Redactli

Privacy Policy

Your privacy is our foundation. Learn how we handle your data with transparency and respect.

Last Updated: December 2025

Our Privacy-First Architecture

Redactli is designed with privacy at its foundation

Core Principle

Your uploaded data files are processed in real-time and are never stored on our servers. This isn't just a policy—it's built into our architecture.

What We DO Store

  • • Account information (email, name)
  • • Usage metrics (file counts, row counts)
  • • Subscription and billing status
  • • Encryption keys (for reversible anonymization)
  • • Authentication tokens

What We DON'T Store

  • • Your uploaded files
  • • The contents of your data
  • • Processed/anonymized results
  • • Column names or headers
  • • Any personal data from your files

Information We Collect

Information You Provide

Account Information: When you create an account, we collect your email address, name, and password (stored in hashed form).

Payment Information: Payment details are collected and processed by Stripe. We do not store your full credit card number.

Communications: If you contact us for support, we retain correspondence to assist you.

Information Collected Automatically

Usage Data: We collect anonymized usage statistics including number of files processed, row counts, and feature usage.

Device Information: Browser type, operating system, and device information for compatibility and security.

Cookies: We use essential cookies for authentication and session management. See our Cookie Policy.

How We Use Your Information

We use the information we collect for:

Service Provision: To provide, maintain, and improve our anonymization service

Account Management: To create and manage your account, process payments, and communicate with you

Security: To protect against fraud, unauthorized access, and other security threats

Legal Compliance: To comply with applicable laws and regulations

Service Improvement: To analyze usage patterns (using only anonymized, aggregated data)

Our Role as Data Processor

When you use Redactli to anonymize data, you (or your organization) are the Data Controller, and we act as your Data Processor. This means:

  • • You determine what data to process and why
  • • We process data only according to your instructions (to anonymize selected columns)
  • • We implement appropriate security measures
  • • We do not use your data for any purpose other than providing our service
  • • We delete your data immediately after processing (real-time, no retention)

Enterprise and business customers may request a formal Data Processing Agreement (DPA). Contact us at privacy@datashield.io

Your Privacy Rights

Depending on your location, you may have the following rights:

GDPR Rights (EU/UK)

  • Right of Access - Request a copy of personal data we hold about you
  • Right to Rectification - Request correction of inaccurate personal data
  • Right to Erasure - Request deletion of your personal data
  • Right to Data Portability - Request your data in a machine-readable format
  • Right to Object - Object to processing based on legitimate interests

CCPA/CPRA Rights (California)

  • Right to Know - Information about data collection and use
  • Right to Delete - Request deletion of personal information
  • Right to Opt-Out - We do not sell or share personal information
  • Right to Non-Discrimination - No discrimination for exercising your rights

Australian Privacy Act

  • Right to access your personal information
  • Right to request correction of inaccurate information
  • Right to complain to the Office of the Australian Information Commissioner (OAIC)

Exercising Your Rights

To exercise any of these rights, contact us at privacy@datashield.io. We will respond within the timeframes required by applicable law.

Security Measures

Encryption

  • • TLS 1.3 encryption for all data in transit
  • • AES-256 encryption for data at rest
  • • Secure key management using Supabase Vault with HSM protection

Privacy Protections

  • • No persistent storage of processing data
  • • Request body logging disabled
  • • Role-based access controls
  • • Regular security assessments

Contact Us

If you have questions about this Privacy Policy or wish to exercise your privacy rights:

Email

privacy@datashield.io

For EU/UK residents, you may also contact your local data protection authority.

For Australian residents, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.