← Back to HelmDesk

Privacy Policy

Effective date: July 1, 2026. This policy covers HelmDesk, the internal service desk used by Sails Software employees.

Who this applies to

HelmDesk is an internal tool for Sails Software employees and contractors, accessible only after signing in with your company Microsoft/Azure AD account. It is not a public product, and this policy does not apply to anyone outside the organization.

What we collect

  • Account details from your company sign-in: name, email, and role.
  • Support requests you raise: ticket content, messages, attachments, and status history.
  • Workplace preferences you choose to set: work location, timezone, work format, meal preference, and transport enrollment.
  • Workflow submissions: structured requests you submit (e.g. expense reimbursements, software requests) and their approval history.
  • Usage metadata: timestamps, department routing, and audit trail entries needed to operate and troubleshoot the service.

How we use it

Solely to operate the service desk: triaging and routing your requests to the right team, tracking approvals, keeping you informed of status changes, and improving support quality. Some requests are first read by an AI assistant (via a configured language-model provider) to help triage and suggest next steps before a human agent is involved — no data is used to train external models.

Who can see it

Access is restricted by role and department: support agents and administrators can see requests routed to their team; department approvers see only what's relevant to their approval step. Internal notes on a ticket are visible to staff only, never to the requester. We do not sell or share your data with third parties outside of the services required to run HelmDesk (e.g. Microsoft Azure AD for sign-in, email delivery for notifications, and — where enabled — Microsoft Teams for activity notifications).

Storage and retention

Data is stored on infrastructure managed by Sails Software and retained for as long as needed to provide support history and meet internal record-keeping requirements. Contact your IT administrator if you need a copy of your data or have it removed, subject to legitimate business retention needs (e.g. audit trails).

Questions

Contact your IT or HR team, or [insert internal privacy contact email], with any questions about this policy or your data.