Privacy Policy

This privacy policy explains how Rendraft ("we", "us", or "our") collects and processes personal data through your use of the Service at rendraft.com.

The Service is not intended for children under 18, and we do not knowingly collect data from minors.

If you have any questions about this policy or how we handle your data, please contact us at contact@rendraft.com.

We may update this policy periodically. We encourage you to review it before each visit. If we make significant changes, we will notify you by email or via an in-app notice.

We may collect and process the following categories of personal data:

• Identity Data: Name (provided via Google sign-in or account registration)
• Contact Data: Email address
• Transaction & Financial Data: Subscription level, payment method, and transaction history (processed via Stripe)
• Technical Data: IP address, browser type and version, device type, operating system, and time zone
• Usage Data: How you interact with the Service and daily usage counts (e.g. number of rewrites used)

We do not collect special category data such as race, ethnicity, religious beliefs, sexual orientation, health information, or biometric data.

We collect data through the following methods:

Direct Interactions: When you create an account, purchase a subscription, contact support, or provide feedback.

Automated Technologies: As you use the Service, we automatically collect Technical and Usage Data via cookies, server logs, and similar technologies.

Third Parties: We receive data from payment processors (Stripe), analytics providers (Google Analytics), and authentication providers (Google OAuth).

We use your personal data for the following purposes:

• Account Registration: To create and manage your account (contract performance)
• Payment Processing: To manage subscriptions and billing (contract performance)
• Service Delivery: To provide AI writing assistance and related features (contract performance)
• Customer Support: To respond to your enquiries and resolve issues (legitimate interests)
• Service Improvement: To analyse usage patterns and improve the Service (legitimate interests)
• Security & Fraud Prevention: To protect our users and Service (legitimate interests / legal obligation)

We will only use your personal data for purposes for which it was collected, unless we reasonably determine another purpose is compatible. We will notify you of any material change in purpose.

We may share your data with the following third parties:

• Infrastructure: Amazon Web Services and Cloudflare (hosting and security)
• Payments: Stripe (payment processing)
• Analytics: Google Analytics (usage insights)
• AI Processing: Google (Gemini API for AI text generation)
• Professional Services: Lawyers, accountants, and insurers as required

We do not allow third-party service providers to use your personal data for their own purposes. We may also disclose data to law enforcement or regulatory bodies when required by law.

Some of our third-party providers (such as Stripe, Cloudflare, and AWS) may process data outside your country of residence. In such cases, we ensure appropriate safeguards are in place, including standard contractual clauses and transfers only to countries deemed adequate under applicable data protection law.

We have implemented appropriate technical and organizational security measures to protect your personal data from accidental loss, unauthorized access, or disclosure. Access to your data is restricted to personnel with a genuine business need.

We have procedures in place to handle suspected data breaches, and we will notify you and relevant authorities where required by law.

We retain your personal data for as long as reasonably necessary to fulfil the purposes for which it was collected, including to satisfy legal, regulatory, tax, or accounting requirements.

When determining the appropriate retention period, we consider the amount, nature, and sensitivity of the data, the potential risk of harm from unauthorized use, and whether the purposes can be achieved through anonymization.

In some circumstances, we may anonymize your data for research or statistical purposes, in which case it may be retained indefinitely.

We use cookies and similar tracking technologies to enhance your experience on the Service. Cookies are small files stored on your device. You can configure your browser to refuse cookies, but this may limit certain functionality of the Service.

We use cookies for:

• Authentication (keeping you logged in)
• Preference storage (theme, language)
• Analytics (understanding how the Service is used)

Depending on your location, you may have the following rights regarding your personal data:

• Access: Request a copy of the personal data we hold about you
• Correction: Request correction of inaccurate or incomplete data
• Erasure: Request deletion of your personal data where there is no legitimate reason for us to keep it
• Object: Object to processing based on legitimate interests or for direct marketing
• Restriction: Request suspension of processing in certain circumstances
• Portability: Request transfer of your data to you or a third party in a structured format
• Withdraw Consent: Withdraw consent at any time where processing is based on consent

To exercise any of these rights, please email us at contact@rendraft.com. We aim to respond within one month. There is no fee for exercising your rights unless requests are manifestly unfounded or excessive.

If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your data, please contact us:

Email: contact@rendraft.com