Data

We do not sell, rent, trade, or otherwise profit from your tenant data, account data, or pilot communications. We do not share your data with third parties for their own advertising or marketing. We disclose data only: to the sub-processors above, strictly to operate the service; with your authorization or instruction; or where required by law or to protect rights and safety. In a merger, acquisition, or sale of assets, we would notify you before your data became subject to a different policy.

9. Your Rights

Subject to your agreement and applicable law, you may:

• Access the data we hold for your tenant
• Correct inaccurate account or tenant data
• Export your tenant data and model
• Request deletion of your data and decommissioning of your model
• Restrict or object to certain processing, and withdraw a prior authorization

Where you act as a controller and we as a processor for personal data within your tenant data, we will assist you in honoring the rights of the individuals you serve, as set out in your data agreement. To exercise any right, contact us below.

10. International Data Transfers

Your data may be processed in the United States and other countries where we or our sub-processors operate. Where required, we put appropriate safeguards in place — such as standard contractual clauses — for cross-border transfers.

11. Changes to This Policy

We may update this policy from time to time. We will post the revised version here and update the Effective Date above; for material changes affecting tenant data, we will give reasonable advance notice through the channels in your agreement.

12. Contact Us

For any question about this policy, your data, or a pilot, reach us at:

• Email: legal@wakeai.app
• Pilots and partnerships: www.drpaulk.ai/contact