Rita Privacy Policy

Last Updated Date March 1, 2025

This Privacy Policy (hereinafter referred to as “this Policy”) applies to the collection, use, disclosure, and protection of your personal data (or similar terms as defined in applicable data protection laws, hereinafter referred to as “Personal Data”) by Rita.ai in the course of providing its applications, websites, software, and related services (collectively, the “Services”). This Policy applies to all Services that link to or reference this Policy, and aims to explain how we handle your Personal Data and ensure its security.
The Services are provided and controlled by the operating entity of Rita.ai. If you have any questions about how we use your Personal Data, please contact us at [email protected].

We collect your Personal Data through the following methods, including information you actively provide, information we automatically collect, and information obtained from third-party sources:
1. Personal Data You Provide
When you create an account, use our Services, or communicate with us, you may provide us with Personal Data, including:
• Account Information: Such as your name, email address, phone number, date of birth, account credentials (e.g., username, password), payment information, and transaction records.
• User Content: Content you upload or generate when using the Services, such as input prompts, uploaded files, images, audio, or other data, depending on the features you use.
• Communication Information: When you communicate with us via email, social media, or other channels, you may provide your name, contact information, and communication content.
• Other Information You Provide: Such as information you provide when participating in our surveys, marketing activities, or in situations requiring identity verification, age confirmation, etc.
2. Personal Data We Automatically Collect
When you access or use our Services, we automatically collect certain technical information, including:
• Log Data: Such as your IP address, browser type and settings, access date and time, pages you visit, and how you interact with the Services.
• Usage Data: Such as the features you use, the type of content you view or interact with, actions performed, time zone and country (or region), user agent and version, device type, and other information about your interaction with the Services.
• Device Information: Such as device name, operating system, device identifiers, browser type used, etc. Specific information may depend on the device and settings you use.
• Location Information: We may estimate the approximate location of your device based on information such as IP address, for security protection (e.g., detecting abnormal logins) and improving service experience. Some features may also require you to choose to provide more precise location information (e.g., GPS positioning).
• Cookies and Similar Technologies: We use Cookies and similar technologies to operate and manage the Services and improve your user experience. If you visit without creating an account, we may also use Cookies to save your preferences.
3. Information We Obtain from Third Parties
We may also obtain your Personal Data from trusted third-party sources, including:
• Account information provided by third-party login services (e.g., Apple, Google) to facilitate your quick registration and login.
• Anti-fraud, anti-abuse, and other security-related information provided by our security partners, used to protect the security and integrity of the Services.
• Potential customer information provided by public sources or marketing partners, used for legitimate marketing and business development.

We use your Personal Data to operate, provide, develop, and improve our Services, specifically for the following purposes and based on the lawful bases of contract, legitimate interests, consent, or legal obligation, as applicable：
- Creating and maintaining accounts, providing personalized services and support;
- Improving product experience and features, and, where permitted by law and your settings or agreements, training and improving our models and algorithms;
- Communicating with you, including sending service-related notifications, customer support, and updates;
- Maintaining service security and stability, including preventing fraud, illegal activities, conducting test analysis, etc.;
- Complying with legal obligations and responding to emergencies. We do not use your Personal Data for solely automated decision-making that produces legal or similarly significant effects, unless required by law with appropriate safeguards.
We will not use your Personal Data to build automated decision-making models with legal or significant impact.

1. Service Providers: To support the operation, maintenance, security, and improvement of the Services, we may share your Personal Data with third-party vendors (such as hosting, technical support, payment, analytics, and other service providers), and will only process it to the extent necessary.
2. Corporate Affiliates: To support internal business purposes such as product development, infrastructure, storage, and customer support, we may share your Personal Data among Rita.ai's affiliated companies.
3. Legal and Compliance Requirements: We may disclose your Personal Data in accordance with the law to fulfill legal obligations, enforce or protect our legitimate rights and interests, prevent or investigate fraud and security risks, or respond to legitimate requests from law enforcement agencies or government authorities.
4. Corporate Transactions: In the event of a merger, reorganization, asset transfer, or similar transaction, we may share or transfer your Personal Data during due diligence and execution related to the transaction.
5. With Your Consent or Instruction: If you log in through a third-party platform or share information with other users or third parties, we will share relevant Personal Data within the scope of your authorization or consent. We are not responsible for the content and privacy practices of third-party websites or platforms. Please read their privacy policies carefully before use.

Depending on the laws of your region, you may have the following rights:
- Right to Information: To know whether and how we process your data;
- Right of Access: To obtain a copy of your Personal Data we hold;
- Right to Rectification: To request correction of inaccurate data;
- Right to Erasure: To request deletion of your data we hold;
- Right to Data Portability: To receive and transfer your data in a readable format;
- Right to Object to Processing: To object to our processing of your information based on “legitimate interests.”
To exercise the above rights, please contact us at [email protected]. We may ask you to provide additional information to confirm your identity.

You can control some data through account settings, such as managing or deleting chat history.
If you delete your account, all content and data associated with that account will be permanently deleted and cannot be recovered.
We recommend that you do not rely entirely on the accuracy of model-generated content. If you find inaccurate information involving you, you can contact [email protected] to request correction, and we will process it within the scope permitted by law.

We have implemented reasonable technical, administrative, and physical measures to protect your Personal Data from unauthorized access, disclosure, alteration, or loss. These measures include access control, encryption, authentication, internal security audits, etc., to minimize potential risks.
We continuously optimize our security mechanisms and regularly update and improve security measures to address potential security threats and technological advancements. However, despite our reasonable efforts, please understand that no information transmitted over the internet or stored electronically can be guaranteed to be 100% secure.
In the event of a security incident that may affect the security of your Personal Data, we will promptly inform you and relevant regulatory authorities as required by applicable law, and take necessary remedial measures.

We will retain your Personal Data for the period necessary to provide you with services or fulfill other legitimate business purposes (such as fulfilling legal obligations, resolving disputes, ensuring security). The specific retention period will depend on various factors, including:
• The specific purpose for which we process the data, and whether it is still necessary to provide services to you;
• The nature, quantity, and sensitivity of the data;
• The potential risks of unauthorized access to or disclosure of the data;
• Legal, regulatory, or compliance requirements we must adhere to. When your Personal Data is no longer needed, we will securely delete, destroy, or anonymize it in accordance with applicable law.

To support global operations, we and our partners may transfer, store, and process your Personal Data globally (including the EU, UK, and US). Where Personal Data is transferred to countries that are not recognized as providing an adequate level of protection, we implement appropriate safeguards such as the EU Standard Contractual Clauses (SCCs), the UK International Data Transfer Agreement (IDTA) or Addendum, and, where applicable, participation in recognized adequacy frameworks (e.g., the EU–US Data Privacy Framework). Transfer impact assessments and copies of relevant safeguards are available upon request.
If required by applicable law, we will use legal mechanisms such as standard contractual clauses for cross-border data transfers to ensure appropriate protection.

Our Services are not directed to children under the age of 13 (or under 16 where required by the laws of your country/region, such as in the EEA and UK). We do not knowingly collect Personal Data from such children. If we learn that we have inadvertently collected Personal Data from a child without appropriate consent, we will promptly delete it in accordance with applicable law. Parents or legal guardians who believe their child has provided us with Personal Data may contact us at [email protected] to request review or deletion.

We may update this Privacy Policy from time to time in accordance with legal requirements, and will reflect changes by updating the “Last Updated Date” at the top of the new version of the Privacy Policy. We recommend that you review the Privacy Policy each time you access our Services to stay informed about our privacy practices.

If this Privacy Policy is translated into any other language, and there is any inconsistency or conflict between the English version and the translated version of this Privacy Policy, the English version shall prevail.

If you have any questions, comments, or complaints about this Privacy Policy, please send an email to [email protected], or contact us through the “Contact Us” page on our official website.

We use cookies and similar technologies to operate the Services, improve performance, analyze usage, and ensure account security. Essential cookies are always active and necessary for the Services, while non-essential cookies (such as analytics or personalization) are used only with your consent where required by law. You can manage or withdraw your consent at any time through our cookie banner, preference tool, or browser settings, and your choices will not affect essential cookies.

If you are located in the EU, UK, or California and have questions about our privacy practices, you can continue to contact us at [email protected]. We will carefully handle your requests in accordance with applicable law.

Our Services may involve content generated by artificial intelligence models. Such output may be generated based on statistical predictions and cannot guarantee factual accuracy. Please exercise your own judgment regarding the reasonableness and risks of such content before making decisions based on it.

This Policy applies to all Services accessed through the Rita.ai website and applications. If a specific product or service has a separate privacy policy, that policy shall prevail.