Privacy Policy

Last updated June 1, 2026

This Privacy Policy explains how Torchrunner, Inc.(a Delaware corporation, “Torchrunner,” “we,” “us”) collects, uses, and shares information when you visit our website or use the Torchrunner platform (the “Service”). Torchrunner is an operating platform for independent operators that connects CRM, inbox, projects, documents, accounting, scheduling, a client portal, and AI workflows in one workspace.

Information we collect

We collect the following categories of information:

  • Account information. Name, email address, organization details, and credentials you provide when you apply for the Founding Operator Cohort or create an account.
  • Customer data. The business records you bring into or create within the Service, including contacts, projects, documents, invoices, financial records, and messages. You control this data; we process it on your behalf to provide the Service.
  • Connected accounts. When you link an email or calendar account, we access data through official provider APIs (Google via the Gmail API, Microsoft via Microsoft Graph) under the permissions you grant. We do not route your mailbox through intermediary middleware.
  • Financial connections. If you connect bank feeds or accounting data, we process transaction and account information solely to power the accounting features you use.
  • Usage and device data. Log data, IP address, browser type, and interaction events collected automatically to operate, secure, and improve the Service.

How we use information

We use information to:

  • Provide, maintain, and improve the Service.
  • Power AI features, including Archie and Runners, which read and act on the records and context within your own workspace.
  • Authenticate users, enforce tenant isolation, and protect against fraud and abuse.
  • Communicate with you about your account, applications, updates, and support.

We do not sell your personal information, and we do not use your Customer Data to train third-party foundation models.

AI processing

AI features process your workspace content to generate responses, take actions, and maintain memory that improves over time. Requests may be sent to third-party model providers through a gateway under contractual terms that prohibit using your data to train their models. Processing is scoped to your organization, and every AI action runs under a logged, auditable trail.

How we share information

We share information only as needed to run the Service and only with service providers acting on our behalf, including:

  • Cloud hosting and database infrastructure (Vercel, Supabase).
  • Email and calendar providers you connect (Google, Microsoft) and transactional email delivery (Resend).
  • AI model providers, under the restrictions described above.

We may also disclose information to comply with the law, enforce our agreements, or protect the rights, safety, and security of our users and the Service. If we are involved in a merger or acquisition, information may be transferred subject to this Policy.

Security

Security is a core design principle of Torchrunner. Every tenant’s data is isolated and protected by row-level security on every table. Access is authenticated and scoped, sensitive operations are verified, and data is encrypted in transit and at rest. No method of transmission or storage is perfectly secure, but we work to protect your information using industry-standard safeguards.

Data retention

We retain Customer Data for as long as your account is active or as needed to provide the Service. You may export or request deletion of your data, and we will delete it within a commercially reasonable period after account termination, except where retention is required by law.

Your rights

Depending on where you live, you may have the right to access, correct, delete, or port your personal information, and to object to or restrict certain processing. To exercise these rights, contact us at the address below. We will respond consistent with applicable law.

Cookies

We use cookies and similar technologies to keep you signed in, remember preferences, and understand how the Service is used. You can control cookies through your browser settings; disabling them may affect functionality.

Children’s privacy

The Service is not directed to individuals under 18, and we do not knowingly collect personal information from children.

Changes to this Policy

We may update this Policy from time to time. When we make material changes, we will update the date above and, where appropriate, notify you. Your continued use of the Service after an update means you accept the revised Policy.

Contact us

Questions or requests about this Policy or your data can be sent to support@atpace.io.