Privacy Policy

1.1 Information You Provide Directly

• Account Registration: Name, email address, company name, job title, phone number (optional)
• Payment Information: Credit card details processed by Paddle (not stored by RUDRA-AI - we never see your full card number)
• Discovery and Onboarding: Business context, communication preferences, workflows, strategic objectives, leadership challenges
• Interview Responses: Detailed information about work style, decision-making processes, business contexts, team dynamics collected via AI-powered voice interview
• Communications: Email correspondence, support tickets, call recordings (with explicit permission and notification)
• Feedback and Surveys: Optional feedback about services, satisfaction ratings, feature requests

1.2 Information Collected Automatically

• Usage Data: Pages visited, features used, time spent, interaction patterns, interview progress
• Device Information: Browser type, device type, operating system, screen resolution, IP address
• Cookies and Tracking: Essential cookies for authentication and preferences, analytics cookies for usage patterns (see Section 9)
• Log Data: Server logs including timestamps, URLs accessed, error messages, API calls

1.3 Information from Third Parties

• Payment Processor (Paddle): Transaction confirmations, payment status, billing history
• AI Platforms: Usage data from OpenAI, Anthropic, or Google if you grant permission for analytics
• Calendar Integrations: Meeting availability if you enable calendar integration for scheduling (optional)
• Email Integrations: Email metadata for automation workflows if you enable email integration (Chief of Staff/VIP plans only)

2.1 Service Delivery

• Creating custom AI systems: Master Prompts, System Prompts, and AI Assistants tailored to your needs
• Personalizing AI outputs to match your communication style and decision-making preferences
• Platform setup and configuration in your ChatGPT, Claude, or Gemini account
• Training and onboarding sessions to ensure successful implementation
• Ongoing support, optimization, and system updates (if on retainer plan)

2.2 Communication

• Sending service-related emails: purchase confirmations, interview scheduling, delivery notifications
• Responding to inquiries and support requests via email or scheduled calls
• Scheduling onboarding calls, training sessions, and sending calendar reminders
• Providing updates about service progress, new features, and platform capabilities
• Sending newsletters and promotional emails (with opt-in consent only - you can unsubscribe anytime)

2.3 Improvement and Analytics

• Analyzing usage patterns to improve service quality and user experience
• Identifying bugs, technical issues, and areas for optimization
• Developing new features based on aggregate usage data and feedback
• Testing and optimizing system performance, interview flow, and deliverable quality
• Creating anonymized case studies showcasing results (only with explicit written permission)

2.4 Legal and Security

• Complying with legal obligations, tax requirements, and regulatory compliance
• Preventing fraud, abuse, and unauthorized access to accounts
• Enforcing our Terms of Service and investigating violations
• Protecting our intellectual property and proprietary methodologies
• Responding to legal requests: subpoenas, court orders, government inquiries

2.5 Marketing (with consent)

• Sending promotional emails about new services and features (opt-in required - never automatic)
• Creating anonymized case studies showcasing time savings and results (explicit permission required)
• Testimonials and referral programs (only with written client approval)

3.1 Third-Party Service Providers

We share data with trusted third-party providers who help us deliver services. All providers are bound by confidentiality agreements or their own privacy policies:

3.2 Legal Requirements

• Government agencies if required by law, subpoena, or court order
• Law enforcement if necessary to comply with legal obligations or protect rights
• RUDRA-AI will notify you of legal requests unless prohibited by law or court order

3.3 Business Transfers

• In event of merger, acquisition, or sale of business assets, your data may be transferred to acquiring entity
• You will be notified via email before any transfer occurs
• All privacy protections will remain in effect under new ownership

3.4 With Your Consent

• Anonymized case studies (only with explicit written permission - we will always ask first)
• Testimonials and success stories (only with written approval)
• Referral programs (only if you opt in)

3.5 Never Shared

4.1 Security Measures

We implement enterprise-grade security measures to protect your information:

• Encryption in Transit: TLS/SSL encryption for all data transmission between your device and our servers
• Encryption at Rest: Database encryption for all stored data (interview responses, deliverables, account info)
• Access Controls: Role-based permissions, multi-factor authentication for team access
• Regular Security Audits: Automated vulnerability scanning and security updates
• Secure Backup Systems: Encrypted backups with redundancy for disaster recovery
• Employee Training: All team members sign NDAs and receive confidentiality training

4.2 Payment Security

• All payments processed through PCI-DSS Level 1 compliant Paddle
• RUDRA-AI does not store credit card numbers or CVV codes
• Payment data encrypted and securely transmitted via Paddle's infrastructure
• Tokenization used for recurring billing (no raw card data stored)

4.3 Third-Party Platform Security

Your interview data is processed by AI platforms (OpenAI, Anthropic, Google) subject to their security policies. RUDRA-AI cannot control third-party platform security measures. We recommend reviewing their privacy policies:

• OpenAI: openai.com/privacy
• Anthropic: anthropic.com/privacy
• Google: policies.google.com/privacy

4.4 Limitations

5.1 Active Service Period

• All client data retained throughout active service relationship
• Data accessible to you through account dashboard
• Regular automated backups maintained for disaster recovery

5.2 Post-Cancellation Retention

90-day retention period after cancellation or termination

This retention period allows for:

• Service reactivation if you change your mind
• Dispute resolution and refund processing
• Final deliverable access and data export requests

5.3 Backup Systems

• Backups may retain data for additional 30 days after 90-day period
• Total maximum retention: 120 days after cancellation
• Backup retention necessary for system integrity and disaster recovery

5.4 Permanent Deletion

After 120 days:

• All client data permanently deleted from production systems
• All backups containing your data purged
• Deletion is irreversible - data cannot be recovered
• Deletion applies to: interview data, deliverables, communications, account information

5.5 Immediate Deletion Requests

You may request immediate data deletion upon cancellation:

• Request must be submitted in writing to legal@rudra-ai.com
• Data deleted from production systems within 30 days of request
• Backups purged within 60 days of request
• Immediate deletion waives your ability to request data export or reactivation

5.6 Legal Retention

• Some data may be retained longer if required by law (tax records, financial data - typically 7 years in India)
• Anonymized, aggregated analytics data may be retained indefinitely (no personally identifiable information)
• Data involved in legal disputes retained until resolution

6.1 Access and Portability

• Right to access all personal data RUDRA-AI holds about you
• Right to receive data in portable format (PDF, CSV, JSON)
• Request data export by emailing legal@rudra-ai.com
• Export fulfilled within 14 business days

6.2 Correction and Updates

• Right to correct inaccurate personal information
• Update information through your account dashboard settings
• Or email contact@rudra-ai.com for assistance

6.3 Deletion

• Right to request deletion of your personal data
• Deletion requests honored per Section 5.5 timeline
• Some data may be retained if legally required (tax records, dispute resolution)

6.4 Opt-Out of Marketing

• Unsubscribe from marketing emails via link in email footer (every marketing email has unsubscribe link)
• Opt-out processed within 48 hours
• Service-related emails (confirmations, deliverables, support) cannot be opted out while using service (required for service delivery)

6.5 Cookie Preferences

• Essential cookies (authentication, session management, preferences) cannot be disabled (required for website functionality)
• Analytics cookies can be disabled via browser settings
• Disabling certain cookies may affect website functionality and user experience

6.6 Third-Party Platform Rights

Your data shared with AI platforms (OpenAI, Anthropic, Google) is subject to their privacy policies. You should:

• Review and exercise rights under third-party policies separately
• RUDRA-AI cannot control or exercise rights on your behalf with third-party platforms
• Contact third parties directly for data requests related to their processing

9.1 Types of Cookies Used

• Essential Cookies: Authentication, session management, security (cannot be disabled - required for website to function)
• Preference Cookies: Language settings, dark mode preference, layout customization
• Analytics Cookies: Usage patterns, page views, feature engagement (can be disabled via browser settings)

9.2 Third-Party Cookies

• Paddle (payment processing) may set cookies for checkout and payment processing
• AI platforms may set cookies if you directly access them (OpenAI, Anthropic, Google)
• Analytics providers may set cookies if we use third-party analytics tools

9.3 Cookie Control

• Manage cookies through your browser settings (Chrome, Firefox, Safari, Edge all support cookie management)
• Essential cookies required for service functionality (cannot be disabled without breaking the website)
• Disabling certain cookies may impair website experience and prevent use of key features

10.1 Right to Know

You have the right to request information about:

• Categories of personal information we collect
• Sources of personal information
• Purposes for collecting and sharing personal information
• Categories of third parties with whom we share information

10.2 Right to Delete

• You can request deletion of your personal information
• Exceptions apply for legally required retention (tax records, dispute resolution)

10.3 Right to Opt-Out

10.4 Non-Discrimination

RUDRA-AI will not discriminate against you for exercising CCPA rights. No denial of service, different pricing, or different service level for exercising your rights.

10.5 Exercising CCPA Rights

• Email legal@rudra-ai.com with "CCPA Request" in subject line
• Verification may be required to confirm your identity
• Response provided within 45 days (may extend to 90 days with notice for complex requests)

11.1 Legal Basis for Processing

We process your data based on:

• Contract Performance: Service delivery requires processing your data
• Legitimate Interests: Service improvement, security, analytics
• Legal Obligations: Compliance with tax laws, court orders, regulations
• Consent: Marketing communications, case studies, testimonials

11.2 Your GDPR Rights

• Right of Access: Obtain copy of your personal data
• Right to Rectification: Correct inaccurate data
• Right to Erasure: Request deletion ("right to be forgotten")
• Right to Restrict Processing: Limit how we use your data
• Right to Data Portability: Receive data in portable format to transfer to another service
• Right to Object: Object to processing based on legitimate interests
• Rights Related to Automated Decision-Making: We do not make solely automated decisions with legal/significant effects

11.3 Data Protection Officer

• Contact legal@rudra-ai.com for data protection inquiries
• All inquiries answered within 30 days (may extend to 60 days for complex requests with notice)

11.4 Supervisory Authority

You have the right to lodge a complaint with your local data protection authority in your EU/EEA country if you believe we have violated your privacy rights.

12.1 Updates to Policy

• RUDRA-AI may update this Privacy Policy periodically
• Material changes communicated via email with 30 days advance notice
• Continued use after effective date constitutes acceptance of changes
• Non-material changes (typos, clarifications, formatting) effective immediately

12.2 Notification of Changes

• Email notification sent to your registered email address
• Updated policy posted on website with revised "Last Updated" date
• Notification banner displayed on platform for 30 days after material changes

12.3 Review Recommendations

• We encourage you to review this Privacy Policy periodically
• Archived versions available upon request to legal@rudra-ai.com