WNDRSOFT.
Legal

Privacy Policy

Last Updated: May 6, 2026·Effective: May 6, 2026

This Privacy Policy explains how Uncommon Trade Inc., a California corporation doing business as "WNDRSOFT" ("WNDRSoft," "we," "us," or "our") collects, uses, discloses, and protects information when you visit https://www.wndrsoft.com (the "Site"), book a call or audit with us, or engage us for services (the "Services").

By using the Site, booking with us, or paying for any Service, you confirm you have read this Privacy Policy.

1. Who This Policy Applies To

This policy applies to:

  • visitors to the Site;
  • prospects who submit forms, book calls, or book audits;
  • clients during paid Audits and Implementations; and
  • third parties whose information is shared with us by a client (e.g., a client's employees or customers whose data appears in audit materials).

2. Information We Collect

2.1 Information You Provide Directly

  • Booking and contact data: name, business email, company name, phone number, role, scheduling preferences, and any message content submitted via Cal.com or other forms, email, or calls.
  • Engagement data: information you provide before, during, or after a paid Audit or Implementation, including operational data, financial figures, process documentation, organizational charts, vendor lists, employee information, and any other business data you choose to share ("Client Data").
  • Payment information: billing name and email. Full credit card and bank account numbers are entered directly into Stripe and are not stored on our systems. We receive limited payment metadata from Stripe (e.g., last four digits, transaction ID, payment status).
  • Consent records: the version of these Terms and Privacy Policy you accepted, with timestamp and IP address, captured by Cal.com and/or Stripe at the point of booking and payment.
  • Communications: records of emails, chat messages, calls, meeting notes, and recordings (where you have been notified and recording is permitted by law).

2.2 Information Collected Automatically

  • Technical data: IP address, browser type, device type, operating system, referrer URL, pages viewed, time on site, and approximate geographic location.
  • Cookies and tracking: see Section 7.
  • Analytics: aggregated usage data via tools such as Google Analytics or similar.

2.3 Information from Third Parties

We may receive information from referral partners, public sources (e.g., LinkedIn, company websites), and from the third-party platforms we use to deliver the Services (e.g., Cal.com booking metadata, Stripe payment confirmation).

2.4 Voice, Video, and Call Data

When you participate in a phone call, video call, voice agent interaction, or web-based voice session with WNDRSoft, we may collect: (a) audio and video recordings of the session; (b) transcripts and AI-generated summaries; (c) call metadata (timestamps, duration, participant identifiers, technical events); and (d) information extracted from the conversation, including recommendations, action items, pain points, and follow-ups.

3. How We Use Information

We use information to:

  • respond to inquiries and deliver requested Services;
  • schedule, deliver, and follow up on Audits and Implementations;
  • process payments and send invoices, receipts, and refunds;
  • send transactional communications (booking confirmations, reschedules, project updates);
  • send marketing communications where permitted (you can opt out at any time);
  • improve the Site, Services, and our methodologies, including via anonymized and aggregated insights that do not identify you;
  • record, transcribe, summarize, and analyze phone calls, video calls, and other voice or audio interactions to deliver the Services, support clients, maintain quality, and improve safety;
  • use third-party artificial intelligence and large language model tools (for transcription, summarization, analysis, and content generation) to assist in delivering Audits and Implementations;
  • create de-identified, anonymized, and aggregated insights from engagement data to improve methodologies and Services without identifying you;
  • maintain proof of consent to our Terms of Service and this Privacy Policy;
  • comply with legal obligations and enforce our agreements;
  • detect, prevent, and respond to fraud, security incidents, and misuse.

4. Legal Bases for Processing (GDPR / UK GDPR)

If you are in the European Economic Area, United Kingdom, or Switzerland, we process personal data under one or more of the following legal bases:

  • Contract: to deliver the Services you've engaged us for.
  • Legitimate interests: to operate, improve, secure, and market our business and pursue prospects, balanced against your rights.
  • Consent: for non-essential cookies, marketing emails, and other purposes where consent is required. You may withdraw consent at any time.
  • Legal obligation: to comply with applicable law, tax requirements, or lawful requests.

5. How We Share Information

We do not sell personal information. We share information only as follows:

  • Service providers and sub-processors under contract to protect your data and use it only for instructed purposes, including:
    • Cal.com — booking, scheduling, SMS notifications, and consent capture
    • Stripe — payment processing and consent capture
    • email, CRM, and document storage providers (e.g., Google Workspace, Microsoft 365)
    • cloud hosting and infrastructure providers
    • analytics providers (e.g., Google Analytics)
    • communication and meeting tools (e.g., Zoom, Google Meet)
    • transcription, recording, and meeting AI tools (e.g., Otter, Fireflies, Granola, Zoom AI Companion)
    • artificial intelligence and large language model providers (e.g., OpenAI, Anthropic) used for transcription, summarization, analysis, and content generation
    • telephony and SMS service providers
    • any specialist subcontractors engaged on a specific Audit or Implementation, bound by confidentiality.
  • Legal and safety: to comply with law, court orders, or government requests; to protect rights, safety, or property; to investigate fraud or security incidents.
  • Business transfers: in connection with a merger, acquisition, financing, or sale of assets, subject to confidentiality.
  • With your direction or consent: any other sharing.

A current list of material vendors and sub-processors is available on request at info@wndrsoft.com.

6. Client Data (Data Provided During Paid Engagements)

When we deliver an Audit or Implementation, you may share Client Data, which can include personal data of your employees, customers, vendors, or other third parties.

For Client Data:

  • We act as a data processor (or "service provider" under U.S. law) on the client's behalf and process Client Data only on the client's documented instructions and under the applicable Service Order or Data Processing Addendum ("DPA").
  • The client (you) is responsible for the lawful basis, notices to data subjects, and any consents required to share personal data with us.
  • We apply confidentiality and security obligations described in our Terms of Service and this Policy.
  • Where required (e.g., GDPR Article 28), the parties will execute a DPA. Standard Contractual Clauses or other approved transfer mechanisms apply for international transfers.

7. Cookies and Tracking Technologies

We and our service providers use cookies, pixels, and similar technologies for:

  • Strictly necessary functions (site security, load balancing, session management).
  • Analytics (e.g., Google Analytics) to understand site usage.
  • Marketing (e.g., Meta Pixel, LinkedIn Insight Tag, retargeting cookies) where deployed.

Where required by law (EU/UK), non-essential cookies are loaded only after you consent via our cookie banner. You can adjust preferences at any time through the banner or your browser settings. Disabling cookies may degrade Site functionality.

8. Data Retention

We retain personal information only as long as necessary for the purposes described in this Policy, to comply with legal, accounting, or reporting requirements, or to resolve disputes and enforce agreements. Typical retention windows:

  • Lead and contact data: up to 3 years from last interaction.
  • Booking records and consent logs: 7 years.
  • Client engagement records and Client Data: 7 years after engagement ends, or longer if required by law or by the applicable Service Order.
  • Marketing data: until you unsubscribe, plus a short suppression-list period.
  • Analytics data: per the analytics provider's retention settings.

When no longer needed, data is deleted or anonymized.

9. Security

We apply technical and organizational measures designed to protect personal information against unauthorized access, alteration, disclosure, or destruction, including encryption in transit, access controls, vendor due diligence, and limited personnel access on a need-to-know basis. No method of transmission or storage is 100% secure, and we cannot guarantee absolute security. You are responsible for keeping your credentials and shared documents secure on your end.

10. International Data Transfers

We are based in the United States. If you are outside the U.S., your information will be transferred to and processed in the U.S. and other countries that may have different data protection laws than your country. Where required, we use Standard Contractual Clauses or other approved transfer mechanisms.

11. Your Rights

11.1 EEA / UK / Swiss Residents (GDPR / UK GDPR)

You have the right to: access your personal data; rectify inaccurate data; erase data ("right to be forgotten"); restrict or object to processing; data portability; withdraw consent; and lodge a complaint with your supervisory authority. We respond to verifiable requests within applicable statutory periods.

11.2 California Residents (CCPA / CPRA)

You have the right to: know what personal information we collect, use, disclose, and the categories of sources and recipients; delete personal information (subject to exceptions); correct inaccurate personal information; opt out of the "sale" or "sharing" of personal information (we do not sell personal information; "sharing" for cross-context behavioral advertising may occur via standard analytics/advertising cookies as described in Section 7, and you can opt out via our cookie banner or browser controls); limit use of sensitive personal information; and not be discriminated against for exercising these rights.

11.3 Other U.S. State Residents

If you reside in a state with a comprehensive privacy law (e.g., Virginia, Colorado, Connecticut, Utah, Texas, Oregon, and others), you have rights similar to those above as provided under your state's law.

11.4 How to Exercise Rights

Contact info@wndrsoft.com with your request. We may need to verify your identity. If we deny a request, we will explain why and how to appeal where applicable.

11.5 Authorized Agents

You may use an authorized agent to submit a request, subject to verification under applicable law.

12. Marketing Communications

You can opt out of marketing emails at any time using the unsubscribe link in any email or by contacting info@wndrsoft.com. Transactional messages relating to active engagements are not opt-out.

13. Children's Privacy

The Site and Services are not directed to children under 16. We do not knowingly collect personal information from children. If we learn we have, we will delete it.

14. Do Not Track and Opt-Out Signals

Our Site does not currently respond to "Do Not Track" browser signals due to lack of an industry standard. We honor opt-out preference signals (e.g., Global Privacy Control) where required by applicable law.

15. Third-Party Sites

The Site may contain links to third-party sites or services. We are not responsible for their privacy practices. Review their policies before providing information.

16. Automated Decision-Making

We do not use personal data to make decisions producing legal or similarly significant effects through solely automated means.

17. Voice Calls, Recordings, AI-Assisted Services, and SMS

Recording and analysis. If you participate in a phone, video, or voice-agent session with WNDRSoft, we may record, transcribe, summarize, and analyze the session to deliver the Services and improve quality, security, and our methodologies. By participating in such a session, you authorize this processing under California Penal Code § 632 and similar two-party consent laws.

Third-party participants. If you invite third parties (e.g., your employees, contractors, or vendors) into a session, you are responsible for ensuring they have received any required notice of recording and provided any consent required by law before participating.

AI-assisted delivery. We use third-party artificial intelligence and large language model tools to support Audits and Implementations. Conversation content and Client Data may be processed by such tools subject to the confidentiality and security safeguards described in this Policy and our Terms of Service.

De-identified data. We may use de-identified or aggregated information derived from recordings, transcripts, and engagement data to improve our Services. Where additional consent is required by law for a specific use, we will obtain it.

SMS communications. If you provide a phone number, you may receive transactional SMS messages from WNDRSoft or our booking platform (Cal.com), including booking confirmations, reminders, and engagement-related updates. Standard message and data rates may apply per your carrier. You can opt out of SMS at any time by replying STOP, or reply HELP for assistance. Opting out of transactional SMS may affect our ability to deliver service notifications. Mobile opt-in data and phone numbers will not be shared with or sold to third parties for marketing purposes.

18. Changes to This Policy

We may update this Policy from time to time. The "Last Updated" date and version number at the top reflect the latest version. Material changes will be communicated via the Site or, where required, by email.

19. Contact

For privacy questions, requests, or complaints:

Uncommon Trade Inc., doing business as WNDRSOFT

2554 Lincoln Blvd #405, Venice, CA 90291

Email: info@wndrsoft.com

Website: https://www.wndrsoft.com