RKIVE AIRKIVE AI

🗑️ Data Deletion Policy

RkiveAI España S.L.
Effective Date: November 10, 2025

🎯 1. Purpose & Scope

This Data Deletion Policy explains how RkiveAI España S.L. (“RkiveAI,” “we,” “us,” or “our”) handles requests to delete personal data, uploaded media, AI-generated outputs, and other service-related information. It applies to all individuals whose data we process (“you” or “Users”), whether you are a registered account-holder or a data subject covered by EU/Spanish data protection law.

📌 Covered Data:

🚫 Excluded from Deletion:

✅ 2. Your Rights Under GDPR (and Spanish Law)

Under the GDPR (Articles 17–19) and Spanish Data Protection Law (LOPDGDD), you have the right to request deletion (the “right to be forgotten”) of your personal data when:

  1. The data is no longer necessary for the purpose it was collected.
  2. You have withdrawn consent (and no other legal basis applies).
  3. You objected to processing (and no overriding legitimate grounds exist).
  4. The data was processed unlawfully.
  5. Deletion is required to comply with a legal obligation (except where another law permits continued retention).

You also have the right to request that any third parties we shared your data with be informed of the deletion and to cease processing it.

📬 3. How to Delete Your Data

🔴 Primary Self-Service Flow (Recommended)

  1. Sign in to the RkiveAI app on Android, iOS, or the web app (app.rkiveai.com). The red Delete Account button lives at the very bottom of the Settings screen.
  2. Review the confirmation screen. It outlines exactly what will be removed and requires you to type the word "DELETE" before you can continue.
  3. Tap Delete Account. Your session ends immediately, the deletion workflow starts right away, and the action is immediate and irreversible.

⚠️ Important: The red Delete Account control only exists inside the RkiveAI apps. It does not appear on our public marketing website. Always sign in to the app (mobile or web) to access it.

✉️ Accessibility & Support Fallback

If you cannot sign in—for example, you lost access to your authenticator, the account belongs to a deceased person, or you are exercising rights on behalf of another data subject—you may contact us so we can process the deletion manually:

When you write, please include: (a) your full name, (b) the account email address (or unique identifiers if you never registered), (c) a clear description of the data you want deleted, and (d) supporting legal documentation to verify your identity and, if applicable, your authority to represent another data subject. We may request additional proof before proceeding.

We acknowledge manual requests within 10 business days. If you regain access before we complete the manual workflow, you can still use the in-app Delete Account button to accelerate the process—just let us know so we can close out the ticket.

⏳ 4. Processing Timeline & Exceptions

  1. 🕒 Standard Processing Time:
    • Self-service deletions initiated via the in-app Delete Account button take effect right away. The same backend workflow that processes manually initiated deletions immediately erases or de-identifies your personal data across active systems. Operational data that is not solely owned by you, anonymized analytics, or records we must retain under applicable law remain under strict access controls until the relevant retention obligation ends. We do not send a separate confirmation email for self-service requests.
    • Manual requests submitted via email or post follow the statutory GDPR timeline. Once we verify your identity (or authority), we trigger the same deletion workflow described above. We aim to finish within 45 calendar days of verification. If we expect to exceed one month, we will let you know within that first month and may extend the window to 90 calendar days for complex cases, as permitted by Article 12(3) GDPR.
  2. 🚨 Legal & Operational Exceptions (where full deletion may be delayed or partially withheld):
    • 📑 Billing & Tax Records: We must retain payment, invoicing, and tax documents for up to 10 years to comply with Spanish/EU financial regulations. Those records will be flagged but not deleted. If you request deletion of billing data, we will anonymize or pseudonymize personal identifiers while retaining transaction amounts and dates.
    • 🛡️ Fraud Prevention & Security Logs: To protect our platform and users from abuse, certain security logs (e.g., forensics from suspicious activity) must be retained for at least 5 years. Although personal identifiers may be removed, we keep relevant event timestamps.
    • ⚖️ Legal Holds & Disputes: If you or any third party initiates a legal claim or investigation, or if we determine there is a legitimate threat (e.g., ongoing litigation, regulatory audit), we may delay deletion until the matter is resolved. In that case, we will inform you in writing.
    • 💾 Backups & Archives: We maintain encrypted backups for disaster recovery. When deleting live data, we ensure it is removed from active systems promptly. Archived copies persist only for as long as required by our internal retention schedule and applicable law, after which they are automatically and securely removed.
  3. Confirmation of Completion:
    • For manual requests, we will confirm completion using the same channel you originally used (email or postal mail). Self-service deletions do not include an additional confirmation message—the account simply remains inaccessible.

🗑️ 5. What Happens When Data Is Deleted

  1. Account Deletion:
    • If you request complete account deletion, we will:
    • 🗝️ Disable your login and revoke all authentication tokens.
    • 👤 Remove your profile information (name, email, settings) from active user directories.
    • 🧹 Delete or irreversibly de-identify files, AI outputs, and related content that you provided, except where we must retain an anonymized version under § 4.
    • 🗄️ Purge personal identifiers from operational databases; any records that must remain for service quality, analytics, or compliance are converted to non-identifying references.
    • 🕵️ Retain only the minimum anonymized or pseudonymized records required by law or legitimate business needs.
    • After account deletion, you will no longer be able to access RkiveAI. If you wish to use our Services again, you must register a new account.
  2. Uploaded Media & AI-Generated Content:
    • 💾 Personal files stored in object storage are deleted from active buckets or converted into anonymized derivatives that no longer identify you, subject to legal and operational retention requirements.
    • 🤖 AI-generated outputs tied to your account follow the same process. Where outputs inform shared libraries, analytics, or model improvements, we retain only versions that are stripped of personal identifiers.
    • 🤝 If your files are shared with collaborators via Teams or Projects, those collaborators lose access once your personal identifiers are removed.
    • 📘 For more on how anonymized data may support analytics or product improvement, see Section 5.4 (“Research & Development”) of our Privacy Policy.
  3. Analytics, Logs & Metadata:
    • 🗃️ Personal identifiers (e.g., user ID, IP address) will be purged or pseudonymized.
    • 📊 Aggregate analytics (e.g., “X users used Feature Y on Date Z”) will remain, since they no longer identify you.
    • 📋 Session logs tied directly to your account will be deleted from active logging systems; forensic logs may persist under § 4 exceptions, but without your name or email.
  4. Emails & Communications:
    • ✉️ Support tickets and chat transcripts will be deleted except where they must be retained to resolve disputes or comply with legal obligations. In such cases, we will redact personal identifiers.

🔗 6. Third-Party Data Erasure Requests

If we have shared your personal data with subprocessors or partners (e.g., payment processor, analytics provider, or marketing tools), we will:

  1. 📣 Notify the third-party recipient of your deletion request and instruct them to delete your data from their systems (to the extent that they are subject to GDPR).
  2. ⚠️ In some cases, a third party may have separate policies or retention requirements—if they cannot fully delete your data, we will inform you which data remains and under what legal basis.
  3. 🌐 We cannot guarantee deletion of data that a third party has legitimately published elsewhere (e.g., publicly shared AI outputs on collaborative boards). In those instances, we will advise you on how to contact that third party directly.

📢 7. Appeals & Escalation

If you believe we have not complied with your request:

  1. 📧 Internal Review: Reply to our confirmation email or send a new message to legal@rkiveai.com with “Appeal: Data Deletion” in the subject line, explaining why you think your data remains. We will investigate and respond within 15 business days.
  2. 🏛️ Supervisory Authority:

    AEPD
    C/Jorge Juan, 6, 28001 Madrid, Spain
    🌐 https://www.aepd.es

📌 8. Additional Considerations

  1. 🔄 Re-Registration After Deletion:
    If you delete your account and later register again using the same email address, we will not be able to restore your old data. You will start with a clean slate.
  2. 📦 Data Portability Before Deletion:
    If you want a copy of your data before requesting deletion, please request a data-export (see Section 5 of our Privacy Policy) before sending a deletion request. Once deleted, your data cannot be recovered.
  3. ⚠️ Service Impact:
    Certain features that rely on your historical data—such as project histories, custom settings, or social analytics will no longer function once that data is deleted. Deletion is permanent.

🔄 9. Changes to This Policy

We may update this Data Deletion Policy from time to time. When we do:

Your continued use of our Services after the Effective Date means you accept the new Data Deletion Policy. If you do not agree, you must request deletion of your data before the changes take effect.

By using RkiveAI and submitting any data deletion or erasure request, you acknowledge that you have read and understood this Data Deletion Policy and agree to its terms.

1