Carter
Terms Privacy DPA Privacy choices

Last updated June 26, 2026

Privacy Policy

Carter collects and processes business account, workspace, uploaded, generated, usage, support, billing, sender setup, authentication, device, security, and operational data to provide and protect the service.

Default Data Use

Unless a customer opts out, Carter may use workspace content, uploads, prompts, generated outputs, lead-review activity, outreach-review activity, run artifacts, usage data, support communications, and operational logs to improve Carter, develop features, tune prompts and workflows, evaluate AI quality, create tests and benchmarks, improve Carter-controlled classifiers and models, and improve security, reliability, and usability.

An opt-out does not limit Carter's use of data to provide the service, secure the service, debug issues, enforce agreements, comply with law, keep audit and compliance records, use aggregated or de-identified data, or perform processing otherwise required by the customer relationship.

Customer-Controlled Data

Customers are responsible for lawful basis, notices, consents, suppression lists, do-not-contact lists, outreach compliance, exports, sender configuration, and the data they choose to upload or process through Carter.

Sharing And Retention

Carter may share data with service providers, subprocessors, contractors, affiliates, professional advisors, payment providers, authentication providers, hosting and storage providers, AI providers, email and sender providers, analytics and observability providers, security providers, legal authorities, parties involved in a business transfer, and others as directed by the customer or required to provide the service.

Carter retains data as reasonably needed for service delivery, law, disputes, enforcement, audit, security, backups, billing, compliance, and legitimate business purposes. Aggregated, de-identified, audit, security, billing, and compliance records may be retained longer.

Rights And Choices

Depending on location and relationship to Carter, individuals may have rights to access, correct, delete, restrict, port, object to, or opt out of certain processing. Carter may verify identity and may route customer-controlled requests to the relevant customer.

Customers must not submit sensitive personal information, regulated health information, payment card data, government identifiers, children's data, credentials, secrets, or other restricted data unless a separate signed agreement expressly permits it.

Connection interrupted. Reconnecting...