Confidentiality & Data Use

Your content stays your content

Organizations that use Capstone Workforce trust us with scenario content, participant practice transcripts, video recordings, and evaluation data. Here is exactly how we handle that information — what stays inside your organization, what gets used to power the platform's feedback, and what we never do with it.

Your organization's content is not visible to anyone outside your organization

Capstone Workforce uses a multi-tenant architecture where every scenario, evaluation, transcript, and report is scoped to a single organization. That means:

  • Scenarios authored for your organization — whether by your team or seeded by us at your direction — are only visible to your administrators, managers, and enrolled participants. They are never surfaced to participants in other organizations, never exposed in marketing materials, and never indexed publicly.
  • Custom scenarios that a participant builds in their own account stay scoped to that participant. No one else in the organization sees them unless explicitly shared.
  • Practice transcripts, video recordings, and evaluation scores are visible only to the participant who generated them and the managers responsible for their cohort.
  • Reports and analytics are filtered to each organization's own data. One organization cannot view another organization's metrics, even in aggregate.

Participant data is used to deliver feedback — and only feedback

When a participant practices a scenario, the platform records what they said and how they delivered it. That information powers the experience itself:

  • Transcripts are evaluated by AI models to score communication skills — clarity, confidence, pacing, engagement, structure — and to generate personalized written feedback the participant sees on their dashboard.
  • Video recordings are processed to measure delivery signals such as eye contact, filler words, and pacing, and are stored so the participant can review their own performance.
  • Practice activity rolls up into readiness scores and progress tracking for the participant and for the managers responsible for their cohort.

That is the full scope. Participant content is not used for advertising, not used to train models that serve other customers, and not repurposed for any objective the participant has not opted into by signing up for the platform.

What we never do

Some practices we want to be explicit about, because they are common in the broader software industry and we do not engage in them.

We do not sell participant data

Capstone Workforce does not sell, license, or rent your participants' practice transcripts, video recordings, evaluation scores, contact information, or any other personal data to third parties. Your participants are not a data product.

We do not share content across organizations

A scenario built for one organization is never reused, repackaged, or shown to participants in another organization without the originating organization's explicit permission.

We do not publish our customers' content

Scenario content, custom personas, evaluation criteria, and other materials authored for your organization remain private. They are not used in our marketing, sales demos, or public-facing examples without separate written consent.

We do not retain data beyond what powers the product

Data is retained to power dashboards, longitudinal progress tracking, and reporting your organization relies on. Activity logs are aged out automatically; on written request, an organization can have its data exported or deleted.

Transparency

How AI services fit into the platform

The feedback your participants receive is generated by large-language-model providers. We use these providers strictly as inference subprocessors — they are not buyers of your data, and our agreements with them prohibit them from using your content to train models that serve their other customers.

All participant content sent to AI providers is transmitted over encrypted connections. Capstone Workforce does not give these providers access to your dashboards, your roster, or any organization-level data — only the specific transcript or response being evaluated.

On request, we will share a current list of AI subprocessors and their data-handling commitments. Organizations on enterprise plans can sign a Data Processing Addendum that names every subprocessor in writing.

The technical baseline

The standard practices behind every Capstone Workforce deployment.

Encrypted in transit

All traffic between participants, our servers, and AI providers runs over TLS.

Encrypted at rest

Database storage, video files, and backups are encrypted using AWS-managed keys.

Role-based access

Participants, managers, and executives see only the data their role permits.

Tenant isolation

Multi-tenant architecture scopes every database query to a single organization.

Continuous backups

Daily backups with point-in-time recovery on the production database.

Audit logging

Sensitive actions (logins, exports, role changes) are logged for traceability.

Have a specific data question?

If your organization has procurement, compliance, or legal requirements that need more detail — DPAs, subprocessor lists, retention policies — we are happy to walk through them.

Email our team