How CommandSphere handles your data.

CommandSphere is committed to responsible, privacy-conscious data handling in line with applicable data protection legislation.

Last updated: March 2026

1. Who we are

CommandSphere is an enterprise executive simulation platform. References to "CommandSphere", "we", "us", and "our" in this policy refer to the CommandSphere platform and its operating entity. For queries about how your data is processed, please contact us via the contact page.

2. Data we collect

We collect data necessary to provide the CommandSphere platform and related services. This includes: contact information provided during demo requests, pilot scoping, or enterprise onboarding; account and access credentials for simulation portal environments; simulation session data, decision logs, and preparedness outputs generated during platform use; and communications sent to the CommandSphere team. We do not collect unnecessary personal data and do not use tracking technologies beyond those required for platform security and session management.

3. How we use your data

Data is used solely for platform delivery, enterprise account management, simulation reporting, and service improvement. We do not use participant simulation data, organizational session content, or decision records for AI model training. We do not sell, license, or share personal data with third parties for marketing or commercial purposes.

4. Data roles

CommandSphere acts as data processor for enterprise client organizations. The enterprise client organization retains data controller status for participant data and organizational session content. Data processing agreements are available for enterprise clients upon request.

5. Data retention

Participant data and simulation records are retained for the duration of the enterprise engagement plus a standard 90-day post-contract period. Enterprise administrators may request deletion of organizational data at any time. Full deletion is completed within 30 days of a formal written request.

6. Data security

CommandSphere operates with enterprise-grade security controls including encryption in transit (TLS 1.3) and at rest (AES-256), logical tenant isolation, role-based access control, and comprehensive audit logging. See our Security page for full details.

7. International transfers

Enterprise clients may specify data residency requirements as part of their enterprise agreement. Where data is transferred internationally, CommandSphere applies appropriate transfer mechanisms in accordance with applicable data protection legislation.

8. Your rights

Individuals have the right to request access to, correction of, or deletion of personal data held by CommandSphere. Requests should be directed to the CommandSphere enterprise team via the contact page. We will respond to legitimate requests within 30 days.

9. Changes to this policy

CommandSphere may update this privacy policy from time to time. Material changes will be communicated to enterprise clients with reasonable notice. The current policy version is always available on this page.

For questions about this policy or to submit a data request, contact the CommandSphere team.