Data Handling Policy
FoundersCore · Version 1.1 · Effective July 5, 2026
This policy describes, in plain language, how FoundersCore (operated by Founders Maintenance and Restoration, LLC) stores, protects, and processes the data inside the platform — and what we expect from you and from each Workspace Company. It supplements the Privacy Policy, which lists exactly what is collected about whom.
1. Where your data lives
Data is stored with professionally managed cloud infrastructure providers in the United States. Data is encrypted in transit (TLS) and at rest. Uploaded files are private and served through expiring signed links, not public URLs.
2. Workspace isolation
Every company's workspace is logically separated. Users reach only the workspace(s) they were invited into; inside a workspace, role- and permission-based controls (including per-branch/location walls) govern what each person can see and change. AI features run under the SAME permission walls — an assistant acting for you can only touch what you yourself are allowed to touch, and financial/wage details are redacted from AI context for people without those permissions.
3. Sensitive categories and how they're treated
- Employee location (timesheets): collected only between clock-in and clock-out, from team members using the mobile timesheet; stored with the timesheet; used for timekeeping, site-departure nudges, and after-hours auto-clock-out; visible to the Workspace Company per its permissions. Never collected from subcontractors or customers, never used for advertising, never sold.
- Call recordings/transcripts (AI receptionist): processed in real time by our telephony and voice-AI providers, stored as a service record for the Workspace Company.
- Payroll and wages: permission-walled (deny-by-default), redacted from AI output for non-permitted users, exported only to the company's payroll provider.
- Banking and card data: bank sign-in happens on Plaid's systems — we never see or store bank passwords; we store account/transaction records for bookkeeping. Customer card payments happen on Stripe's systems — we never see full card numbers.
- Tax and insurance documents (subs): W-9s, certificates of insurance, and signed agreements are stored as private files in the compliance record.
- E-signatures: stored with signer name, email, timestamp, and IP address as tamper-evidence, merged into the signed PDF.
- Connected mailboxes: if a company connects its own email accounts for document import, we read those mailboxes to extract business documents (bills, receipts, insurance certificates, order updates). Extraction uses our AI provider; message IDs are kept to prevent duplicates. Google-sourced data is handled under the Google API Services User Data Policy, including Limited Use.
- Photos and attachments: may retain embedded camera metadata (including capture location) — we do not currently strip it. Treat uploads accordingly.
4. How AI features handle data
- When you use an AI feature, the relevant content (your message plus the records needed to answer) is sent to our AI model providers to generate the response; some document OCR uses Google's services.
- Under our AI providers' commercial API terms, your data is not used to train their models.
- AI actions are permission-gated per user and stamped in the audit trail ("Ezra, asked by …").
- AI support conversations are stored as tickets so your company's admins can review what happened and the outcome.
- AI output can be wrong. Anything important — money, customers, legal, safety — gets a human check before you act on it.
5. Access controls and auditability
- Role-based permissions with read/write levels per module; sensitive areas (financials, wages, pricing) are deny-by-default.
- Branch/location scoping walls off data between locations for restricted users.
- Every create/edit/delete of business records is written to an activity log with who did it and what changed. This log is itself workspace data, visible to the company's admins.
- Optional multi-factor authentication; workspace admins may require it. Rate limiting and security headers guard the API.
6. Backups and continuity
The database is backed up on our provider's automated schedule; backups are encrypted. In an outage we restore from the most recent healthy state — because backups are periodic, a restore can lose the most recent minutes of changes. That's an honest limit of any cloud software.
7. Incident response — if something goes wrong
- Detect & contain: revoke affected credentials/sessions, isolate the issue, stop ongoing exposure.
- Assess: determine what data and which workspaces were affected.
- Notify: affected Workspace Companies and users, without undue delay, consistent with applicable law.
- Fix & learn: patch the root cause; adjust safeguards.
8. Retention, export, and deletion
- Workspace data is the Workspace Company's business record, retained while its account is active. Financial records, signed documents, and audit logs are kept as law and audit obligations require.
- Companies can export their data and request deletion when leaving; we honor deletion within a commercially reasonable period, except legally required retention and encrypted backups that age out on schedule.
- Individuals' rights and requests are handled per the Privacy Policy.
9. Workspace Company responsibilities
Each Workspace Company — not FoundersCore — is the employer, service provider, and data controller for its own people and customers. The Workspace Company is responsible for: (a) giving its employees any legally required notice of workplace monitoring (including timesheet location tracking) and obtaining any required consents; (b) complying with call-recording and consent laws for its AI receptionist callers; (c) lawful use of applicant, employee, subcontractor, and customer data it puts into the platform; and (d) configuring permissions so only the right people see sensitive records.
10. Your responsibilities — this part matters
Security is shared. You agree to: use a strong, unique password and never share your account; enable MFA if your company requires it; sign out on shared devices; only access data you're authorized to access; and report suspected compromise immediately.
If a breach or loss results from your negligence with credentials, from account sharing, or from misrepresenting your identity or affiliation, that responsibility — and liability — is yours, as set out in the
Terms & Conditions.
11. Subprocessors
The categories of subprocessors (what they power and what they see) are in the Privacy Policy. Our full vendor list is confidential competitive information; a current named list is available to Workspace Companies on request.
12. Questions
Help & support in the app, or info@foundersmaintenance.com.