Skip to main content
pulse
Talk to founder
no-surveillance pledge · v3.2 · last revised jun 2026

Eleven things Pulse will never do.

A pledge without proof is marketing. So below the pledge, the receipts. We can only revise this page upward, adding stricter clauses, never weakening one, and any change ships with 30 days’ public notice.

Eleven things we will never do

  1. 01

    We will never sell, rent, or barter customer data.

    Not to advertisers, not to data brokers, not to “research partners,” not to private-equity acquirers as part of a deal. There’s no scenario in our business model that depends on selling data. If we’re acquired, this clause survives the acquisition or we’ll wind the product down honourably.

  2. 02

    We will never train foundation models on your content.

    Not on your prompts, not on the sources Pulse retrieves, not on your map graph. Inference goes to Anthropic and OpenAI under API terms that bar training on the traffic we send; the part that learns from your feedback runs only inside your own workspace. Your team’s writing does not become anyone else’s model.

  3. 03

    We will never combine data across companies for product features.

    “Other companies like yours also do X” is not a feature we will build. Your search index, the part that learns from your feedback, and your map graph all live in your workspace alone, never pooled with anyone else’s.

  4. 04

    We will never read your data to “improve the product.”

    There is no support switch in the application that reads around the permission engine. Debugging on a customer report happens with the customer’s explicit consent and leaves a record in the audit log. The one break-glass path that exists in the product, a time-limited personal-data access grant, notifies the person affected and is audited under a 7-year retention rule.

  5. 05

    We will never include third-party trackers on Pulse properties.

    No Google Analytics, no Meta Pixel, no LinkedIn Insight tag, no Hotjar, no FullStory, no Segment-into-twelve-vendors. Our marketing site sets only first-party cookies, listed name by name at /cookies, plus cookieless aggregate page counts processed by Vercel. Our app uses zero third-party scripts on the auth-walled pages.

  6. 06

    We will never add a feature that surveils users for their employer.

    Pulse is not a productivity surveillance tool. We will not build screen monitoring, keystroke or typing-speed tracking, location tracking, per-user “engagement scores,” or per-person sentiment readouts: message tone feeds team-level trends only, with a five-sender minimum, and no individual’s sentiment is ever shown to anyone. No individual productivity score or ranking is delivered to managers. Pulse does show work context: a person’s page carries what they own, their recent activity across tools, and an activity heatmap, and that exact view is visible to every workspace member equally, including the person it describes. Transparency, not a manager-only lens. Recognition (karma) is a thank-you ledger with no rankings. Managers get a work-state briefing of their reports (what each owns, owes, is blocked on, and is deciding), scoped to what they can already access: a memory aid, not measurement. Customers have asked us for the measurement kind. We have said no.

  7. 07

    We will never retain data after deletion.

    Deletion is real and verifiable. Within 30 days we delete from primaries, replicas, and backups, and confirm the deletion in writing. The only carve-out is statutory billing retention (7 years), which is metadata, not content.

  8. 08

    We will never hand over data without a valid legal order.

    We push back on overbroad requests. We require valid process for the jurisdiction, scope it to the minimum necessary, and notify the affected customer unless legally prohibited. Where prohibited, we deploy our warrant canary so the absence speaks where the words can’t.

  9. 09

    We will never dark-pattern users into more data sharing.

    If a setting controls something privacy-relevant, the more-private option is the default, the language is plain, and we don’t shame you for choosing it. No “you’re missing out” modals. No nags after you decline. No re-prompts in 30 days.

  10. 10

    We will never ship a backdoor for any government.

    Not for the US, not for the EU, not for any signatory of any treaty. Our permission system has no internal-only mode that bypasses your policy. The same scope limits apply to our support staff and engineers as to any third-party app. We will fight, in court, any order that compels us to add one.

  11. 11

    We will never let this pledge erode silently.

    We can only revise this page upward, adding stricter clauses, never weakening one. If we genuinely need to change a clause, we’ll publish the proposed change, the reasoning, and the diff at least 30 days before it takes effect.

The receipts

Ten things we’ve published or done that demonstrate the pledge isn’t aspirational.

Receipt 01

Model-provider terms, stated plainly.

Anthropic and OpenAI do not train on the API traffic we send, under their standard API terms. Both may retain inputs briefly (up to 30 days) for abuse monitoring before deletion. Zero-data-retention agreements are on our negotiation list as volume grows; none is signed yet, and we will not claim one until it is.

see DPA, Annex IIstatus: standard API terms
Receipt 02

The audit log is yours to pull, not just ours.

Every Pulse action is recorded; admins can page the full log out through /v1/audit, filtered by actor or time window, into Splunk, Datadog, Elastic, or S3. Real-time SIEM streaming is on the Enterprise roadmap. Our records and yours match.

Security · auditsince v1.0
Receipt 03

Quarterly transparency reports, on a committed cadence.

Once we have meaningful volume we publish, every quarter, counts of: legal-process requests received, requests refused, requests narrowed, requests complied with, customers notified, customers we couldn’t notify (by jurisdiction). See the Transparency report section below for the current status.

policy · quarterlyfirst report: TBD
Receipt 04

Deals we’ll walk away from.

Prospects ask us to add productivity-surveillance features. The answer is no, even when it costs us the deal; declining is part of the product, not a policy footnote.

standing policyno exceptions
Receipt 05

The design behind the guarantees.

The permission engine is fail-closed and every tenant-scoped query carries your workspace id, so the system cannot grant access it wasn’t given and one company’s data cannot reach another’s. The audit log is written through a single chokepoint with no in-product edit path; a cryptographic hash chain over audit records is on the roadmap, not yet shipped.

trust packfail-closed
Receipt 06

Web research is opt-in and never leaks workspace data.

When a workspace admin enables the public-web fallback (off by default, demo workspaces hard-blocked), only the user's question is sent to OpenAI's Responses API under the same no-training API terms as the rest of our inference. Workspace content, citations, ACL-scoped data, and user identifiers never flow out. Voice asks the user verbally before searching; Ask requires an explicit click. Citations are labelled separately so a web result is never confused with team knowledge.

since v1.17audit: research.web
Receipt 07

Expert finder respects confidential mode at scoring time, not just read time.

When the Expert Finder, Voice, Ask, or MCP surfaces a teammate as a likely expert on a topic, the rank that put them there is computed only from non-confidential evidence. Confidential docs are filtered out by a weekly job before any score is written, so the result cannot disclose a name attached to confidential work, by design. Marking a doc confidential drops any rank contribution from it on the next pass; the count of skipped contributions is shown on the admin people page for transparency.

since v1.18audit: expert.found
Receipt 08

Auto-captured sessions stay private to you, enforced on the server.

The opt-in Claude Code SessionEnd hook and the optional capture daemon push finished AI coding sessions to your workspace. Every auto-pushed document is forced to private on the server, no matter what the client sends, and scoped to you alone. A teammate cannot read your auto-captured sessions until you explicitly share one. The /app/captured page badges each row so you can tell auto-pushed from manually-sent before sharing.

since v1.26audit: auto_capture.session_ingested
Receipt 09

Pulse Network publishes recipes, not data, and only after a nine-check scan passes.

Publishing Skills and Playbooks to other companies runs through a de-identifier that drops anything not explicitly allowed (new fields default to private) and a pre-publish scan that auto-blocks on private-channel sources, confidential docs, deleted items, credential patterns, personal data, internal Notion/Jira/Linear/GitHub URLs, S3 paths, Slack channel references, private entity names, plain-text body matches, bundled files, and Playbook step placeholders. The kill switch is OFF by default; an admin opts in at /app/admin/network. Forked items arrive private to whoever forked them.

since v1.26audit: network.published
Receipt 10

Stewardship tracks team health, never a per-person score.

Stewardship gives each important fact one accountable owner who keeps it correct over time, but its health view is workspace totals only: how many facts are owned, unowned, stale, or in conflict, and the median time to refresh. No per-person breakdown, no productivity ranking, no manager dashboard, by design; a test fails the build if a per-person grouping is ever added. A human always decides what's true, the system only ever suggests an inert draft and never changes a fact's value on its own.

since v1.27audit: stewardship.*

Transparency report

Pulse is in early access. We have not received any government requests for customer data. Our first transparency report will publish here once we have meaningful volume, on a quarterly cadence, with jurisdictional breakdowns for everything we’re legally allowed to disclose.

first report

The four metrics we will track from day one: requests received, requests refused or narrowed, customers notified, and backdoors added (which will always read zero, because if it ever doesn’t, the warrant canary below disappears first).

Warrant canary · coming at launch

Some legal processes prohibit a company from telling its users they exist. A canary is a public statement updated on a fixed schedule; if the statement disappears or stops updating, users can infer that something the company was not allowed to disclose has happened. Pulse will publish its first canary at launch, signed by both founders, refreshed on the 1st and 15th of every month. Below is the template; the signed version will live at pulsehq.tech/canary.txt.asc once it’s real.

[ warrant canary · pulsehq.tech · TEMPLATE ]

As of <date>, Pulse has:

  · Received zero National Security Letters that
    we cannot disclose under §2709(c) of 18 U.S.C.
  · Received zero FISA orders, including under
    50 U.S.C. §1801 et seq.
  · Received zero gag orders preventing us from
    disclosing the existence of legal process.
  · Made no code changes that bypass the policy
    engine's scope checks for any party.

Signed (PGP, fingerprints below):
  Apoorv Jain  · Co-founder
  Manav Jain   · Co-founder

Next refresh: <next refresh date>.

We are not building surveillance.

If you’re looking for productivity scoring, employee monitoring, or per-person sentiment dashboards, we’re not the right tool. We’re proud of that.

Talk to founderRead security docs