Data & Privacy

ECHO is designed to provide insight, not surveillance. This page explains how we handle data, what ECHO is and isn't built to do, and what AI processes the text you read.

Key principles

  • Individual responses are confidential. They are used to generate insight for the person who answered them, and for the manager they report to, within the agreed organisational context.
  • ECHO does not assess capability, performance, intelligence, suitability for employment, or psychological health.
  • No personality types, scores, rankings, or pass/fail outcomes are generated.
  • Personal information is processed in accordance with UK data protection law, including the UK GDPR.
  • Data is stored securely. Access is restricted to authorised users within the customer organisation, and to ECHO administrators only where strictly necessary for operating the service.
  • Organisations retain ownership of their organisational data. Individuals can request access to information held about them under UK data protection law.

What ECHO must not be used for

ECHO is built to support better conversations between colleagues. It is not built to make personnel decisions about them. Specifically, ECHO must not be used to:

  • Rate, rank or score individual employees
  • Inform hiring, promotion, contract renewal, performance review, or disciplinary decisions
  • Replace any structured HR process where one is appropriate
  • Identify employees for selection during restructures or redundancies

Customers agree to these limits when they begin using ECHO. We treat them as the operating contract that sits alongside this privacy policy.

AI and data flows

ECHO uses an AI model from Anthropic (Claude) to generate the warm narrative text you read in each portrait, working guide and Ask ECHO answer. The dimension bars, pattern matching and team views are produced by ECHO's own software, not by the AI.

Three things to know about how this works:

  1. Data sent to the AI is limited to the questionnaire answers needed to generate the requested output, and is never used to train the AI model. Anthropic operates a zero-retention policy for API customers like us.
  2. The AI does not have access to your data outside the specific request being processed. It does not learn about your organisation across requests, and it does not retain anything after each response is returned.
  3. The AI is instructed, on every request, to focus on observable working patterns, to avoid identity-level claims about individuals, and to refuse character judgements.

Your rights

Under UK data protection law you have rights to access, correct, port and request deletion of personal information held about you. To exercise any of these rights, contact us using the details below and we will respond within statutory timescales.

If you have any questions about privacy, data handling, AI use or information security, please contact us.

info@workbettertogether.co.uk