Privacy Policy

1. Controller

Rapid Ventures AI, Pelt, Belgium. contact@rapidventuresai.com.

2. What we collect

• The PDF you upload (stored 24h, then deleted)
• The extracted text and generated report (stored 30 days for your re-download link, then deleted)
• Order metadata: time, filename, size, sha256 hash, language choice, Stripe session/payment intent IDs, your email if Stripe shares it at checkout (kept 2 years for VAT/accounting)
• Standard HTTP request logs (IP, user agent) kept 14 days
• One functional cookie for language preference (no tracking, no analytics)

3. Legal basis

Contract performance (GDPR Art. 6(1)(b)) for your analysis; legal obligation (VAT) for order metadata; legitimate interest for short-lived HTTP logs.

4. Subprocessors

• Anthropic PBC (US) — LLM analysis, under Anthropic DPA with EU SCCs
• Stripe Payments Europe — payment processing, EU-established
• Hetzner / German hosting — servers in Germany
• Groq (US) — fallback LLM provider, under DPA with SCCs

5. Your rights

Access, rectification, erasure, portability, objection — email contact@rapidventuresai.com with your order ID. Complaints: Belgian Data Protection Authority (gegevensbeschermingsautoriteit.be).

6. Retention summary

PDF: 24h · Report JSON: 30 days · Order metadata: 2 years · HTTP logs: 14 days.