1. Overview
RateAI, Inc. ("RateAI," "we," "us," or "our") operates the AI safety rating and certification platform at www.rateai.ai. This Privacy Policy describes how we collect, use, disclose, and protect information about you when you use our website, platform, APIs, and related services (collectively, the "Services").
By using the Services, you consent to the data practices described in this policy. If you do not agree, please do not use the Services.
2. Information We Collect
Information You Provide Directly
- Account information: name, email address, organization name, job title, and password when you register
- Model submission data: model identifiers, version numbers, API endpoints, configuration files, and any documentation you provide for evaluation
- Payment information: billing address and payment method details (processed by our payment processor; we do not store full card numbers)
- Communications: messages you send us via email, support forms, or other channels
Information Collected Automatically
- Usage data: pages visited, features used, evaluation requests made, timestamps, and session duration
- Device and technical data: IP address, browser type and version, operating system, referring URLs, and device identifiers
- API logs: request metadata, response codes, and performance metrics when you use our API
- Cookies and similar technologies: as described in our Cookie Policy
Information from Third Parties
We may receive information about you from identity verification services, business information providers, or authentication partners (e.g., if you sign in via an OAuth provider), consistent with their applicable privacy policies.
3. How We Use Information
We use the information we collect to:
- Provide, operate, and improve the Services
- Process and fulfill evaluation requests and issue certifications
- Communicate with you about your account, evaluations, and service updates
- Process payments and prevent fraud
- Monitor for security threats, abuse, and policy violations
- Conduct research and improve our evaluation methodologies (using aggregated, anonymized data)
- Comply with legal obligations and respond to lawful requests
- Send marketing communications where you have opted in (you may opt out at any time)
We do not use your model submission data to train our own AI models or share it with third parties except as described in this policy.
4. Sharing of Information
We do not sell your personal data. We may share information in the following circumstances:
- Service providers: trusted vendors who assist us in operating the platform (e.g., cloud hosting, payment processing, analytics) under strict confidentiality obligations
- Certification verification: if you choose to make your certification publicly verifiable, your organization name, model identifier, rating, and certification date may be accessible via our public verification service
- Legal requirements: when required by law, court order, or to protect the rights, property, or safety of RateAI, our users, or the public
- Business transfers: in connection with a merger, acquisition, or sale of assets, with notice to you as required by law
- With your consent: in any other case with your explicit permission
5. Data Retention
We retain personal data for as long as your account is active or as needed to provide the Services. Evaluation data and certification records are retained for a minimum of seven (7) years to support regulatory and audit requirements.
You may request deletion of your account and associated personal data at any time. Note that we may retain certain data as required by law, for fraud prevention, or to resolve disputes.
6. Security
We implement industry-standard technical and organizational measures to protect your information, including encryption in transit (TLS), encryption at rest, access controls, and regular security assessments. Certification records are stored on a tamper-evident immutable ledger.
No method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security. Please notify us immediately at security@rateai.ai if you suspect a security incident.
7. Cookies & Tracking
We use cookies and similar tracking technologies to operate and improve the Services. Please see our Cookie Policy for full details on the types of cookies we use, their purposes, and how to manage your preferences.
8. Your Rights
Depending on your location, you may have rights regarding your personal data including:
- Access: request a copy of the personal data we hold about you
- Correction: request correction of inaccurate or incomplete data
- Deletion: request deletion of your personal data, subject to legal retention obligations
- Portability: receive your data in a structured, machine-readable format
- Objection: object to processing based on legitimate interests or for direct marketing
- Restriction: request that we restrict processing in certain circumstances
To exercise any of these rights, contact us at privacy@rateai.ai. We will respond within 30 days.
9. EU / GDPR
If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, RateAI processes your personal data under the following legal bases:
- Contract performance: processing necessary to fulfill your evaluation and certification requests
- Legitimate interests: operating and improving our platform, preventing fraud, and ensuring security
- Legal obligation: compliance with applicable laws
- Consent: for marketing communications and non-essential cookies
You have the right to lodge a complaint with your local data protection supervisory authority. For cross-border data transfers, we rely on Standard Contractual Clauses or adequacy decisions as appropriate.
10. California / CCPA
California residents have rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), including the right to know what personal information is collected, the right to delete, and the right to opt out of the sale or sharing of personal information.
RateAI does not sell or share personal information as defined under California law. To exercise your California privacy rights, contact us at privacy@rateai.ai or visit our Do Not Sell/Share page.
11. Children's Privacy
The Services are not directed at children under the age of 16. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a child, please contact us at privacy@rateai.ai and we will promptly delete it.
12. International Transfers
RateAI is based in the United States. If you access the Services from outside the United States, your information may be transferred to, stored, and processed in the United States or other countries where our service providers operate. We ensure appropriate safeguards are in place for such transfers in accordance with applicable law.
13. Changes to This Policy
We may update this Privacy Policy periodically. We will post the revised policy on this page and update the "Last updated" date. For material changes, we will provide additional notice via email or a prominent notice on our platform.
14. Contact
For privacy-related questions, requests, or concerns, please contact our Privacy team:
RateAI, Inc. — Privacy Team
Email: privacy@rateai.ai
Website: www.rateai.ai