Privacy Notice & Policy

RainGuard AI Ltd. · Last updated and adopted: February 15, 2025

1. Introduction

RainGuard AI Ltd ("RainGuard," "we," "our," or "us") is committed to safeguarding personal data through the highest standards of cybersecurity, data ethics, and regulatory compliance, including the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and any other applicable local data protection laws.

As a cybersecurity and AI-driven company, we embed privacy-by-design, data minimization, and zero-trust principles across all our services, platforms, and products.

2. Scope

This policy applies to personal data collected or processed through our:

  • Websites, platforms, applications, and services
  • Client engagements and enterprise solutions
  • Research, analytics, and AI model training
  • Customer support and marketing communications

3. Types of Personal Data We Process

We only collect data that is strictly necessary for service functionality and security. This may include:

  • Contact Information – Name, email, phone, company
  • Professional Data – Role, department, job title
  • Authentication & Access – Usernames, hashed credentials, session tokens
  • Technical Metadata – IP address, device ID, OS/browser type, logs
  • Behavioral Data – Clickstream, usage logs, user interaction
  • Audio/Video Streams – Processed in real-time; no long-term storage
  • Security Event Data – Alerts, incidents, forensic traces

We do not collect sensitive categories of data (e.g., biometric, health) unless explicitly necessary and legally permitted in written consent.

4. Purpose & Legal Basis for Processing

Your data may be processed for:

Purpose Legal Basis
Delivering cybersecurity & AI services Contractual necessity
Improving our platforms and models Legitimate interests
Responding to user inquiries or issues Legitimate interests
Real-time processing (e.g., for video security) Legitimate interests or consent
Legal compliance & threat response Legal obligation
Marketing communications Consent (opt-in)

5. Automated Decision-Making & AI

We use AI and machine learning to support cybersecurity functions (e.g., threat scoring, anomaly detection). These systems do not make fully automated decisions that have legal or significant effects on individuals without human oversight.

6. Data Retention & Minimization

  • Data minimization: Only data necessary for the stated purpose is collected.
  • Audio/video: Real-time processing only; not retained or stored.
  • User data: Retained only as long as necessary or legally required (e.g., 7 years for contractual records).

7. Data Sharing & Subprocessors

We never sell personal data. Data is only shared with:

  • Verified subprocessors (e.g., cloud providers, email platforms) under strict DPAs (Data Processing Agreements)
  • Legal authorities when mandated
  • Clients (only for enterprise users, under contract)

8. Your Rights

You may exercise the following rights, subject to verification:

  • Access your data
  • Rectify inaccuracies
  • Erase data ("Right to be Forgotten")
  • Restrict or object to processing
  • Data portability
  • Withdraw consent
  • Lodge a complaint with a Data Protection Authority

To exercise rights: compliance@rainguard.ai

9. Security Measures

RainGuard implements rigorous security controls, including but not limited to:

  • End-to-end encryption (AES-256, TLS 1.3)
  • Role- and context-based access control (RBAC + ABAC)
  • Immutable audit logging
  • Regular security testing, threat modeling & Red Team exercises

10. Children's Privacy

Our services are not intended for individuals under the age of 16. We do not knowingly collect or process children's data.

11. Contact & Data Protection Officer (DPO)

If you have questions or wish to exercise your rights:
Email: compliance@rainguard.ai