Privacy Policy

1. Information We Collect

2. How We Use Information

We use personal information to:

• Provide, operate, and maintain the Service;
• Authenticate users and secure Accounts;
• Process payments and manage Subscriptions;
• Enable Agent functionality, including transmission to AI providers (Section 3);
• Communicate with you about the Service, updates, and support;
• Send marketing communications where permitted (you may opt out at any time);
• Detect and prevent fraud, abuse, and security incidents;
• Comply with legal obligations and enforce our Terms;
• Conduct analytics to improve the Service.

3. AI Processing and Third-Party AI Providers

3.1 The Service relies on third-party large language model providers, including but not limited to Anthropic, OpenAI, and Google. When you use Agents, your prompts, User Content, and related metadata may be transmitted to these providers for processing.

3.2 No model training on your data. We do not use your User Content, prompts, or AI Outputs to train our own models. Where AI providers offer no-training endpoints, we use those endpoints to ensure your inputs are not used by providers to train their models.

3.3 Each AI provider has its own data handling practices. Limited retention by providers may occur for safety, abuse-prevention, and legal-compliance purposes. See:

• Anthropic: anthropic.com/privacy
• OpenAI: openai.com/policies/privacy-policy
• Google: policies.google.com/privacy

4. Legal Bases for Processing (EEA / UK Users)

If you are in the European Economic Area or the United Kingdom, we process your personal information on the following legal bases:

• Contract: to provide the Service you request.
• Legitimate interests: to secure, improve, and market the Service, balanced against your rights.
• Consent: where required (e.g., marketing emails, certain cookies).
• Legal obligation: where required by applicable law.

5. How We Share Information

We do not sell your personal information. We share information in these circumstances:

• Service providers: hosting (e.g., Vercel, AWS, GCP), database (e.g., Supabase), email delivery, customer support tools, analytics, payment processing (Stripe), and AI providers (Section 3). These providers process data on our behalf under contractual confidentiality and security obligations.
• Integrations you authorize: when you connect third-party services to your Account, we share data with those services as authorized.
• Legal compliance: to comply with subpoenas, court orders, or applicable law; to enforce our Terms; to protect our rights, property, or safety, or that of users or the public.
• Business transfers: in connection with a merger, acquisition, financing, reorganization, or sale of assets, your information may be transferred. We will notify you of any such transfer.
• With your consent: for any other purpose with your express consent.

6. International Data Transfers

We are based in the United States, and our team operates internationally including from Pakistan. Your information may be processed in countries other than your own, including the United States. Where required, we use appropriate safeguards such as Standard Contractual Clauses (SCCs) approved by the European Commission and the UK ICO. You may request a copy of relevant safeguards at privacy@founderr.io.

7. Data Retention

We retain personal information as long as your Account is active or as needed to provide the Service. Specific retention periods:

• Account data: retained while your Account is active; deleted within 30 days of Account closure.
• AI inputs and outputs: retained for the duration of your Account; available for export by you.
• Billing and tax records: retained for at least 7 years to comply with tax law.
• Backup copies: may persist in encrypted backups for up to 90 days after deletion.
• Anonymized or aggregated data: may be retained indefinitely.

8. Security

We implement administrative, technical, and physical safeguards to protect personal information, including encryption in transit (TLS), encryption at rest, role-based access controls, audit logging, and security monitoring. No system is fully secure; we cannot guarantee absolute security. Notify us immediately at security@founderr.io of any suspected breach.

9. Your Rights

10. Children's Privacy

The Service is not directed to children under 13 (or 16 in the EEA). We do not knowingly collect personal information from children. If we learn we have collected such information, we will delete it. Contact privacy@founderr.io if you believe a child has provided us information.

11. Cookies and Tracking

See our Cookie Policy for details on cookies and similar tracking technologies.

12. Do Not Track and Global Privacy Control

Our Service does not respond to "Do Not Track" browser signals. We respect Global Privacy Control (GPC) signals as opt-out signals where applicable under U.S. state privacy laws.

13. Marketing Communications

You may opt out of marketing emails at any time by clicking the unsubscribe link in any marketing email or by emailing privacy@founderr.io. Service-related communications (billing, security, terms updates) cannot be opted out of while your Account is active.

14. Automated Decision-Making

We do not use your personal information for automated decision-making that produces legal or similarly significant effects on you, except as necessary to enter into or perform our contract with you (such as fraud prevention checks).

15. Changes to This Policy

We may update this Privacy Policy. Material changes will be notified by email or prominent in-Service notice at least 30 days before taking effect. The "Effective Date" at the top will be updated. Continued use of the Service after changes take effect constitutes acceptance.

16. Contact

RIKHATH LLC
5900 Balcones Dr, Austin, TX 78731, USA
Email: privacy@founderr.io
Privacy lead: privacy@founderr.io