Privacy Policy

1. Introduction

ResponsibleAIAudit ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. We comply with GDPR, CCPA, and other applicable data protection regulations.

2. Information We Collect

2.1 Personal Information

We collect information that you provide directly to us:

• Name, email address, and contact information
• Company name and job title
• Account credentials
• Payment and billing information
• Communications with us

2.2 Usage Data

• Scan history and results
• Files uploaded for analysis
• Feature usage and preferences
• Device and browser information
• IP address and location data

2.3 Cookies and Tracking

We use cookies and similar tracking technologies to track activity on our Service and hold certain information. You can instruct your browser to refuse all cookies or indicate when a cookie is being sent.

3. How We Use Your Information

We use the collected information for:

• Providing and maintaining the Service
• Processing your scans and generating reports
• Managing your account and subscription
• Sending you updates and notifications
• Improving our Service and developing new features
• Detecting and preventing fraud and abuse
• Complying with legal obligations
• Analyzing usage patterns and trends

4. Data Sharing and Disclosure

We do not sell your personal information. We may share your information with:

• Service Providers: Third-party vendors who perform services on our behalf
• Payment Processors: Stripe for payment processing
• Analytics Providers: To understand Service usage
• Legal Requirements: When required by law or to protect our rights
• Business Transfers: In connection with a merger or acquisition

5. Data Security

We implement appropriate technical and organizational measures to protect your data:

• Encryption in transit and at rest
• Regular security audits and penetration testing
• Access controls and authentication
• Built on SOC 2 certified infrastructure (Vercel, Supabase)
• Employee training on data protection

6. Data Retention

We retain your personal information for as long as necessary to provide the Service and fulfill the purposes outlined in this Privacy Policy. Scan data and results are retained for 90 days unless you delete them earlier. Account information is retained until you close your account.

7. Your Rights

Depending on your location, you may have the following rights:

• Access: Request a copy of your personal data
• Correction: Update inaccurate or incomplete data
• Deletion: Request deletion of your data
• Portability: Receive your data in a structured format
• Objection: Object to processing of your data
• Restriction: Request restriction of processing
• Withdraw Consent: Withdraw consent at any time

To exercise these rights, contact us at privacy@responsibleaiaudit.com

8. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission.

9. Children's Privacy

Our Service is not intended for children under 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. Material changes will be communicated via email.