R
retriv.aiAgentic Document Extraction

Privacy Policy

Last Updated: December 3, 2024

1. Introduction

Retriv.ai ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our document extraction and processing platform.

By using Retriv.ai, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Name, email address, company name, and billing information
  • Documents: Files you upload for processing (subject to Zero Data Retention policy)
  • API Usage: API keys, request/response data, and usage metrics
  • Support Communications: Messages, feedback, and support tickets

2.2 Information We Collect Automatically

  • Usage Data: Log data, IP addresses, browser type, operating system
  • Analytics: Pages visited, time spent, features used
  • Cookies: Session cookies and functional cookies (no advertising cookies)

3. Zero Data Retention (ZDR)

🔒 Core Privacy Principle

Retriv.ai operates on a Zero Data Retention model for all processed documents. We do not store, log, or retain any document content after processing is complete.

What this means:

  • Documents are processed in-memory and immediately deleted after API response
  • No document content is used for model training or improvement
  • Only anonymized metadata (file size, processing time, error codes) is retained for system monitoring
  • Enterprise customers can enable audit logs (metadata only, no content)

4. How We Use Your Information

We use collected information for:

  • Service Delivery: Processing API requests and delivering extracted data
  • Account Management: Creating and managing your account
  • Billing: Processing payments and managing subscriptions
  • Support: Responding to inquiries and troubleshooting issues
  • Security: Detecting fraud, abuse, and security incidents
  • Improvement: Analyzing usage patterns to improve our platform (aggregated data only)
  • Communications: Sending service updates, security alerts, and marketing (opt-out available)

5. Data Sharing and Disclosure

We do not sell your personal information. We may share your information with:

  • Service Providers: Cloud infrastructure (AWS/GCP), payment processors (Stripe), analytics (PostHog)
  • Legal Requirements: When required by law, subpoena, or legal process
  • Business Transfers: In connection with mergers, acquisitions, or asset sales
  • With Your Consent: When you explicitly authorize sharing

6. Data Security

We implement industry-standard security measures to protect your information:

  • TLS 1.3 encryption for all data in transit
  • AES-256 encryption for data at rest
  • Regular security audits and penetration testing
  • SOC 2 Type II compliance (in progress)
  • Role-based access controls and audit logging
  • Multi-factor authentication for all accounts

7. Data Retention

  • Document Content: Zero retention (deleted immediately after processing)
  • Account Data: Retained while your account is active + 30 days after deletion
  • Billing Records: Retained for 7 years for tax/legal compliance
  • Usage Metadata: Retained for 90 days

8. Your Rights

Depending on your location, you may have the following rights:

  • Access: Request a copy of your personal data
  • Correction: Request correction of inaccurate data
  • Deletion: Request deletion of your data (right to be forgotten)
  • Portability: Request transfer of your data to another service
  • Objection: Object to processing for marketing purposes
  • Restriction: Request limited processing of your data

To exercise these rights, contact us at privacy@retriv.ai

9. International Data Transfers

Retriv.ai operates globally. If you are located outside the United States, your information may be transferred to and processed in the United States or other countries. We comply with applicable data protection laws, including GDPR and CCPA.

10. Children's Privacy

Our services are not directed to individuals under 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, contact us immediately.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or prominent notice on our website. Continued use after changes constitutes acceptance.

12. Contact Us

For questions about this Privacy Policy or our privacy practices:

Retriv.ai Privacy Team

Email: privacy@retriv.ai

Address: 123 Market Street, San Francisco, CA 94103

Data Protection Officer: dpo@retriv.ai