Privacy Policy

1. Introduction

RedLinder AI, Inc. ("we," "our," or "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy describes how we collect, use, process, and safeguard your information when you use our website, mobile application, and services (collectively, the "Service"). This policy also tells you about your privacy rights and how the law protects you.

By using our Service, you acknowledge that you have read and understood this Privacy Policy and agree to the collection, use, and disclosure of your information as described herein.

2. Information We Collect

2.1 Information You Provide

• Account Information: Name, email address, password, company name, job title
• Profile Information: Profile picture, bio, preferences, settings
• Document Content: Contracts, legal documents, files, and any text or data you upload
• Payment Information: Billing address, payment method details (processed by third-party providers)
• Communications: Messages, feedback, support requests, survey responses
• Legal Documents: Any contracts, NDAs, agreements, or legal content uploaded for analysis

2.2 Information Automatically Collected

• Usage Data: Features used, time spent, click patterns, document analysis history
• Device Information: IP address, browser type, operating system, device identifiers
• Log Data: Server logs, error reports, performance metrics, security events
• Cookies and Tracking: Session cookies, analytics cookies, preference cookies
• Location Data: General geographic location based on IP address

2.3 Information from Third Parties

• Authentication Services: Google, Microsoft, or other OAuth providers
• Payment Processors: Stripe, PayPal, or other payment service providers
• Analytics Providers: Google Analytics, Mixpanel, or similar services
• Security Services: Fraud detection, bot protection, security monitoring

3. How We Use Your Information

3.1 Primary Purposes

• Service Provision: Provide, operate, maintain, and improve our AI-powered document analysis services
• Document Processing: Analyze legal documents, contracts, and agreements using artificial intelligence
• Account Management: Create and manage user accounts, authenticate users, provide customer support
• AI Training: Improve our AI models and algorithms (using anonymized, aggregated data only)
• Communication: Send service-related communications, updates, security alerts, and support messages

3.2 Legal Bases for Processing (GDPR)

• Contract Performance: Processing necessary to perform our contract with you
• Legitimate Interests: Improving our services, security, fraud prevention, analytics
• Consent: Where you have given specific consent for certain processing activities
• Legal Obligation: Compliance with legal requirements, court orders, regulatory obligations

3.3 Marketing and Analytics

We may use your information for:

• Sending marketing communications (with your consent or where legally permitted)
• Analyzing usage patterns to improve our services
• Conducting research and development for new features
• Personalizing your experience and recommendations

4. Information Sharing and Disclosure

4.1 We Do Not Sell Personal Data

We do not sell, trade, or rent your personal information to third parties for monetary consideration.

4.2 Limited Sharing Circumstances

• Service Providers: Third-party vendors who assist in providing our services (hosting, analytics, payment processing)
• Business Transfers: In connection with mergers, acquisitions, or sale of assets (with notice)
• Legal Requirements: When required by law, court order, or to protect our rights and safety
• Consent: When you explicitly consent to sharing with specific third parties
• Emergency Situations: To protect the safety of users or the public

4.3 Document Confidentiality

Your uploaded documents and legal content are treated as strictly confidential. We implement attorney-client privilege protection measures and do not share document content except as necessary to provide our AI analysis services or as required by law.

5. Data Security and Protection

5.1 Security Measures

• Encryption: Data encrypted in transit (TLS 1.3) and at rest (AES-256)
• Access Controls: Role-based access, multi-factor authentication, principle of least privilege
• Infrastructure: Secure cloud hosting with enterprise-grade security controls
• Monitoring: 24/7 security monitoring, intrusion detection, vulnerability scanning
• Compliance: SOC 2 Type II, ISO 27001, and other security certifications

5.2 Data Breach Response

In the event of a data breach affecting personal information, we will notify affected users and relevant authorities within 72 hours as required by applicable law, including GDPR and state privacy laws.

6. Data Retention and Deletion

6.1 Retention Periods

• Account Data: Retained while your account is active and for 90 days after deletion
• Document Content: Retained as per your subscription plan or until deletion request
• Usage Logs: Retained for 24 months for security and analytics purposes
• Payment Records: Retained for 7 years for tax and accounting purposes
• Legal Requirements: Some data may be retained longer to comply with legal obligations

6.2 Data Deletion

You may request deletion of your personal data at any time. We will delete your data within 30 days of your request, except where retention is required by law or for legitimate business purposes.

7. Your Privacy Rights

7.1 General Rights

• Access: Right to access your personal data and processing activities
• Rectification: Right to correct inaccurate or incomplete data
• Erasure: Right to deletion of your personal data ("right to be forgotten")
• Portability: Right to receive your data in a structured, machine-readable format
• Restriction: Right to restrict processing of your personal data
• Objection: Right to object to processing based on legitimate interests

7.2 California Privacy Rights (CCPA/CPRA)

California residents have additional rights:

• Right to know what personal information is collected and how it's used
• Right to delete personal information
• Right to opt-out of the sale of personal information
• Right to non-discrimination for exercising privacy rights
• Right to correct inaccurate personal information
• Right to limit use of sensitive personal information

7.3 How to Exercise Your Rights

To exercise any of these rights, contact us at privacy@redlinder.com or use our in-app privacy controls. We will respond to verified requests within 30 days (or as required by applicable law).

8. International Data Transfers

We primarily process data in the United States. For users outside the US, we implement appropriate safeguards for international transfers, including:

• Standard Contractual Clauses (SCCs) approved by the European Commission
• Adequacy decisions where available
• Binding Corporate Rules for intra-group transfers
• Other approved transfer mechanisms under applicable law

9. Children's Privacy

Our Service is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16, we will take steps to delete such information promptly.

10. Cookies and Tracking Technologies

10.1 Types of Cookies

• Essential Cookies: Required for basic website functionality
• Analytics Cookies: Help us understand how you use our service
• Preference Cookies: Remember your settings and preferences
• Marketing Cookies: Used for targeted advertising (with consent)

10.2 Cookie Management

You can manage cookie preferences through your browser settings or our cookie consent manager. Note that disabling certain cookies may limit service functionality.

11. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or other factors. Material changes will be communicated through:

• Email notification to registered users
• Prominent notice on our website
• In-app notifications

Continued use of our Service after changes become effective constitutes acceptance of the revised Privacy Policy.

12. Contact Information

13. Legal Disclaimers