We temporarily process uploaded contract documents to provide analysis services. Documents contain text content that may include personal or business information.
Account Information
We collect email addresses, payment information, and usage statistics for account management and billing purposes.
Monetary Impact Estimate Inputs
For Creator and Pro subscribers using monetary impact estimates, we temporarily collect calibration inputs such as sponsor fees, monthly revenue estimates, deal frequency, and cost of capital preferences. This data is used solely to generate personalized estimates and is not stored permanently.
2. How We Use Information
To provide comprehensive multi-jurisdictional contract analysis services
To generate international financial impact estimates with currency conversion for Creator and Pro subscribers
To deliver region-specific legal compliance guidance and culturally-adapted recommendations
To process payments and manage subscriptions across multiple currencies and regions
To improve our AI models and service quality with jurisdiction-specific training data
To communicate about your account and service updates in compliance with local regulations
3. Data Security
Memory-only processing: Contract files processed entirely in browser memory
Zero file storage: No contract documents stored on our servers
Encryption in transit: TLS 1.3 encryption for all data transfers
Access controls: Strict employee access controls and audit logging
Infrastructure: Hosted on Cloudflare's secure infrastructure
4. Data Sharing
We do not sell or share personal data with third parties, except:
With service providers (payment processing, hosting) under strict agreements
When required by law or to protect our legal rights
In anonymized, aggregated form for research purposes
5. Data Retention
Contract documents: Never stored - processed only in memory and discarded immediately
Analysis results: Retained in your account (risk scores, suggestions, metadata)
Account data: Retained while account is active, deleted upon request
Usage logs: Retained for 90 days for security and debugging
6. International Data Protection Compliance
Multi-Regional Privacy Compliance
We comply with data protection regulations across all supported jurisdictions:
• GDPR (EU/UK): Full compliance with data subject rights, lawful basis requirements, and cross-border transfer safeguards
• PIPEDA (Canada): Compliance with Canadian privacy principles and consent requirements
• Privacy Act (Australia): Australian Privacy Principles (APPs) compliance and notification requirements
• CCPA (California): Consumer privacy rights and opt-out mechanisms for California residents
• State-Specific Laws: Compliance with emerging US state privacy legislation
7. Your Rights (Jurisdiction-Specific)
Your data protection rights vary by jurisdiction. All users have these fundamental rights:
Access: Request copies of your personal data
Correction: Update inaccurate personal information
Deletion: Request deletion of your personal data
Portability: Receive your data in a machine-readable format
Enhanced Rights by Region:
• EU/UK Users (GDPR): Right to object, restrict processing, lodge complaints with supervisory authorities
• California Residents (CCPA): Right to opt-out of data sales, non-discrimination for exercising rights
• Canadian Users (PIPEDA): Right to file complaints with Privacy Commissioner of Canada
• Australian Users: Right to complain to Australian Information Commissioner (OAIC)
8. International Data Transfers
Our international service delivery may involve cross-border data transfers. We ensure appropriate safeguards:
Adequacy Decisions: Transfers to countries with adequate protection levels (Canada, UK, EEA)
Standard Contractual Clauses: EU-approved contracts for transfers to other jurisdictions
Binding Corporate Rules: Internal policies ensuring consistent global data protection
Encryption: Data encrypted in transit and at rest across all processing locations
9. Cookies and Tracking
We use different types of cookies to provide, maintain, and improve our services:
You can manage your cookie preferences at any time by clicking
in our footer or using the preferences center.
Essential Cookies Required
Required for basic site functionality, authentication, and security. These cannot be disabled.
Analytics Cookies Optional
Help us understand how visitors interact with our website to improve user experience.
Marketing Cookies Optional
Used to track visitors across websites for advertising and marketing purposes.
Preference Cookies Optional
Remember your settings and preferences for a personalized experience.
8. Contact Us
For privacy questions or to exercise your rights, contact us at privacy@rewritable.ai