Pricing
Log In Start Free

Privacy Policy

Effective date: January 1, 2026

1. Introduction

Rafiki Inc. ("Rafiki AI," "we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website at getrafiki.ai and our AI-powered sales intelligence platform, Rafiki AI (collectively, the "Service").

By accessing or using the Service, you agree to the terms of this Privacy Policy. If you do not agree, please do not use the Service.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Name, email address, company name, job title, and password when you create an account.
  • Payment Information: Billing address and payment card details, processed securely through our third-party payment processor (Stripe). We do not store full credit card numbers on our servers.
  • Meeting Recordings: Audio and video recordings of sales calls and meetings you choose to capture through the Service.
  • Communications: Information you provide when contacting our support team, submitting feedback, or participating in surveys.

2.2 Information Collected Automatically

  • Usage Data: Pages visited, features used, timestamps, click patterns, and session duration.
  • Device Information: Browser type, operating system, device type, screen resolution, and IP address.
  • Cookies and Tracking Technologies: We use cookies, web beacons, and similar technologies to collect usage data and improve the Service.

2.3 Information from Third Parties

  • CRM Integrations: When you connect your CRM (e.g., Salesforce, HubSpot), we access contact and deal data as authorized by your integration settings.
  • Calendar Integrations: Meeting metadata from connected calendar services (Google Calendar, Outlook).
  • Single Sign-On: Basic profile information from identity providers when you use SSO to log in.

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Service, including AI-powered transcription, analysis, and reporting.
  • Process transactions and send related information, including purchase confirmations and invoices.
  • Send transactional communications such as service updates, security alerts, and support messages.
  • Analyze usage patterns to improve user experience and develop new features.
  • Train and improve our AI models using anonymized and aggregated data (never individual recordings without consent).
  • Detect, investigate, and prevent fraudulent transactions and unauthorized access.
  • Comply with legal obligations.

4. Data Storage and Security

Your data is stored on secure cloud infrastructure hosted by leading providers (Google Cloud Platform and Amazon Web Services) with data centers located in the United States.

  • All data is encrypted in transit (TLS 1.2+) and at rest (AES-256).
  • We implement role-based access controls, regular security audits, and penetration testing.
  • Meeting recordings are stored in isolated, encrypted storage buckets accessible only to authorized account users.
  • We retain your data for the duration of your account plus 12 months after deletion, unless a longer retention period is required by law.

5. Third-Party Sharing

We do not sell your personal information. We may share your information with:

  • Service Providers: Third-party vendors who assist in operating the Service (e.g., cloud hosting, payment processing, analytics, customer support tools). These providers are bound by contractual obligations to protect your data.
  • Integrations: Third-party services you connect (CRM, calendar, communication platforms), only as directed by you.
  • Legal Requirements: When required by law, regulation, subpoena, or court order.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, with notice to affected users.

6. Cookies

We use the following types of cookies:

  • Essential Cookies: Required for the Service to function (authentication, security, load balancing).
  • Analytics Cookies: Help us understand how visitors interact with our website (e.g., Google Analytics).
  • Functional Cookies: Remember your preferences and settings.
  • Marketing Cookies: Used to deliver relevant advertisements and track campaign effectiveness. These are only set with your consent.

You can manage cookie preferences through your browser settings. Disabling essential cookies may affect Service functionality.

7. GDPR Compliance

For users in the European Economic Area (EEA), United Kingdom, and Switzerland, we process personal data under the following legal bases:

  • Contract Performance: Processing necessary to provide the Service you requested.
  • Legitimate Interest: Processing for service improvement, security, and fraud prevention, where our interests do not override your rights.
  • Consent: Processing based on your explicit consent (e.g., marketing communications, non-essential cookies).
  • Legal Obligation: Processing necessary to comply with applicable law.

We rely on Standard Contractual Clauses (SCCs) for the transfer of personal data from the EEA to the United States.

8. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you.
  • Rectification: Request correction of inaccurate or incomplete data.
  • Erasure: Request deletion of your personal data, subject to legal retention requirements.
  • Restriction: Request that we limit processing of your data in certain circumstances.
  • Portability: Request your data in a structured, machine-readable format.
  • Objection: Object to processing based on legitimate interest or for direct marketing.
  • Withdraw Consent: Withdraw consent at any time where processing is based on consent.

To exercise these rights, contact us at privacy@getrafiki.ai. We will respond within 30 days.

9. Children's Privacy

The Service is not intended for individuals under the age of 16. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child under 16, we will delete that information promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Effective date" above. For significant changes, we will provide additional notice via email or in-app notification.

11. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us: