Reethal.CloudStart for Free

Legal

Privacy Policy.

This policy explains what Reethal Cloud stores, what it deliberately avoids storing, and how account, billing, and operational data are handled.

Last updated: May 12, 2026

Zero-Persistence Document Processing

  • Uploaded documents are processed in memory and are not written to disk, object storage, or a database.
  • Model prompts, model responses, extracted field values, and raw LLM responses are not stored after processing completes.
  • Full extraction results are returned only in the immediate synchronous response or delivered to your configured webhook for asynchronous extraction.
  • Completed extraction results are not cached for later retrieval.

Information We Store

  • Account information such as name, email address, authentication method, organization membership, and account status.
  • Billing metadata such as plan, credit balance, payment status, transaction references, subscription status, and invoice-related information from payment providers.
  • Operational metadata such as job ID, status, document type, confidence score, credits used, processing time, timestamps, and error codes.
  • Security metadata such as hashed API keys, session records, refresh token records, audit events, and last-used timestamps.

Information We Do Not Store

  • Uploaded file bytes.
  • Original filenames.
  • Extracted field values from documents.
  • Vision model prompts, raw model responses, or completed extraction payloads.
  • Webhook delivery payloads for extraction results in the MVP.
  • Plain API keys or card details.

Payments

  • Card payments are processed by Paddle, and M-Pesa top-ups are processed by IntaSend.
  • Reethal Cloud does not store full card numbers, CVV values, or bank credentials.
  • Payment providers may process payment details, billing identity, fraud signals, and transaction metadata under their own terms and privacy policies.

AI Providers

  • Documents may be sent to configured vision-capable AI providers only for extraction processing.
  • Reethal Cloud instructs providers to return structured output based on the selected document type and schema.
  • Provider handling may be governed by the provider terms for the configured model and account.

Logs and Analytics

  • We log operational information such as endpoint, timestamp, organization ID, status code, processing time, and error category.
  • We do not intentionally log file contents, extracted field values, API keys, model prompts, or raw model responses.
  • Operational logs may be retained for troubleshooting, security, billing, and abuse prevention.

Cookies and Authentication

  • The dashboard uses authentication cookies, local browser storage, and session state to keep users signed in and synchronize account state.
  • Google OAuth and Google One Tap may be used when users choose Google-based login.
  • Refresh tokens may be rotated and invalidated for security events, logout, password changes, or suspicious activity.

Data Retention

  • Document content has no retention period because it is not persisted.
  • Job metadata may be retained for billing, audit, support, and reliability purposes.
  • Users may request deletion of account and metadata records where legally and operationally possible.

Security

  • API keys are stored as hashes and are shown only once when created.
  • Documents are transmitted over HTTPS and processed through in-memory workflows.
  • Access controls, organization scoping, input validation, and audit logging are used to reduce unauthorized access risk.

Your Responsibilities

  • You are responsible for having the required rights and lawful basis to upload and process documents.
  • You are responsible for protecting API keys, passwords, webhook endpoints, and exported extraction results after they leave Reethal Cloud.
  • You should avoid sending documents that you are not authorized to process.