Client Guide
Data & Privacy
How your data is accessed, stored, and protected on the Affinity Design platform
Data Access
Who Can See Your Data
| Role | Access Level |
|---|---|
| You | Full access to your portal data — calls, billing, websites, assets, Command sessions |
| Your agency (admin) | Full access to your account, including Command session history |
| Other clients | No access — strict client isolation |
| Affinity Design (platform) | System-level access for infrastructure and reliability only |
How Command Accesses Your Data
Command reads your data through scoped resource endpoints — it does not have unrestricted database access:
| Resource | What Command Sees |
|---|---|
billing://overview | Invoices, contract, balance — only your account |
reports://latest | Your most recent monthly report |
reports://list | All your monthly reports |
seo://overview | Search data for your websites only |
website://list | Your websites and connection status |
knowledge://doc/* | Knowledge Base docs for your account |
| WordPress tools | Content on your connected WordPress sites |
| Social media tools | Your scheduled and published posts |
Command never displays raw API keys, tokens, or credentials — even when it uses them to perform actions.
Client Isolation
The platform enforces strict isolation between client accounts:
- Each client's data is scoped to their
clientId - Command sessions are bound to your client account
- Assets, knowledge docs, and billing are all client-scoped
- Portal API endpoints authenticate and filter by your client identity
- No cross-client data leakage is possible through the portal or Command
Command Session Data
What's Stored
- Session metadata (title, status, creation date)
- All messages — your inputs and Command's responses
- Tool calls and results (what actions Command took)
- Confirmation requests and your approvals/denials
- File attachments (referenced, stored in your Asset Library)
Who Can See Sessions
- You — all your sessions
- Your agency admins — all sessions for clients they manage
- No one else — sessions are not shared between clients
Session Retention
- Active sessions persist until you archive them
- Archived sessions are retained per your agency's data retention policy
- You can request deletion of specific sessions through your agency
Knowledge Base Privacy
- Documents you create are stored in your client-scoped database
- Your agency can also create documents in your Knowledge Base
- Command reads knowledge docs before acting — they are not sent to other clients
- Read-only documents are agency-managed and cannot be modified by you
AI Model & Training
| Question | Answer |
|---|---|
| Is my data used to train AI models? | No. Your data is not used for model training. |
| Does Command learn from my sessions? | Command uses your session context within the same conversation only. It does not persist "learnings" across sessions. |
| Are my prompts sent to third parties? | Prompts are sent to Google's Gemini API for processing. Google's data handling terms apply. Your agency can configure an AI gateway for additional control. |
Data Retention
| Data Type | Retention |
|---|---|
| Call recordings | Per your agency's retention policy |
| Command sessions | Until you archive them, then per agency policy |
| Billing records | Per financial record requirements |
| Assets | Until you or your agency delete them |
| Knowledge Base docs | Until you or your agency delete them |
Security Measures
- Authentication — All portal access requires authentication
- Encryption — Data in transit is encrypted (TLS)
- Authorization — API endpoints verify client identity on every request
- Feature gating — Portal features can be disabled per-client by your agency
- Confirmation flow — Sensitive Command actions require your explicit approval
- No credential exposure — API keys and tokens are never displayed in the portal or Command responses
Your Rights
- View your data — Access your portal and Command sessions at any time
- Request deletion — Ask your agency to delete specific data
- Export data — Download invoices, reports, and call history
- Disable features — Ask your agency to turn off specific portal sections
- Report concerns — Contact your agency about any data privacy issue
For specific data privacy questions not covered here, contact your agency. They can provide details about their data processing agreements and compliance certifications.
