Issue 01 NOW BOOKING · JULY 2026

Levelset Privacy Policy

Last updated: June 18, 2026

This Privacy Policy explains how Tempr Holdings, LLC ("Levelset," "we," "us," or "our") collects, uses, shares, and protects personal information in connection with the Levelset platform, websites, assessments, and related services (collectively, the "Services"). It applies to information we handle as a business. Where we process personal data on behalf of a customer as a service provider or processor, that processing is also governed by our agreement with that customer and any applicable Data Processing Agreement.

By using the Services, you acknowledge this Privacy Policy. If you do not agree, do not use the Services.

1. Who We Are and How to Reach Us

Levelset is the controller of personal information described in this Policy unless we are acting as a processor on a customer's behalf. You can contact us about privacy at support@trytempr.com.

2. Information We Collect

Information you provide:

  1. Account and contact details, such as name, business email, company name, and role.
  2. Assessment information, including responses to diagnostic questions, interview inputs, and documents you choose to upload.
  3. Communications you send to us, including support requests and email.
  4. Billing status. Payments are processed by our payment provider. We receive confirmation of payment but do not store full card numbers.

Information we collect automatically:

  1. Usage data, such as pages viewed, features used, and actions taken within the Services.
  2. Device and log data, such as IP address, browser type, operating system, and timestamps.
  3. Cookies and similar technologies, as described in Section 8.

Information from third parties:

  1. Service providers that support authentication, analytics, payment, and infrastructure.
  2. Your organization, where a customer enrolls you as an Authorized User.

3. How We Use Information

We use personal information to:

  1. Provide, operate, and maintain the Services.
  2. Generate assessments, scores, analyses, and reports for you.
  3. Communicate with you, including service messages and support.
  4. Process payments and manage engagements.
  5. Secure the Services, prevent fraud, and enforce our Terms.
  6. Improve and develop the Services and our methodology.
  7. Comply with legal obligations and exercise or defend legal claims.

4. Artificial Intelligence Processing

The Services use automated systems and large language models to process the information you submit and to generate Output. Your assessment inputs are analyzed by AI to produce scores, analyses, and recommendations. Output may be inaccurate or incomplete and is intended to support, not replace, your own judgment. We do not use AI to make decisions about you that produce legal or similarly significant effects without human involvement.

Our AI processing is performed through the Anthropic (Claude) API under Anthropic's Commercial Terms of Service and Data Processing Addendum. Under those terms, your inputs and outputs are not used to train Anthropic's models, and they are retained by Anthropic only for a limited period (by default, up to 30 days), except where longer retention is required to comply with law or to detect and prevent misuse. We do not use your identifiable Customer Content to train third-party public AI models. Any internal use of data to improve our own methodology is subject to the confidentiality and security commitments in this Policy.

5. Legal Bases for Processing (EEA and UK)

Where the EU or UK GDPR applies, we rely on the following legal bases: performance of a contract with you; our legitimate interests in operating and improving the Services and securing them; your consent where required (for example, certain cookies); and compliance with legal obligations. You may withdraw consent at any time where processing is based on consent.

6. How We Share Information

We share personal information as follows:

  1. Service providers (sub-processors) that perform functions on our behalf under contract, listed in Section 7.
  2. Legal and safety, where required by law, legal process, or to protect rights, property, or safety.
  3. Business transfers, in connection with a merger, acquisition, financing, or sale of assets, subject to this Policy.
  4. With your direction, when you ask us to share information.

We do not sell your personal information, and we do not share it for cross-context behavioral advertising. We do not disclose one customer's Customer Content to another customer.

7. Sub-Processors

We use the following sub-processors to deliver the Services. We require each to protect personal information consistent with this Policy.

Provider Function
Vercel Frontend hosting and content delivery
Railway Backend application hosting
Supabase Database and file storage
Resend Transactional email delivery
Stripe Payment processing
Anthropic (Claude API) AI processing of assessment inputs to generate Output

We may update this list as our providers change. Material changes will be reflected here.

8. Cookies and Tracking

We use cookies and similar technologies to operate the Services, remember preferences, and understand usage. You can control cookies through your browser settings and, where offered, through an on-site preference tool. Some cookies are strictly necessary for the Services to function and cannot be disabled. Where required by law, we obtain consent before setting non-essential cookies.

9. Data Retention

We retain personal information for as long as needed to provide the Services, to comply with legal, tax, and accounting obligations, to resolve disputes, and to enforce our agreements. When information is no longer needed, we delete or anonymize it. Customers may request deletion of Customer Content subject to legal retention requirements. Data processed by our AI sub-processor is retained on the schedule described in Section 4.

10. Security

We use reasonable administrative, technical, and organizational measures to protect personal information, including encryption in transit and access controls. No method of transmission or storage is completely secure, and we cannot guarantee absolute security. You are responsible for keeping your account credentials confidential.

11. International Data Transfers

We are based in the United States, and we may process information in the United States and other countries. Where we transfer personal data from the EEA, UK, or Switzerland, we use a lawful transfer mechanism, such as the European Commission's Standard Contractual Clauses, where required.

12. Your Privacy Rights

Depending on where you live, you may have rights to access, correct, delete, or receive a copy of your personal information, to object to or restrict certain processing, and to withdraw consent. To exercise these rights, contact us at support@trytempr.com. We will respond as required by applicable law. You may also have the right to lodge a complaint with your local data protection authority.

13. Notice for California Residents (CCPA and CPRA)

In the prior twelve months, we have collected the categories of personal information described in Section 2, including identifiers, commercial information, internet activity, and professional or employment-related information. We collect this information for the business purposes described in Section 3 and share it with the categories of recipients described in Section 6.

We do not sell personal information, and we do not share it for cross-context behavioral advertising. We do not knowingly collect sensitive personal information for the purpose of inferring characteristics about you.

California residents have the right to know, access, correct, and delete personal information, the right to opt out of sale or sharing (which we do not engage in), and the right not to be discriminated against for exercising these rights. To submit a request, contact support@trytempr.com. You may use an authorized agent, and we will verify requests as required by law.

14. Children's Privacy

The Services are intended for business use and are not directed to anyone under 18. We do not knowingly collect personal information from children. If you believe a child has provided us information, contact us and we will delete it.

15. Third-Party Links

The Services may link to third-party websites or services that we do not control. This Policy does not apply to those third parties, and we are not responsible for their practices. Review their privacy policies before providing information.

16. Changes to This Policy

We may update this Policy from time to time. We will update the "Last updated" date above and, where appropriate, provide additional notice. Your continued use of the Services after changes take effect constitutes acceptance of the updated Policy.

17. Contact

Tempr Holdings, LLC support@trytempr.com Website: letslevelset.com