Privacy Policy

Effective: March 29, 2026

1. Introduction

RiftShield AI ("we", "us", "our") operates the website riftshield.com and the RiftShield AI platform. This Privacy Policy describes how we collect, use, store, and protect your personal and business data when you use our Service.

By using RiftShield AI, you agree to the practices described in this policy. Please also review our Terms of Service for additional information about your use of the platform.

2. Information We Collect

Account Information

When you create an account, we collect your email address, name, and business details such as company name, industry, and website URL.

Business Data

You may upload or create content within the platform, including FAQs, knowledge base documents, custom AI instructions, and other configuration data used to personalize your AI assistant.

Conversation Logs

We store messages exchanged between your customers and your AI assistant, including chat transcripts, voice call transcriptions, and SMS conversations. These logs are used to deliver the Service, generate analytics, and improve response quality.

Usage Data

We automatically collect information about how you interact with the platform, including page views, feature usage, session duration, and analytics data.

Payment Information

Payment processing is handled entirely by Paddle, our merchant of record. We never receive, store, or have access to your full credit card numbers or bank account details. Paddle provides us with transaction confirmations, subscription status, and billing history.

3. How We Use Your Data

We use the information we collect to:

• Provide, operate, and maintain the RiftShield AI platform
• Process customer conversations through AI providers to generate responses
• Send service-related notifications, updates, and security alerts
• Generate analytics, insights, and reports within your dashboard
• Improve the quality and reliability of our Service
• Prevent fraud, abuse, and unauthorized access
• Comply with legal obligations

4. AI Data Processing

To generate AI-powered responses for your customers, conversation data is transmitted to third-party AI providers, including:

• Anthropic (Claude)
• Google (Gemini)
• OpenAI (GPT)
• xAI (Grok)

These providers process conversation data solely to generate responses within the Service. Each provider operates under their own privacy policies and data processing agreements.

We do NOT use your data to train AI models. Your business data and customer conversations are never used for model training, fine-tuning, or any purpose beyond delivering the Service to you.

We do NOT sell your data. Your personal information, business data, and conversation logs are never sold, rented, or traded to third parties for marketing or advertising purposes.

5. Third-Party Services

We work with the following third-party service providers:

• Paddle — Payment processing, merchant of record. Handles billing, taxes, currency conversion, and payment compliance.
• Twilio — Voice call and SMS delivery infrastructure. Processes phone numbers and message content to facilitate communication.
• Anthropic, Google, OpenAI, xAI — AI response generation. Processes conversation data as described in Section 4.

Each third-party provider operates under their own privacy policy and is contractually obligated to protect your data.

6. Data Retention

We retain your data according to the following schedule:

• Account data — Retained while your account is active and for 30 days after account closure to allow for reactivation
• Conversation logs — Retained for 90 days after account closure, then permanently deleted
• Business data — Deleted upon account closure and completion of the retention period
• Usage analytics — Aggregated and anonymized data may be retained indefinitely for service improvement

You can request immediate deletion of your data at any time by contacting support@riftshield.com.

7. Data Security

We implement industry-standard security measures to protect your data:

• Encryption in transit — All data transmitted between your browser and our servers is encrypted using TLS (Transport Layer Security)
• Encryption at rest — Stored data is encrypted using AES-256 encryption
• Access controls — Role-based access controls limit data access to authorized personnel only
• Security reviews — We conduct regular security assessments and vulnerability testing
• Infrastructure — Our servers are hosted in secure, monitored data centers with physical access controls

While we take every reasonable precaution to protect your data, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security.

8. Cookies

RiftShield AI uses essential cookies for the following purposes:

• Authentication — To keep you logged in and maintain your session
• Session management — To remember your preferences and settings during a session
• Security — To prevent cross-site request forgery and other security threats

We do not use third-party tracking cookies, advertising cookies, or analytics cookies from external providers. We do not participate in cross-site tracking or behavioral advertising.

9. Your Rights (GDPR/CCPA)

Regardless of your location, we provide the following data rights to all users:

• Right to access — You may request a copy of all personal data we hold about you
• Right to correction — You may request that we correct any inaccurate or incomplete data
• Right to deletion — You may request that we delete your personal data, subject to legal retention requirements
• Right to data portability — You may request your data in a structured, machine-readable format
• Right to opt out of data sales — We do not sell personal data, so this right is automatically satisfied
• Right to non-discrimination — We will not discriminate against you for exercising any of your privacy rights

To exercise any of these rights, please contact us at support@riftshield.com. We will respond to your request within 30 days.

10. Children's Privacy

RiftShield AI is not directed at children under the age of 13. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child under 13, we will take immediate steps to delete that information. If you believe a child has provided us with personal data, please contact us at support@riftshield.com.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. When we make material changes, we will provide at least 30 days' notice via email to the address associated with your account.

The "Effective" date at the top of this page indicates when this policy was last updated. Your continued use of the Service after the effective date of any changes constitutes your acceptance of the updated policy.

12. Contact

If you have questions or concerns about this Privacy Policy or our data practices, please contact us:

Email: support@riftshield.com