Enterprise-Grade Trust for Your Employee Data

We do not store your whole message history. By default we only process the specific data required to power features you enable, such as 1:1 preparation, prompts, or recognition. We store the minimum necessary snippets and metadata to generate insights and keep a history for that manager–employee pair.

No. We never browse customer workspaces or private messages. Access is strictly limited, role-based, and audited. We only process data to deliver the features you activate. No employee at Wellence reads your content unless you explicitly request support on a specific item, and then access is time-bound and logged.

By default we host in the EU/UK region on a major cloud provider with encryption at rest and in transit. If you need a different region, speak to us and we can discuss options. We do not move your data between regions without consent.

We do not use customer data to train public or third-party foundation models. Your data is processed solely to provide the service and to generate your organisation’s insights. Optional, organisation-scoped learning (to improve prompts or suggestions for your company only) can be enabled by the admin.

Only what is needed for the features you switch on. Typical categories:

• Workspace identifiers, users, teams, roles
•  1:1 prompts, responses, actions, recognition notes (if modules are enabled)
• Usage metadata such as timestamps and feature clicks
• We do not collect passwords, payment card data, or sensitive medical information.

Default retention is in accordance with our policy. Admins can shorten or extend retention, and can request deletion at any time. Backups follow the same retention policy.

Yes. Admins can request to delete employees, teams, or the entire workspace dataset. We honour data subject requests (access, correction, deletion) within statutory timelines.

You do. Wellence is a processor of your data. We only process it under your instructions and our Data Processing Addendum.

We use reputable cloud and infrastructure providers for hosting, logging, and analytics. A current list of sub-processors and their purpose is available on request and in our DPA. We do not sell or share your data for advertising.

Data is encrypted in transit (TLS 1.2+) and at rest with strong encryption. Keys are managed by the cloud provider's KMS. If you require customer-managed keys, contact us to discuss.

We operate an incident response process with 24/7 monitoring and clear escalation paths. If an incident affects your data, we notify your admin promptly with details, scope, and remediation steps.

Yes. We provide a standard DPA with GDPR terms and UK Addendum. If Standard Contractual Clauses are required for data transfers, we will execute them.

We request the minimal scopes required for the features you enable. Admins can review scopes during installation, and you may revoke the app at any time from your workspace settings.

No, unless you explicitly ask our support team to investigate a specific issue. Any manual access is time-boxed, least-privilege, and logged.

We can route model calls to EU endpoints and restrict processing to your chosen region where supported. For BYO-LLM or private endpoints, contact us.

We follow security best practices: least-privilege access, encryption in transit and at rest, network segmentation, secure SDLC, vulnerability management, and regular penetration testing. If you require a questionnaire (e.g., CAIQ/SAQ), we will complete it.

Admins define roles for HR, managers, and executives. Access is logged. Privileged access by Wellence staff is restricted and reviewed.

We avoid special category data by design. If customers enter such data in free-text fields, it is processed under your instructions and subject to the same protections.

Automated encrypted backups, multiple availability zones, and recovery testing.

Yes. Separate production, staging, and development environments. No production data in lower environments.

No. Manager notes are visible only to the manager unless you choose to share them. Admins can set organisation-wide defaults.

1:1 content is private to the manager-employee context by default. We provide reminders and content suggestions to avoid sharing unnecessary personal and sensitive data.

No. The product is designed to work in the flow of Slack/Teams with lightweight prompts and templates.

No. We do not have blanket access to private messages. We only see the content you choose to share in the Wellence workflows you interact with.

Only within the specific workflow you submit to them (e.g., a 1:1 prep form). Private wellbeing or feedback inputs are never shared without your consent.

Yes. You can ask your admin or manager, and we will respond via the company's data rights process.

By default, Wellence does not record meetings. If you enable meeting summaries in the future, recording/transcription will be opt-in with clear notices and consent.

No. We complement your HRIS and reviews system by helping managers run high-quality 1:1s, track actions, and surface risks earlier. We integrate with your existing stack.

Yes. Access to dashboards is role-based. Exec and HR summaries are aggregated and do not expose private 1:1 text.

Admins can remove the app from Slack/Teams at any time. We will delete workspace data within [30] days unless you request immediate deletion.

Email hey@wellence.me and we will respond quickly.