Privacy Policy

TrueSelph Inc. ("TrueSelph," "we," "us," or "our") provides agentive AI technology: open-source frameworks, the TrueSelph Platform (Selph Cloud), and AI agents ("Selphs") that operate on messaging and web channels on behalf of our customers. This Privacy Policy explains what personal data we collect, why we collect it, how we use and share it, and the rights you have over it.

This Policy applies to:

Please read the section "How this Policy applies to AI agents (Selphs)" carefully — it explains the difference between data we control and data we process for our customers.

Effective date: 30 June 2026 Last updated: 30 June 2026


1. Quick summary

This summary is for convenience only; the full Policy below governs.


2. The roles we play (controller vs. processor)

Data-protection law distinguishes the party that decides why and how personal data is processed (the controller / "business") from the party that processes it on the controller's instructions (the processor / "service provider"). TrueSelph plays different roles depending on the activity:

Activity TrueSelph's role Who is the controller
Our Website and marketing Controller TrueSelph
Customer accounts, billing, and Platform administration Controller (of account/contact data) TrueSelph
Content and conversations processed by an Agent a customer deployed Processor / service provider The customer who deployed the Agent
Recruiting, vendor management, internal operations Controller TrueSelph

Where we act as a processor, we handle personal data only on the documented instructions of the customer (the controller), under a data processing agreement ("DPA"). If you interacted with an Agent and want to exercise your rights over that conversation, please contact the organization that operates the Agent; we will assist them as required by our DPA. See Section 7.


3. How this Policy applies to AI agents (Selphs)

When you message, talk to, or otherwise interact with an Agent built on TrueSelph technology, you are usually interacting with a service operated by one of our customers — for example, a retailer's WhatsApp sales associate, a government's citizen-services assistant, or an enterprise's support agent.

In those interactions:

You should review the operating organization's privacy notice and the channel provider's privacy terms for the full picture of how your conversation is handled. This Policy describes what TrueSelph does as the technology provider.

What an Agent may process about you, depending on how the customer configured it: your name and the messaging identifier you contact from (e.g., phone number, chat handle, or user ID); the content of your messages (text, and where the Agent supports it, voice/audio, images, or documents you send); and information the Agent needs to complete your request (e.g., an order number, a location, a booking detail). Agents maintain a per-user memory so the conversation is coherent across turns; the customer controls its scope and retention.


4. Personal data we collect

4.1 Information you give us directly

4.2 Information collected automatically (Website)

4.3 Information collected through the Platform (customer admins/users)

4.4 Information processed through Agents (end users)

As described in Section 3, when we act as a processor: messaging identifiers, message content (text and, where enabled, voice/audio, images, and documents), per-user conversation memory, and request-completion data — all on the customer's instructions and subject to their retention settings.

4.5 Information from third parties

We do not purchase personal data for marketing, and we do not build advertising profiles.


5. Special categories and children


6. How we use personal data — and our AI-training commitment

We use personal data for the following purposes:

Our AI-training commitment

TrueSelph does not use customer data or end-user conversations to train, fine-tune, or otherwise develop general-purpose AI models — ours or any third party's. Conversation content is used to operate the specific Agent the customer deployed and for the limited operational purposes above. Any improvement of our own products is done with aggregated or de-identified data only.

Agents are powered in part by third-party AI model providers — currently Anthropic (Claude) (see Section 8). We use these providers under their commercial API terms, which do not permit them to train their models on the data we send through their APIs.

Automated processing

Agents generate responses automatically. They are designed to assist, not to make legally or similarly significant decisions about you without human involvement. Where a customer configures an Agent to support such a decision, that customer is responsible for providing any required human review and for honoring rights relating to automated decision-making. Contact the operating organization (or us, and we will route the request) to ask for human review.


7. Legal bases (GDPR/UK GDPR)

Where the GDPR or UK GDPR applies and TrueSelph is the controller, we rely on:

Where TrueSelph acts as a processor for an Agent, the customer is responsible for establishing the legal basis for that processing.


8. How we share personal data

We share personal data only as needed and only with:

We do not sell personal data, and we do not share it for cross-context behavioral advertising.


9. International data transfers

TrueSelph is based in the United States and operates globally. Personal data may be processed in the United States and in other countries where we or our service providers operate. Where we transfer personal data out of the EEA, the UK, or other regions with transfer restrictions, we use a lawful transfer mechanism — such as the European Commission's Standard Contractual Clauses (and the UK Addendum) — together with appropriate safeguards. A copy of the relevant mechanism is available on request.


10. Data retention

We keep personal data only as long as needed for the purposes in this Policy:

When data is no longer needed, we delete or de-identify it.


11. Your rights

Subject to your location and applicable law, you may have the right to:

To exercise these rights for data TrueSelph controls, contact us using Section 14. For data processed through an Agent, contact the organization that operates the Agent; if you contact us, we will forward your request to that customer and support them as required by our DPA. We will verify your identity before acting and will respond within the timeframe the law requires. We will not discriminate against you for exercising your rights.


12. California privacy rights (CCPA/CPRA)

If you are a California resident, you have the right to know/access, delete, correct, and to opt out of the sale or sharing of your personal information, and the right to limit the use of sensitive personal information. You also have the right not to be discriminated against for exercising these rights.

To exercise these rights, use the contact details in Section 14. You may use an authorized agent, subject to verification.


13. Security

We use technical and organizational measures appropriate to the risk — including encryption in transit, access controls and least-privilege, audit logging, and a governed agent runtime in which Agent actions are staged, authorized, and recorded. No method of transmission or storage is perfectly secure, but we work to protect your data and to notify affected parties and regulators of breaches as required by law.


14. Contact us

TrueSelph Inc.
5559 Great Hawk Cir., Ann Arbor, MI 48105, USA
Email (all inquiries, including privacy and data requests): [email protected]


15. Changes to this Policy

We may update this Policy for operational, legal, or regulatory reasons. We will post the updated version here with a new "Last updated" date and, for material changes, provide additional notice where required. Please review it periodically.


This Privacy Policy is provided for transparency and does not, by itself, create rights beyond those granted by applicable law or by a written agreement between you and TrueSelph.