Privacy Policy

This Privacy Policy explains how R:AIDE Technologies ("R:AIDE") collects, uses, stores, and protects your data when you use the R:AIDE platform at raide.app. R:AIDE is committed to being transparent about data practices. This policy is written in plain language so you can understand exactly what happens with your information.

1. What R:AIDE Collects

a) Account Data (you provide)

• Name and email address
• Password (stored as a cryptographic hash, never in plain text)
• Business name, description, and website
• Ideal customer profile (ICP) segments and targeting criteria
• Outreach tone preferences
• Pricing tier selection

b) Credentials (for service functionality)

• IMAP email credentials (encrypted at rest using AES-256; used to send outreach from your email accounts)
• Third-party API keys you provide (BYOK), such as Anthropic or Google API keys (encrypted at rest using the same standard)

c) Lead Data (from public sources)

R:AIDE gathers lead information from publicly available registries and government databases. This may include:

• Names, job titles, and business names
• Business addresses and phone numbers
• Professional license numbers and credentials
• Business classification and industry data

d) Usage Data

• R:AIDE uses PostHog for product analytics. This includes pages visited, features used, and session data.
• Browser type, device type, and IP address

e) Billing Data

Payment processing is handled entirely by Stripe. R:AIDE does not store your credit card number, CVV, or full card details. Stripe provides R:AIDE with your name, email, and subscription status for billing management.

f) Voice Call Data

• Call recordings, transcripts, and duration
• Caller and recipient phone numbers
• AI-generated call summaries and extracted action items

g) SMS Data

• Message content (inbound and outbound)
• Phone numbers of senders and recipients
• Delivery status and opt-out signals (e.g., STOP messages)

h) Consent Records

• Phone numbers associated with consent
• Consent timestamps and the exact consent text presented
• IP addresses at time of consent
• Collection method (web form, verbal, written)

2. How R:AIDE Uses Your Data

R:AIDE uses the data it collects for the following purposes:

• To provide the service: lead discovery, ICP scoring, AI message generation, and email sending
• To process AI-generated outreach: your business descriptions, ICP profiles, and lead data are sent to third-party AI models to generate personalized messages
• To manage billing: process payments, manage subscriptions, and enforce tier limits
• To improve the service: analyze usage patterns to fix bugs, improve performance, and develop new features
• To communicate with you: send account-related notifications, billing receipts, and service updates
• To process voice calls: voice recordings are processed by AI to extract call summaries, action items, and lead information
• To manage SMS communications: SMS content is processed for opt-out detection (STOP signals) and delivery confirmation
• To maintain consent records: consent records are retained for legal compliance (minimum 4 years per TCPA safe harbor requirements)

3. AI Processing

This section is important. R:AIDE uses third-party AI services to generate outreach messages. Here is exactly what that means for your data:

• Your business descriptions, ICP profiles, and lead data are sent to Anthropic (Claude) and Google (Gemini) for message generation.
• These providers process your data under their own privacy policies and data processing agreements.
• Anthropic's commercial API does not use customer inputs for model training, per their data usage policy.
• R:AIDE does not use your data to train any AI models.
• Credentials and billing information are never sent to AI providers. Only the data necessary for message generation (business context and lead details) is transmitted.
• Voice call transcripts are sent to the same AI providers (Anthropic Claude, Google Gemini) for summarization and action item extraction.
• Call recordings are stored securely and are never shared with third parties beyond the AI processing described above.
• AI-generated voice calls disclose their AI nature at the start of every call, in compliance with FCC regulations.

4. Third-Party Services

R:AIDE relies on the following third-party services. Each has access to specific categories of your data as described below:

5. Data Retention

• Account data: retained while your account is active, plus 30 days after cancellation, then permanently deleted
• Lead data: retained while your account is active, deleted 30 days after cancellation
• Credentials: deleted immediately when you remove them from your account or when your account is closed
• Billing records: retained as required by applicable tax and financial regulations
• Analytics data: retained per PostHog's default retention settings
• Voice recordings: retained for 90 days, then permanently deleted (unless you request longer retention)
• SMS messages: retained for the duration of your subscription plus 30 days
• Consent records: retained for 5 years per TCPA compliance requirements
• DNC/suppression records: retained for 5 years per FTC Telemarketing Sales Rule requirements

6. Data Security

R:AIDE implements the following security measures to protect your data:

• Encryption at rest: AES-256 encryption for all stored credentials (IMAP passwords, API keys)
• Encryption in transit: HTTPS everywhere via Cloudflare SSL
• Database security: Row-level security (RLS) in Supabase, ensuring users can only access their own data
• Access controls: Authentication required for all account operations

No system is perfectly secure. R:AIDE takes reasonable measures to protect your data but cannot guarantee absolute security.

7. Your Rights

Regardless of where you are located, you can:

• Access the data R:AIDE holds about you
• Correct inaccurate data in your account
• Delete your data by closing your account
• Export your data in a portable format
• Opt out of voice/SMS immediately. Voice and SMS opt-out requests are honored immediately (not the 10 business days typical for email unsubscribes).

SMS STOP signals: Replying STOP to any SMS message from R:AIDE automatically and immediately suppresses all future SMS and voice contact to that number. No further action is required.

GDPR Rights (European Union)

If you are in the EU, you also have the right to:

• Restrict processing of your data
• Request data portability
• Object to processing of your data
• Lodge a complaint with your local data protection authority

CCPA Rights (California)

If you are a California resident, you have the right to:

• Know what personal information is collected about you
• Request deletion of your personal information
• Opt out of the sale of your personal information (R:AIDE does not sell personal information)

To exercise any of these rights, use the self-service data deletion form or contact R:AIDE at hello@raide.app.

8. Lead Data (Non-Customer Data)

R:AIDE processes professional contact information from publicly available directories and registries. If you are not a R:AIDE customer but your information appears in R:AIDE's lead data, here is what you should know:

• Your information was sourced from a public professional directory or government registry.
• R:AIDE customers may use this information to send you professional outreach.
• R:AIDE does not sell lead data to third parties.
• You can request removal of your information using the data deletion request form or by contacting hello@raide.app. R:AIDE will process removal requests within 45 days.

9. Cookies and Tracking

R:AIDE uses a limited set of cookies and tracking technologies:

• PostHog: product analytics cookies for understanding how users interact with R:AIDE
• Authentication: session cookies to keep you logged in

R:AIDE does not use third-party advertising cookies. R:AIDE does not participate in ad networks or retargeting programs.

10. Chrome Extension

R:AIDE offers an optional Chrome Extension that enhances the platform experience. The extension requires certain browser permissions to function. Each permission is used solely for providing R:AIDE's features and is described during installation. You can review and revoke permissions at any time in your browser settings.

The extension stores preferences and configuration locally on your device. R:AIDE does not collect or store your platform passwords. You can disconnect any connected platform at any time through the R:AIDE dashboard.

11. International Transfers

Your data is stored and processed in the United States. R:AIDE uses US-based regions for Supabase (database) and Vercel (hosting). If you are accessing R:AIDE from outside the United States, your data will be transferred to and processed in the United States.

12. Children

R:AIDE is not directed at anyone under the age of 18. R:AIDE does not knowingly collect personal information from anyone under 18. If R:AIDE becomes aware that a user is under 18, that account will be terminated and the associated data deleted.

13. Changes to This Policy

R:AIDE may update this Privacy Policy from time to time. When changes are made, the updated policy will be posted on this page with a revised "Last updated" date.

For material changes that significantly affect how your data is collected or used, R:AIDE will notify you by email. Continued use of R:AIDE after the effective date of an updated policy constitutes acceptance.

14. Contact