Rig Privacy Policy

Cortex Coding, Corp, DBA Rig AI, Inc. ("we," "our," or "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and protect your information when you use our website (collectively, the "Services").

Our Services and Privacy Approach

Rig Website

• What: Our website and marketing communication.
• Data Collection: Standard web analytics, marketing communications
• Privacy Model: Industry-standard data practices with transparency and user control

1. Contact Information

Data Controller: Cortex Coding, Corp.
Address: 111B S Governors Ave STE 39729, Dover DE 19904, United States
Email: [email protected]
Phone: 1 302-265-4350

2. Information We Collect

2.1 Website

Information You Provide Directly

• Account Information: Name, email address, company name
• Communication Data: Messages you send us, support requests, feedback
• Profile Information: Any additional information you choose to add to your profile

Information We Collect Automatically

• Usage Data: How you interact with our website and platform, features used, time spent
• Device Information: IP address, browser type, operating system, device identifiers
• Analytics Data: We use third-party analytics tools to collect information including:
  • Page views and clicks
  • User journey and behavior patterns
  • Performance metrics
  • Session recordings (when enabled)
• Cookies and Tracking: We use cookies and similar technologies for analytics and functionality

2.3 Third-Party Information (Website Only)

• Integration Data: If you connect third-party services to our platform
• Social Login: Information from social media platforms if you use social login

4. How We Use Your Information

4.1 Website Usage

This section applies to our website and online services.

Service Provision

• Creating and managing your account
• Providing access to our SaaS platform
• Managing subscriptions and receiving payment confirmations from Stripe
• Providing customer support
• Sending transactional emails (account updates, receipts, security alerts)

Analytics and Improvement

• Product Analytics: We use third-party analytics tools to analyze user behavior and improve our Services
• Understanding how our website and platform are used
• Identifying and fixing technical issues
• Developing new features and improvements

Marketing Communications (with consent)

• Email Marketing: We use third-party email marketing platforms to send marketing emails
• Product updates and announcements
• Educational content and tips
• Promotional offers and newsletters
• Note: You can unsubscribe from marketing emails at any time

4.2 Legal and Security

• Complying with legal obligations
• Protecting against fraud and security threats
• Enforcing our Terms of Service

5. Legal Basis for Processing (GDPR)

For EU residents, our legal basis for processing includes:

• Contract: Processing necessary to provide our Services (including Rig licensing)
• Consent: For marketing communications and certain analytics
• Legitimate Interest: For improving our Services, security, business operations, and Rig performance
• Legal Obligation: For compliance with laws and regulations

6. Information Sharing and Third Parties

We share your information with:

6.1 Service Providers

• Analytics and Product Intelligence Providers: For understanding user behavior, product insights, and service improvements
• Email Marketing and Communication Platforms: For sending marketing emails and customer communications (GDPR compliant)
• Stripe: For payment processing — Stripe directly handles all billing information, credit card details, and payment processing through their secure portal. We do not have access to your full payment details. Stripe's privacy policy governs their handling of your payment information: stripe.com/privacy
• Cloud Hosting Providers: For data storage, processing, and application hosting
• Customer Support Tools: For help desk, support ticket management, and customer service

6.2 Legal Requirements

• When required by law, court order, or government regulation
• To protect our rights, property, or safety
• In connection with business transfers or acquisitions

6.3 With Your Consent

• Any other sharing will be done only with your explicit consent

7. Payment Processing and Stripe

Important: We do not directly collect, store, or process your payment information.

• Stripe Integration: All payment processing is handled directly by Stripe, Inc. through their secure payment portal
• What We Receive: We only receive transaction confirmations, subscription status updates, and customer IDs from Stripe
• What We Don't Receive: Credit card numbers, CVV codes, billing addresses, or other sensitive payment details
• Stripe's Responsibility: Stripe is responsible for securely handling all payment data according to PCI DSS standards
• Stripe's Privacy Policy: Your payment information is governed by Stripe's Privacy Policy: stripe.com/privacy
• Data Security: Stripe maintains the highest levels of security certification and compliance

If you have questions about how your payment information is handled, please refer to Stripe's privacy policy or contact them directly.

8. Data Security

We implement appropriate technical and organizational measures to protect your data:

• Encryption in transit and at rest
• Regular security assessments and updates
• Access controls and authentication
• Employee training on data protection
• Incident response procedures

Third-Party Security: Our service providers maintain enterprise-grade security certifications and offer enhanced compliance options where required.

9. Data Retention

9.1 Website Data

• Account Data: Retained while your account is active and for legitimate business purposes
• Analytics Data: Typically retained for 2 years for product improvement
• Marketing Data: Until you unsubscribe or withdraw consent
• Legal Requirements: Some data may be retained longer for legal compliance
• Payment Data: Handled entirely by Stripe — refer to their retention policies

9.3 Your Deletion Rights

• Website Data: You can request deletion of your website and account data (subject to legal requirements)

10. International Data Transfers

10.1 Website

• Our servers are located in US
• Analytics Providers: We rely on our analytics partners to handle data hosting for appropriate regional requirements.
• Email Marketing Providers: We rely on our email third party service providers to handle data hosting for appropriate regional requirements.
• Stripe: Processes payments globally with appropriate data protection safeguards
• We ensure adequate protection through Standard Contractual Clauses where applicable

11. Your Rights

11.1 Rights for All Users

• Access: Request a copy of your personal data
• Correction: Update or correct inaccurate information
• Deletion: Request deletion of your personal data
• Payment Data: For payment-related data requests, contact Stripe directly

11.2 Website Specific Rights

• Opt-out: Unsubscribe from marketing communications
• Analytics Control: You may block cookies and trackers
• Account Management: Update profile information and preferences

11.4 EU Residents (GDPR Rights)

• Portability: Receive your data in a machine-readable format
• Restriction: Limit how we process your data
• Objection: Object to processing based on legitimate interest
• Withdraw Consent: Withdraw consent for processing

11.5 California Residents (CCPA Rights)

• Right to know what personal information is collected
• Right to delete personal information
• Right to opt-out of sale (we do not sell personal data)
• Right to non-discrimination

12. Marketing Communications and Consent

12.1 Email Marketing Consent

• We use third-party email marketing platforms for marketing emails
• Marketing emails require explicit opt-in consent
• You can unsubscribe at any time using the link in emails
• Transactional emails are necessary for service provision

12.2 Analytics Consent

• Website Analytics: We seek consent for non-essential analytics tracking
• Cookie Consent: Required for tracking cookies on our website
• Opt-out Options: Available for website analytics tracking

13. Cookies and Tracking

We use cookies and similar technologies on our website.

14. Children's Privacy

Our Services are not intended for children under 13 (or 16 in the EU). We do not knowingly collect personal data from children.

15. Updates to This Policy

We may update this Privacy Policy periodically. We will:

• Post updates on our website
• Send notification emails for material changes
• Update the "Last Updated" date

16. Supervisory Authority

EU residents have the right to lodge a complaint with your local data protection authority if you believe we have violated your privacy rights.

---

For questions about this Privacy Policy, please contact us at [email protected].