consu.ltd
← Back to home

Privacy Policy

Last updated 17 June 2026

consu.ltd (“consu.ltd”, “we”, “us”) provides a workspace for consultants and firms to record client engagements and draft client-ready documents from that record. This policy explains what we collect, why, and the choices you have.

Information we collect

  • Account data — your name, email, and (for password accounts) a securely hashed password. If you sign in with Microsoft or Google, we receive your name and verified email from that provider.
  • Engagement content — the notes, calls, emails, decisions, attachments, time entries, and documents you add to your engagements. This is yours; we process it to provide the service.
  • Connected accounts — if you connect Microsoft Outlook/Calendar, we store an encrypted access/refresh token and sync only calendar events and emails that match a client contact on one of your engagements.
  • Billing data — handled by our payment processor; we store your subscription status and customer reference, not card numbers.
  • Usage & diagnostics — basic product analytics and error reports to keep the service working. These can be disabled by the operator and carry no marketing trackers.

How we use it

To operate your account, store and display your engagements, generate documents you request, send transactional email (verification, password reset, team invites), process subscriptions, and secure and improve the service. We do not sell your data or use your engagement content for advertising.

AI processing

When you ask consu.ltd to draft or analyse, the relevant engagement content is sent to our AI provider to produce that output. Drafting is grounded only in what you provide. Depending on the configured provider, prompts may be processed under that provider’s terms; we use providers on paid tiers that do not train on your content where available.

Subprocessors

We rely on reputable providers to run the service, which may process data on our behalf: hosting and database (Vercel, Neon), email delivery (Resend), AI generation (Anthropic, and optionally Google or OpenRouter), payments (Paystack), the Microsoft Graph API (only if you connect Outlook), and product analytics / error monitoring (PostHog, Sentry).

Storage, security & retention

Data is stored on managed cloud infrastructure. Connected-account tokens are encrypted at rest, sessions are signed, and access is scoped to your team with role-based controls. We retain your data while your account is active; you can delete engagements at any time, and on account closure we delete or anonymise your data within a reasonable period, except where retention is legally required.

Your rights

You can access, correct, export, or delete your data. To exercise any right, or to ask a question about this policy, contact us at support@consu.ltd.

Changes

We may update this policy as the product evolves; material changes will be reflected by the “Last updated” date above.

See also our Terms of Service.