Privacy Policy

1. Scope of This Policy

This Policy applies to:

• Visitors to our website
• Prospective clients
• Clients and their representatives
• Contractors and service providers
• Individuals whose information we process in connection with providing services

This Policy does not apply to third-party platforms or services that we do not control.

2. Categories of Information We Collect

A. Personal Information

• Full name
• Email address
• Phone number
• Company name
• Job title
• Billing and payment information
• Mailing address
• Account login credentials (if applicable)

B. Business and Marketing Data

• Website URLs
• Advertising account data
• Analytics and campaign performance metrics
• Lead and conversion data
• Publicly available brand information
• CRM and pipeline data provided by clients

C. Technical and Usage Data

• IP address
• Device type and operating system
• Browser type
• Referring URLs
• Website interaction data
• Cookies and tracking technologies
• Log data and timestamps

D. Sensitive Data

We do not intentionally collect sensitive personal data (such as health, biometric, or government identification data) unless explicitly required for lawful business purposes and agreed upon in writing.

3. Legal Bases for Processing (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or similar jurisdictions, we process personal data under the following lawful bases:

• Performance of a contract
• Legitimate business interests
• Compliance with legal obligations
• Consent (where required)

4. How We Use Information

We use personal data to:

• Provide AI Engine Optimization (AEO) services
• Deliver digital marketing and advertising services
• Optimize AI search visibility strategies
• Communicate with clients and prospects
• Process payments and invoices
• Improve services and website functionality
• Conduct analytics and performance reporting
• Comply with legal and regulatory obligations
• Prevent fraud and maintain security

We do not sell personal information.

5. AI and Data Processing Practices

In providing AEO and AI-related services:

• We may analyze publicly available information for optimization purposes.
• Client-provided data is processed strictly to deliver contracted services.
• We do not use confidential client data to train public AI models.
• Proprietary client data remains the property of the client.
• Any internal model improvements rely on anonymized and aggregated data only.

6. Data Sharing and Disclosure

We may share data with:

• Cloud hosting providers
• Payment processors
• Advertising platforms (e.g., Google, Meta)
• Analytics and CRM providers
• Professional advisors (legal, accounting)
• Contractors bound by confidentiality obligations

We only share data as necessary and require service providers to implement appropriate safeguards.

We may disclose information if required by law, court order, or regulatory authority.

7. International Data Transfers

If personal data is transferred outside of your jurisdiction, including outside the EEA or UK, we implement appropriate safeguards such as:

• Standard Contractual Clauses (SCCs)
• Contractual data protection agreements
• Other lawful transfer mechanisms

8. Data Security

We implement reasonable administrative, technical, and organizational safeguards including:

• Encrypted data transmission (HTTPS)
• Access controls and role-based permissions
• Secure cloud storage providers
• Confidentiality agreements

No system can guarantee absolute security.

9. Data Retention

We retain data only as long as necessary to:

• Fulfill contractual obligations
• Comply with legal requirements
• Resolve disputes
• Enforce agreements

Retention periods vary based on data type and legal requirements.

10. Your Privacy Rights

A. GDPR Rights (EEA/UK Residents)

You may have the right to:

• Access your personal data
• Correct inaccurate data
• Request deletion
• Restrict processing
• Object to processing
• Data portability
• Withdraw consent

You may lodge a complaint with your local data protection authority.

B. CCPA/CPRA Rights (California Residents)

You may have the right to:

• Know what personal information we collect
• Request deletion of personal information
• Request correction
• Opt out of sale or sharing (we do not sell data)
• Non-discrimination for exercising rights

To exercise rights, email: contact@rhemicai.com

We may verify your identity before processing requests.

11. Cookies and Tracking Technologies

We use cookies and similar technologies for:

• Website functionality
• Analytics and performance tracking
• Advertising measurement

Users may manage cookie preferences through browser settings or consent banners.

12. Do Not Track Signals

Our website does not currently respond to "Do Not Track" browser signals.

13. Children's Privacy

Our services are not directed to individuals under 18. We do not knowingly collect personal information from minors.

14. Data Processing Addendum (DPA)

Where required, we enter into Data Processing Agreements with clients outlining:

• Roles of controller and processor
• Security measures
• Subprocessor disclosures
• Data breach notification procedures
• Data subject rights assistance

Clients may request a formal DPA for enterprise engagements.

15. Data Breach Notification

In the event of a data breach affecting personal information, we will notify affected parties and regulators as required by applicable law.

16. Changes to This Policy

We may update this Privacy Policy from time to time. Updates will be posted with a revised Effective Date.

17. Contact Information