Policies

Privacy Policy

Effective January 19, 2026. How rapptide collects, uses, stores, and protects your personal data in compliance with GDPR and relevant privacy laws.

1. Introduction

This Privacy Policy explains how rapptide (“we,” “our,” “us”) collects, uses, stores, and protects your personal data when you use our SaaS platform. rapptide complies with the EU General Data Protection Regulation (GDPR), UK GDPR, and relevant privacy laws.

2. Data We Collect

2.1 Information You Provide

  • Name, email address, password
  • Billing information (via third-party payment processors)
  • Project data, uploaded files, assets, configuration settings
  • Support requests or communications

2.2 Automatically Collected Data

  • IP address, device information, browser type
  • Usage logs, activity within the platform
  • Crash reports and error diagnostics
  • Authentication logs and security events

2.3 Cookies & Tracking Technologies

  • Essential session cookies
  • Analytics cookies (anonymized where possible)
  • Preference cookies; manage them here

3. Legal Basis for Processing (GDPR)

  • Contractual Necessity: Providing the service, authentication, account management.
  • Legitimate Interest: Improving performance, fraud prevention, analytics.
  • Consent: Non-essential cookies and marketing communications.
  • Legal Obligation: Tax, accounting, and regulatory requirements.

4. How We Use Your Data

  • To operate, maintain, and deliver the SaaS platform
  • To handle authentication, security, and fraud prevention
  • To process payments and manage subscriptions
  • To personalize your experience
  • To improve and develop new features
  • To provide customer support
  • To comply with laws and enforce terms

5. Sharing and Disclosure

We never sell personal data.

Data may be shared only with:

  • Service Providers & Sub-Processors: hosting, payment processors, analytics, email delivery providers.
  • Legal Authorities: when required by law.
  • Business Transfers: in case of merger or acquisition (with notice).

6. International Data Transfers

When transferring data outside the EU/EEA, we rely on:

  • EU Standard Contractual Clauses (SCCs)
  • Adequacy decisions
  • Appropriate safeguards as required by GDPR

7. Data Retention

  • Account data: retained while your account is active.
  • Deleted accounts: removed or anonymized within 90 days unless required for legal obligations.
  • Billing data: retained for up to 10 years (tax laws).
  • Logs & analytics: typically 12–36 months unless required for security.

8. Data Security

We implement industry-standard measures including:

  • Encryption in transit (TLS) and at rest
  • Access control and authentication management
  • Firewall and intrusion detection systems
  • Regular security audits
  • Strict internal access limitations

9. Your Rights (EU/EEA/UK)

  • Right to access your data
  • Right to correct inaccurate data
  • Right to delete your data (“Right to be Forgotten”)
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing
  • Right to withdraw consent
  • Right to lodge a complaint with a supervisory authority

10. Automated Decision-Making

rapptide does not perform automated decision-making that has legal or significant effects on users.

rapptide may use AI tools to assist with candidate screening by highlighting relevant information, scoring profiles, or ranking submissions. These AI-assisted outputs do not make final decisions. All hiring or qualification decisions involve human review and are not made solely by automated means.

11. Children’s Privacy

We do not knowingly collect data from children under the minimum required age in their jurisdiction.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Material changes will be communicated through email or platform notices.

13. Contact Us

For data requests or privacy inquiries:
Email: privacy[at]rapptide.com