Privacy Policy

We at Rach Dev LLP ("we," "us," or "our") respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and share information when you use our platform, website, APIs, and related services (collectively, the "Services").

By accessing or using our Services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our practices, please do not use our Services.

We collect the following categories of information:

Account Information

• Name, email address, and password when you create an account
• Organization name and billing address for paid plans
• Payment information processed securely through Stripe (we do not store full card numbers)

Usage Data

• API call volume, feature usage patterns, and agent interaction logs
• Database queries and storage consumption metrics
• Error logs and performance data used to improve service reliability

Technical Data

• IP address, browser type, and device information
• Operating system and screen resolution
• Referring URL and pages visited on our site
• Cookies and similar tracking identifiers

We use the information we collect to:

• Provide, maintain, and improve the Rach Dev LLP platform and Services
• Process transactions and send related information including purchase confirmations and invoices
• Send technical notices, updates, security alerts, and administrative messages
• Respond to your comments, questions, and customer service requests
• Monitor and analyze usage trends to improve user experience and platform performance
• Detect, investigate, and prevent fraudulent transactions and other illegal activities
• Enforce our terms of service and comply with legal obligations

Your data is stored on infrastructure hosted in the United States and India. We employ industry-standard security measures to protect your information, including:

• Encryption at rest (AES-256) and in transit (TLS 1.2+)
• Role-based access controls limiting employee access to personal data
• Regular security audits and vulnerability assessments
• Automated backups with point-in-time recovery
• SOC 2 Type II compliance currently in progress, with expected certification by Q3 2026

While we implement commercially reasonable security measures, no method of electronic storage or transmission is completely secure. We cannot guarantee absolute security of your data.

We share data with the following categories of third-party service providers, solely for the purpose of operating our Services:

• Payment processing: Stripe processes payment information on our behalf. Their handling of your payment data is governed by the Stripe Privacy Policy.
• Analytics: We use analytics providers to understand how our Services are used and to improve performance.
• Infrastructure: Cloud hosting providers that store and process data on our behalf, subject to strict data processing agreements.
• Email delivery: Transactional email providers for account notifications and communications.

We do not sell your personal data to third parties. We do not share your data with third parties for their own marketing purposes.

Depending on your location, you may have the following rights regarding your personal data:

• Access: Request a copy of the personal data we hold about you
• Correction: Request correction of inaccurate or incomplete personal data
• Deletion: Request deletion of your personal data, subject to legal retention requirements
• Data portability: Request a machine-readable export of your data
• Opt-out: Unsubscribe from marketing communications at any time via the link in any email
• Restriction: Request restriction of processing in certain circumstances

To exercise any of these rights, contact us at privacy@rachdev.com. We will respond to your request within 30 days.

We use cookies and similar technologies for three purposes:

• Essential cookies: Required for authentication, session management, and core platform functionality
• Analytics cookies: Help us understand how visitors interact with our website and Services
• Preference cookies: Remember your settings and display preferences

For detailed information about the cookies we use and how to manage them, please refer to our Cookie Policy.

We retain your personal data for as long as your account is active or as needed to provide you with our Services. Specific retention periods are as follows:

• Account data: Retained while your account is active. Upon account closure, we delete personal data within 30 days, unless retention is required by law.
• Usage logs: Retained for 90 days for debugging and performance monitoring, then aggregated and anonymized.
• Billing records: Retained for 7 years to comply with tax and accounting regulations.
• Backups: Automatically purged on a 30-day rolling cycle after account deletion.

Our Services are not intended for users under the age of 16. We do not knowingly collect personal data from children under 16. If we become aware that we have inadvertently collected personal data from a child under 16, we will take steps to delete that information as promptly as possible. If you believe a child under 16 has provided us with personal data, please contact us at privacy@rachdev.com.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will notify you by email (sent to the address associated with your account) and update the "Last updated" date at the top of this page.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your data.

If you have questions or concerns about this Privacy Policy or our data practices, contact us at:

• Email: privacy@rachdev.com
• Company: Rach Dev LLP
• Location: Noida, India