Privacy Policy

Version 1.0 · Last revised: March 5, 2026

Key Points

We collect information you provide and information automatically collected through your use of our Services
We use your information to provide, maintain, and improve our Services, and to communicate with you
We do not sell your personal information to third parties
You have rights regarding your personal information, including the right to access, correct, and delete your data
We implement industry-standard security measures to protect your information

Information We Collect

Information You Provide to Us

Account Information: When you create an account, we collect information such as your name, email address, username, password, and any profile information you choose to provide.

Payment Information: If you make a purchase, we collect payment information such as billing address, payment method details (processed through third-party payment processors), and transaction history.

Content and Communications: We collect the content you create, store, or share through our Services, including workflows, agent configurations, task data, and any communications you send to us or through our Services.

Support Communications: When you contact our support team, we collect information you provide in your communications, including your contact information and the contents of your messages.

Survey and Feedback Information: We may collect information when you participate in surveys, provide feedback, or respond to our requests for information.

Information Automatically Collected

Usage Information: We collect information about how you use our Services, including features used, actions taken, time spent, frequency of use, and performance data.

Device Information: We collect information about the devices you use to access our Services, including device type, operating system, browser type and version, screen resolution, and unique device identifiers.

Log Information: Our servers automatically record information when you use our Services, including IP address, access times, pages viewed, links clicked, and the page you visited before navigating to our Services.

Location Information: We may collect general location information based on your IP address or more precise location information if you grant permission through your device settings.

Cookies and Similar Technologies: We use cookies, web beacons, pixel tags, and similar technologies to collect information about your interactions with our Services. See the Cookies section below for more details.

Information from Third Parties

Social Media Integration: If you connect your account with social media platforms or use social login features, we may receive information from those platforms in accordance with their privacy policies.

Business Partners: We may receive information about you from our business partners, such as integration partners, resellers, or marketing partners.

Public Sources: We may collect information about you from publicly available sources to supplement the information we have about you.

Analytics Providers: We may receive aggregated or de-identified information from third-party analytics providers to help us understand how our Services are used.

How We Use Your Information

Primary Uses

Service Provision: To provide, maintain, and operate our Services, including processing your requests, managing your account, and enabling core functionality.

AI and Machine Learning: To train, improve, and operate our artificial intelligence models and algorithms. We use only aggregated and de-identified data for AI training purposes.

Personalization: To customize your experience, provide personalized recommendations, and tailor content and features to your preferences and usage patterns.

Communication: To communicate with you about your account, our Services, updates, security alerts, and administrative messages.

Customer Support: To respond to your inquiries, provide customer support, troubleshoot problems, and resolve disputes.

Business Operations

Analytics and Insights: To analyze usage patterns, measure performance, generate insights about our Services, and create aggregated statistics.

Marketing and Promotion: To send you promotional communications about new features, products, or services that may interest you, subject to your communication preferences.

Research and Development: To conduct research, test features, and develop new products and services.

Business Intelligence: To understand market trends, user behavior, and business performance to inform strategic decisions.

Legal Bases for Processing (EEA/UK Users)

If you are located in the European Economic Area (EEA) or United Kingdom (UK), we process your personal information based on the following legal bases:

Contract: Processing necessary for the performance of our contract with you
Legitimate Interests: Processing necessary for our legitimate interests, such as improving our Services, conducting business analytics, and ensuring security
Consent: Processing based on your explicit consent, such as for marketing communications or optional features
Legal Obligation: Processing necessary to comply with legal obligations to which we are subject
Vital Interests: Processing necessary to protect vital interests of you or another person

Information Sharing and Disclosure

Service Providers and Business Partners

We may share your information with trusted third-party service providers who assist us in operating our Services, including:

Cloud Infrastructure Providers: For hosting, storage, and computing services
Payment Processors: For processing payments and managing billing
Analytics Providers: For usage analytics and performance monitoring
Customer Support Tools: For providing customer service and support
Email and Communication Services: For sending transactional and marketing emails
Security Services: For fraud detection, security monitoring, and threat prevention

These service providers are contractually required to protect your information and use it only for the specific purposes for which it was shared.

Business Transfers

If we are involved in a merger, acquisition, sale of assets, bankruptcy, or other business transaction, your information may be transferred as part of that transaction. We will provide notice before your information is transferred and becomes subject to a different privacy policy.

Legal Requirements and Protection

We may disclose your information if required to do so by law or in good faith belief that such disclosure is necessary to:

Comply with legal obligations, court orders, or government requests
Protect and defend our rights, property, or safety, or that of our users or the public
Detect, prevent, or respond to fraud, security breaches, or technical issues
Enforce our Terms of Service or other agreements
Investigate potential violations of law or our policies

Aggregated and De-identified Information

We may share aggregated, anonymized, or de-identified information that cannot reasonably be used to identify you for research, analytics, and marketing purposes.

With Your Consent

We may share your information for other purposes with your explicit consent or at your direction, such as when you choose to integrate with third-party applications or share content publicly.

Data Security

We implement industry-standard security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. Our security measures include:

Technical Safeguards

Encryption: Strong encryption for data in transit (TLS 1.2 or higher) and at rest (AES-256 or equivalent)
Access Controls: Role-based access controls and multi-factor authentication for administrative access
Network Security: Firewalls, intrusion detection systems, and regular security monitoring
Secure Development: Security code reviews, vulnerability testing, and secure coding practices
Data Backup: Regular encrypted backups with tested recovery procedures

Organizational Safeguards

Employee Training: Regular security training for employees
Incident Response: Established procedures for detecting and responding to security incidents
Vendor Management: Security assessments and contractual requirements for third-party providers
Regular Audits: Periodic security audits and assessments

Despite our security measures, no system is completely secure. We cannot guarantee the absolute security of your information. In the event of a data breach that poses a risk to your rights and freedoms, we will notify you and relevant authorities as required by applicable law.

Data Retention

We retain your personal information for as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce our agreements.

Account Information: Retained for the duration of your account plus 3 years after account closure
Usage Data and Logs: Typically retained for 2 years, unless required for security or legal purposes
Content Data: Retained according to your account settings and data management preferences
Communication Records: Customer support communications retained for 5 years
Payment Information: Retained as required by financial regulations, typically 7 years
Marketing Data: Retained until you unsubscribe or withdraw consent

You can request deletion of your personal information at any time, subject to our legal obligations and legitimate business interests.

Your Privacy Rights

Universal Rights

Access: Request information about the personal information we hold about you
Correction: Request correction of inaccurate or incomplete information
Deletion: Request deletion of your personal information in certain circumstances
Communication Preferences: Opt out of marketing communications at any time
Account Control: Update, modify, or delete information in your account settings

EEA/UK Rights (GDPR)

If you are located in the EEA or UK, you have additional rights including data portability, restriction of processing, objecting to processing, withdrawing consent, and the right to file a complaint with your local data protection authority.

California Rights (CCPA/CPRA)

If you are a California resident, you have rights under CCPA/CPRA including the right to know, delete, opt-out of sale, and non-discrimination.

Exercising Your Rights

To exercise your privacy rights, contact us at privacy@runshift.ai or use the privacy controls in your account settings. We will respond to your request within 30 days.

Cookies and Tracking Technologies

We use various types of cookies:

Essential Cookies: Necessary for basic functionality including authentication and security. These cannot be disabled.
Performance and Analytics Cookies: Help us understand how users interact with our Services.
Functional Cookies: Enable enhanced functionality and personalization.
Marketing and Advertising Cookies: Used to deliver relevant content and measure campaign effectiveness.

You can control cookies through your browser settings, our cookie consent banner, or account settings. Note that disabling certain cookies may affect the functionality of our Services.

International Data Transfers

Our Services are primarily operated from the United States. Your information may be transferred to and processed in the United States and other countries. We use appropriate safeguards for international transfers, including Standard Contractual Clauses for transfers from the EEA/UK.

Children's Privacy

Our Services are not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe your child has provided personal information to us, please contact us immediately.

Updates to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes through email notification, prominent notice on our website, or in-app notifications. Your continued use of our Services after changes are published constitutes your acceptance of the updated Policy.

Contact Information

RunShift, Inc.

Email: privacy@runshift.ai
General: dc@runshift.ai