🔒 Privacy Policy
RkiveAI España S.L.
Effective Date: June 5, 2025
1. Introduction
RkiveAI España S.L. (“RkiveAI”, “we”, “us”, or “our”) is committed to protecting your privacy. This Privacy Policy explains:
- 📂 What categories of personal data we collect
- 🔐 Why and how we process your data (our legal bases)
- 🤝 With whom we share data
- ⏳ How long we retain various types of data
- ✅ Your rights under applicable data protection laws (including GDPR)
- 📞 How to contact us or a supervisory authority
By using our services (the “Services”), you agree to this policy. If you disagree, please discontinue use.
2. Who We Are & Contact Details
Data Controller:
RkiveAI España S.L.
Attn: Data Protection Officer
Paseo de la Castellana 91, Planta 4, Puerta 1.
Madrid, Spain. 28046.
📧 Contact: legal@rkiveai.com
📌 Supervisory Authority:
Agencia Española de Protección de Datos (AEPD)
C/Jorge Juan, 6, 28001 Madrid, Spain
🌐 https://www.aepd.es
3. Definitions
- Personal Data: Any info about an identified or identifiable person (e.g., name, email).
- Special Categories of Personal Data: Sensitive data like health, race, religion (not intentionally collected).
- Processing: Any operation on personal data (collection, storage, deletion).
- Data Subject: The person whose data is processed (you).
- GDPR: EU’s General Data Protection Regulation (Regulation EU 2016/679).
4. Information We Collect
We collect:
4.1 Account & Profile Data
- 📧 Contact info (name, email, phone)
- 🔑 Authentication data (username, hashed passwords)
- 📝 Preferences (language, notifications)
Legal Bases: Contractual necessity & Legitimate interests.
4.2 User-Generated Content
- 📄 Uploaded documents, images, text
- 🤖 AI-generated outputs
- 🕓 Metadata (revision history, file names)
Legal Bases: Contractual necessity & Legitimate interests.
4.3 Technical, Usage & Device Data
- 💻 Device/browser info (IP, OS, UUID)
- 📊 Logs & analytics (API calls, page visits)
- 🍪 Cookies & trackers (with consent)
Legal Bases: Legitimate interests & Consent.
4.4 Communications & Support Data
- 📥 Emails, support tickets, chat transcripts
- 🏷️ Metadata (timestamps, case numbers)
Legal Bases: Contractual necessity & Legitimate interests.
5. How We Use Your Data
- 🚀 Provide & improve services (authenticate, process payments)
- 🔒 Prevent fraud & secure systems
- 💌 Send notifications & optional marketing (opt-in only)
- 📈 Research & develop (anonymized data for improving AI models)
Legal Bases: Contractual necessity, Legitimate interests, Compliance, Consent.
6. Data Sharing
We do not sell or rent your data. We share it only with:
- 🌩️ Cloud providers (storage, compute)
- 📊 Analytics tools (anonymized usage insights)
- 💳 Payment processors (e.g., Stripe, Apple Pay)
- 📬 Email & support tools
Each partner signs strict GDPR-compliant agreements.
7. International Transfers
If we transfer data outside the EU, we use safeguards like:
- ✅ Standard Contractual Clauses (SCCs)
- ✅ Binding Corporate Rules (BCRs)
- ✅ EU adequacy decisions
8. Data Retention
| Data Type | Retention Period |
|---|
| Account & Profile Data | Active account + 3 years post-close |
| Billing Records | 10 years (legal requirement) |
| Support & Communications | Up to 5 years |
| Usage Analytics (anonymized) | Up to 5 years |
| Security & Audit Logs | Indefinitely |
9. Cookies & Tracking
We use cookies to:
- ✅ Enable core functionality (essential cookies)
- 📈 Analyze site usage (analytics cookies)
- 🎯 Improve experience (functional cookies)
- 📢 Show relevant ads (marketing cookies – consent required)
Manage your preferences anytime in your account settings.
10. Security Measures
- 🔒 TLS encryption (in transit & at rest)
- 👨💻 Role-based access controls (MFA for admins)
- 🛡️ Regular audits & incident response plans
No system is 100% secure. You accept inherent risks of internet transmission.
11. Your GDPR Rights
You can:
- 📥 Access your data
- ✏️ Correct inaccuracies
- 🗑️ Request deletion (“right to be forgotten”)
- ⏸️ Restrict processing
- 📤 Port your data (JSON, CSV)
- 🚫 Object to processing
- 🔓 Withdraw consent
- 📣 Lodge a complaint with AEPD
12. Children’s Privacy
We do not knowingly collect data from children under 18. If we do, contact legal@rkiveai.com.
13. Changes to This Policy
We may update this Privacy Policy. Significant changes will be notified 30 days in advance via email or in-app.
14. Delete Your Data
🔗 https://www.rkiveai.com/en/data-deletion
15. Third-Party Links
We are not responsible for external sites. Read their privacy notices when leaving our platform.
16. International Users
Non-EU users acknowledge data transfer to the EU. We ensure protections via SCCs, BCRs, or adequacy decisions.
17. Miscellaneous
- ❌ No automated decision-making
- 🛑 No sale of personal data
- 📌 Controller for direct data; Processor for integrations (e.g., Google Drive)
18. Global Privacy Notice
We comply with GDPR, CCPA (California), LGPD (Brazil), and other global laws. To exercise rights, email legal@rkiveai.com with your country in the subject line.
By using our Services, you agree to this Privacy Policy.
