Privacy Policy

We respect your privacy and are committed to protecting your personal data in accordance with global data-protection laws including the GDPR, UK GDPR, CCPA / CPRA, PIPEDA, and LGPD.

Last updated: Effective date:

1. Introduction

Ai.Rax ("we", "our", or "us") operates the Ai.Rax website and provides AI-content monitoring, detection, and humanization services (collectively, the "Services"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our Services, and describes the rights and choices you have regarding your personal data.

By accessing or using the Services you acknowledge that you have read and understood this Privacy Policy. If you do not agree with the practices described here, please do not use the Services.

2. Data Controller

For the purposes of the EU General Data Protection Regulation (GDPR) and the UK GDPR, Ai.Rax is the data controller responsible for your personal data. If you are located in the European Economic Area, United Kingdom, or Switzerland, you may contact our Data Protection Officer at the address listed in Section 14.

3. Information We Collect

We collect information that you provide directly to us, information collected automatically as you use the Services, and information from third parties.

3.1 Information You Provide

  • Account information: name, email address, username, password (hashed), and optional phone number.
  • Billing information: billing address and last four digits of the payment card. Full payment-card numbers are processed by PCI-DSS-compliant third-party payment processors and are never stored on our servers.
  • Submitted content: text, documents, audio, images, or other media you upload for analysis or humanization.
  • Communications: the content of any messages you send to our support team or surveys you complete.

3.2 Information Collected Automatically

  • Device and connection data: IP address, browser type and version, operating system, device identifiers, and time-zone setting.
  • Usage data: pages viewed, features used, referring URLs, click streams, and session duration.
  • Cookies and similar technologies: see Section 9 for details.

3.3 Information from Third Parties

We may receive information from single sign-on providers (e.g. Google, GitHub), payment processors, analytics partners, and publicly available sources, in each case limited to what is necessary to provide the Services.

4. How We Use Your Information

We use personal data for the following purposes:

  • To provide, maintain, secure, and improve the Services.
  • To authenticate users and protect against fraud, abuse, and unauthorized access.
  • To process transactions and send transactional communications.
  • To respond to inquiries and provide customer support.
  • To send service announcements and, with your consent where required, marketing communications.
  • To train and evaluate our detection and humanization models, using only data you have explicitly opted into for this purpose.
  • To comply with legal obligations and enforce our terms.

5. Legal Bases for Processing (EEA, UK, Switzerland)

If you are located in the European Economic Area, the United Kingdom, or Switzerland, our legal bases for processing your personal data are:

  • Contract — processing necessary to deliver the Services you have requested (Art. 6(1)(b) GDPR).
  • Legitimate interests — to secure, improve, and grow our business, balanced against your rights (Art. 6(1)(f)).
  • Consent — for non-essential cookies, marketing, and any model-training opt-in (Art. 6(1)(a)).
  • Legal obligation — to comply with applicable laws, court orders, or regulator requests (Art. 6(1)(c)).

6. How We Share Information

We do not sell your personal information. We share data only in the limited circumstances below, under appropriate contractual safeguards:

  • Service providers who process data on our behalf (hosting, analytics, payment processing, email delivery, customer support).
  • Affiliates and successors in connection with a merger, acquisition, financing, or sale of assets, subject to confidentiality obligations.
  • Legal and safety reasons when required by law, regulation, legal process, or to protect the rights, property, or safety of Ai.Rax, our users, or the public.
  • With your consent or at your direction.

7. International Data Transfers

Personal data may be processed in countries other than the one in which it was collected, including jurisdictions whose data-protection laws differ from yours. When we transfer data out of the EEA, UK, or Switzerland we rely on adequacy decisions where available, or on Standard Contractual Clauses and the UK International Data Transfer Addendum, together with supplementary technical and organizational measures.

8. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes set out in this Policy, comply with legal, accounting, or reporting requirements, and resolve disputes. Content you submit for analysis is, by default, processed in volatile memory and deleted within 30 days unless you choose to save it to your account. When data is no longer required we will securely delete or anonymize it.

9. Cookies and Tracking Technologies

We use cookies and similar technologies to keep you signed in, remember preferences, measure performance, and (with consent where required) deliver relevant marketing. Non-essential cookies are blocked until you actively consent.

You can review or change your choices at any time through the centre, the "Cookie Preferences" link in the website footer, or your browser settings. Withdrawing consent does not affect the lawfulness of processing carried out before the withdrawal.

Categories of cookies used on this website
Category Purpose Consent
Strictly necessary Authentication, security, load balancing.Not required
Functional Language, theme, and interface preferences.Opt-in
Analytics Aggregated usage statistics to improve the Services. Opt-in
Marketing Cross-site advertising and conversion measurement. Opt-in

10. Your Rights

Subject to applicable law, you have the right to:

  • Access the personal data we hold about you.
  • Request correction of inaccurate or incomplete data.
  • Request deletion ("right to be forgotten") of your data.
  • Restrict or object to specific processing activities.
  • Receive a portable copy of your data in a machine-readable format.
  • Withdraw consent at any time without affecting prior lawful processing.
  • Lodge a complaint with your local data-protection authority. EEA users may contact their national supervisory authority; UK users may contact the ICO.

California residents (CCPA / CPRA): you have additional rights to know the categories and specific pieces of personal information collected, to delete or correct personal information, to opt out of "sale" or "sharing" of personal information (we do not sell or share for cross-context behavioural advertising), to limit use of sensitive personal information, and not to be discriminated against for exercising these rights.

To exercise any of these rights, contact us at the address in Section 14. We will verify your identity before responding and will reply within the period required by applicable law (typically 30 days).

11. Children's Privacy

The Services are not directed to children under 16 (or the equivalent minimum age in your jurisdiction, e.g. 13 in the United States under COPPA). We do not knowingly collect personal data from children. If you believe a child has provided personal data to us, please contact us and we will delete it promptly.

12. Security

We implement administrative, technical, and physical safeguards designed to protect personal data, including encryption in transit (TLS 1.3) and at rest (AES-256), role-based access control, least-privilege access, regular vulnerability scanning, third-party penetration testing, and an incident-response programme. No security measure is perfect; if you believe your account or data has been compromised, contact us immediately.

13. Changes to This Policy

We may update this Policy from time to time to reflect changes in our practices, the Services, or the law. We will post the revised version on this page with an updated "Last updated" date and, where the changes are material, provide additional notice (for example, by email or an in-product banner) at least 30 days before the changes take effect.

14. Contact Us

For questions about this Privacy Policy or to exercise your rights, contact us: