Privacy Policy

Effective Date: May 2, 2025
Last Updated: May 2, 2025

1. Introduction

Recursic Ltd (Company No. 16423530) ("Recursic," "we," "us," "our"), is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website recursic.com, use our platform, or engage with any related services (collectively, the "Services").

This Policy applies to information collected through our Services and communications with us. It should be read in conjunction with our Terms of Service. By using our Services, you agree to the collection and use of information in accordance with this policy. If you do not agree with the terms of this privacy policy, please do not access or use the Services.

We comply with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and other relevant data protection laws applicable in the United Kingdom.

2. Information We Collect

We may collect personal information directly from you, automatically through your use of the Services, and sometimes from third parties.

(a) Information You Provide Directly:
  - Account Information: When you register for an account or a free trial, we collect information such as your name, email address, company name, and any other information required for account setup.
  - Payment Information: When you subscribe to a paid plan, our payment processor, PayStack, collects payment details (like credit card number, billing address). Recursic does not directly store your full credit card information. We may receive transaction confirmations and related details from PayStack.
  - User Data: Information, text, documents, or other content you input, upload, or submit while using the Services, particularly the AI Assistants ("User Data"). This includes the prompts you provide and any files you might upload for context (if this feature becomes available).
  - Communications: Information you provide when you contact us for support (support@recursic.com), provide feedback, respond to surveys, or use the contact forms on our website (e.g., your email address submitted via the contact form).

(b) Information We Collect Automatically:
  - Log and Usage Data: When you access the Services, our servers may automatically record information, including your IP address, browser type, operating system, device information, pages visited, time spent on pages, access times and dates, and other statistics related to your usage.
  - Cookies and Similar Technologies: We use cookies (small text files placed on your device) and potentially similar tracking technologies to operate and administer our Services, gather usage data, and improve user experience. We primarily use essential cookies necessary for the site and service functionality (like login sessions). We may use analytics cookies in the future. You can control cookie settings through your browser.

3. How We Use Your Information

We use the information we collect for various purposes, including:
  - To provide, operate, maintain, and improve the Services.
  - To process your transactions and manage your subscriptions (via PayStack).
  - To set up and manage your user account.
  - To respond to your comments, questions, and requests, and provide customer service and support (support@recursic.com).
  - To send you technical notices, updates, security alerts, and administrative messages.
  - To communicate with you about products, services, offers, promotions, and events offered by Recursic (only with your consent where required by law).
  - To monitor and analyze trends, usage, and activities in connection with our Services.
  - To detect, investigate, and prevent fraudulent transactions, unauthorized access, and other illegal activities.
  - To personalize the Services (e.g., remembering preferences).
  - To comply with legal obligations under UK law.
  - Specifically regarding User Data inputted into AI Assistants: We use this data solely to generate the AI response requested during that interaction. As stated in our Terms of Service and on our website, we do not use your specific User Data inputted into the standard Services to train general, publicly accessible AI models. The User Data is processed by the underlying AI models from our API partners (see Section 4) according to strict contractual agreements designed to maintain confidentiality and prevent use for training their general models.

4. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:
  - With Service Providers: We share information with third-party vendors and service providers who perform services on our behalf, such as:
    - Payment processing.
    - Cloud hosting.
    - AI Model API Providers.
  - For Legal Reasons: We may disclose your information if required by law, subpoena, or other legal process, or if we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.

5. Legal Basis for Processing Personal Information (UK GDPR)

Our legal basis for collecting and using the personal information described above will depend on the personal information concerned and the specific context in which we collect it. However, we will normally collect personal information from you only:
  - Where we need the personal information to perform a contract with you (e.g., to provide the Services you subscribed to under our Terms of Service).
  - Where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms (e.g., for security purposes, improving our Services).
  - Where we have your consent to do so (e.g., for marketing communications).
  - Where we have a legal obligation to collect personal information from you.

6. Data Security

We implement reasonable technical and organizational security measures designed to protect the security of any personal information we process. This includes measures outlined on our website regarding data privacy. However, please remember that no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security. You are also responsible for maintaining the security of your account credentials.

7. Data Retention

We retain personal information we collect from you where we have an ongoing legitimate business need to do so (for example, to provide you with a service you have requested or to comply with applicable legal, tax, or accounting requirements).

When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.

8. International Data Transfers

Your information, including personal information and User Data, may be transferred to, stored, and processed in countries other than the United Kingdom, where our servers or third-party service providers (such as cloud hosting or AI API providers, potentially located in the United States or the European Economic Area) operate. These countries may have data protection laws that are different from UK laws.

When we transfer your personal information outside the United Kingdom, we will ensure it is protected in compliance with UK data protection laws (specifically Chapter V of the UK GDPR). We will only transfer personal information to countries that have been deemed to provide an adequate level of protection for personal information by the UK government, or where we have put in place appropriate safeguards. These safeguards may include using specific contract clauses approved by the UK Secretary of State, such as the UK International Data Transfer Agreement (IDTA) or the UK Addendum to the EU Standard Contractual Clauses, potentially supplemented by additional security measures based on transfer risk assessments.

9. Your Data Protection Rights under UK GDPR

As a user in South Africa, you have the following data protection rights:
  - Right to Access: You have the right to request copies of your personal information.
  - Right to Rectification: You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.
  - Right to Erasure (Right to be Forgotten): You have the right to request that we erase your personal information, under certain conditions.
  - Right to Restrict Processing: You have the right to request that we restrict the processing of your personal information, under certain conditions.
  - Right to Object to Processing: You have the right to object to our processing of your personal information, under certain conditions (e.g., for direct marketing).
  - Right to Data Portability: You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.
  - Right to Withdraw Consent: If we relied on your consent to process your personal information, you have the right to withdraw your consent at any time.
  - Right to Lodge a Complaint: You have the right to lodge a complaint with the Information Commissioner's Office (ICO) in the UK if you believe that our processing of your personal information infringes data protection laws.

To exercise any of these rights, please contact us at legal@recursic.com. We will respond to your request in accordance with applicable law.

10. Children's Privacy

Our Services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that a child under 18 has provided us with personal information, we will take steps to delete such information.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. We may also notify you through email or a notice within the Services for material changes. You are advised to review this Privacy Policy periodically for any changes. Changes are effective when they are posted on this page.

12. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

Recursic Ltd
Email: legal@recursic.com
Website: recursic.com