Skip to content

Privacy Policy

Last updated: March 1, 2026

1. Introduction

RAUM AI, Inc. ("we", "our", or "us") respects your privacy and is committed to protecting your personal data. This privacy policy will inform you as to how we look after your personal data when you visit our website or use our Zendesk AI integrations, and tells you about your privacy rights and how the law protects you.

2. The Data We Collect

We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:

  • Identity Data includes first name, last name, username or similar identifier.
  • Contact Data includes billing address, email address and telephone numbers.
  • Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting, operating system and platform.
  • Usage Data includes information about how you use our website, products and services.

3. How We Use Your Data

We process your personal data for the following purposes:

  • To provide and maintain the RAUM AI platform and Zendesk integration
  • To process your account registration and manage your subscription
  • To communicate with you about service updates, security alerts, and support
  • To analyze usage patterns and improve our four-step AI pipeline
  • To comply with legal obligations and enforce our terms of service

4. Data Security

RAUM AI automatically masks personally identifiable information (PII) — names, emails, phone numbers, credit card numbers, and similar — before any customer data is sent to a language model. We have put in place appropriate security measures, including AES-256-GCM encryption via AWS KMS and strict data separation between every customer, to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized way, altered, or disclosed.

5. Data Retention

We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. AI-processed ticket data is retained for a maximum of 90 days before automatic purging. Account data is retained for the duration of your subscription and for 30 days following termination to allow for data export.

6. Cookies & Tracking

Our website and platform use the following types of cookies:

  • Essential Cookies Required for platform authentication, session management, and security. These cannot be disabled.
  • Analytics Cookies Help us understand how visitors interact with our website. Data is aggregated and anonymized.
  • Preference Cookies Remember your settings and preferences across sessions (e.g., language, theme).

We do not use advertising cookies or sell your data to third-party advertisers. You can manage your cookie preferences through your browser settings at any time.

7. Third-Party Services

RAUM AI integrates with the following categories of third-party services to deliver our platform:

  • Cloud Infrastructure AWS (hosting, KMS encryption, storage) for secure, scalable service delivery.
  • Cloudflare Services CDN, DDoS protection, traffic proxying, threat detection, and edge caching for this website and APIs. Cloudflare processes visitor IP addresses and request metadata to protect and speed up our services. See Cloudflare's privacy policy at cloudflare.com/privacypolicy.
  • Payment Processing & Reselling (Paddle) Paddle.com acts as our Merchant of Record and payment reseller. Transactional data, payment information, billing address, and email are processed securely by Paddle for subscription management, tax compliance, invoicing, and fraud prevention. We do not store full credit card numbers. See Paddle's privacy policy at paddle.com/legal/privacy.
  • Product Analytics (PostHog) We use PostHog to analyze application usage, track feature interactions, and gather telemetry on our support agent workflows. This helps us optimize our four-step reasoning pipeline. PostHog processes session events, user actions, and non-sensitive metadata. See PostHog's privacy policy at posthog.com/privacy.
  • Web Analytics (Google Analytics) We use Google Analytics 4 (GA4) to analyze website traffic, visitor demographics, search keywords, and user actions on our public website via cookies. GA4 aggregates and anonymizes user metrics. You can manage your cookie preferences or opt-out via browser add-ons. See Google's privacy policy at policies.google.com/privacy.
  • Google Fonts Our website loads typefaces (Syne, DM Sans) from fonts.googleapis.com. This sends your IP address to Google's servers on page load. See Google's privacy policy at policies.google.com/privacy.
  • Zendesk APIs To read and respond to support tickets within your Zendesk workspace.
  • AI Providers (BYOK) OpenAI, Anthropic, or Google Gemini — using your own API keys. Your data flows directly to your chosen provider; we do not proxy through our accounts.

8. International Data Transfers

RAUM AI processes data primarily in AWS data centers located in the United States. If you are located outside the United States, your data may be transferred to and processed in the US. We implement appropriate safeguards for international transfers including Standard Contractual Clauses (SCCs) and ensure that data transfers comply with applicable data protection laws including GDPR Chapter V requirements.

9. Children's Privacy

RAUM AI is a B2B platform designed for professional use by customer support teams. Our Service is not directed at individuals under the age of 16. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal data, please contact us and we will take steps to delete such information promptly.

10. GDPR Compliance (EEA Users)

If you are in the European Economic Area, we process your personal data on the following lawful bases:

  • Contract Performance Processing necessary to deliver the RAUM AI platform as described in your subscription agreement.
  • Legitimate Interest Processing for platform security, fraud prevention, service improvement, and analytics.
  • Consent Where required, such as for optional analytics cookies and marketing communications.
  • Legal Obligation Processing required to comply with applicable laws and regulations.

You have the right to lodge a complaint with your local supervisory authority if you believe your data protection rights have been violated. Our Data Protection contact can be reached at [email protected].

11. CCPA/CPRA Compliance (California Residents)

If you are a California resident, you have the following rights under the California Consumer Privacy Act and California Privacy Rights Act:

  • Right to Know: Request disclosure of the categories and specific pieces of personal information we collect.
  • Right to Delete: Request deletion of your personal information, subject to certain exceptions.
  • Right to Opt-Out: We do not sell or share personal information for cross-context behavioral advertising.
  • Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.
  • Authorized Agent: You may designate an authorized agent to submit requests on your behalf with proper verification.

12. Data Processor Information

When RAUM AI processes customer support ticket data on your behalf, we act as a Data Processor under GDPR (and equivalent frameworks), with your organization as the Data Controller. We process this data solely according to your instructions and configuration. A Data Processing Agreement (DPA) is available upon request for Enterprise plan customers. For all plans, our standard terms include data processing provisions that meet GDPR Article 28 requirements.

13. Your Legal Rights

Under applicable data protection laws, you have rights including:

  • Request access to your personal data
  • Request correction of your personal data
  • Request erasure of your personal data
  • Object to processing of your personal data
  • Request restriction of processing your personal data
  • Request transfer of your personal data (data portability)
  • Withdraw consent at any time where processing is based on consent

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within 30 days.

14. Changes to This Policy

We may update this privacy policy from time to time. For material changes, we will notify you by email (using the address associated with your account) and/or by placing a prominent notice on our website at least 30 days before the changes take effect. Your continued use of the Service after the effective date constitutes acceptance of the updated policy. We encourage you to review this page periodically.

15. Contact Us

If you have any questions about this privacy policy or our privacy practices, please contact us at [email protected].