Legal

Privacy Policy

Last updated: 2026-05-15

This Privacy Policy explains how REDCLIFFE CONTENT PARTNERS LTD (“Redcliffe”, “we”, “us”, “our”) collects, uses, and protects information when you use our compliance intelligence platform at redcliffe.ai and app.redcliffe.ai (the “Service”).

REDCLIFFE CONTENT PARTNERS LTD is a private limited company registered in England and Wales under company number 15880789. Our registered office is 21 Dwyer House, 2 Townmead Road, London, England, SW6 2NZ. For privacy and data-protection matters, contact hello@redcliffe.ai.

Redcliffe is currently in private beta. We are committed to processing only the personal data we genuinely need to deliver and improve the Service, in line with applicable data protection laws including the UK and EU GDPR.

1. Information we collect

Information you provide directly

  • Account data — name, work email, phone number, company, role, and any information you submit via the request-access form.
  • Content you submit — text, documents, URLs, and images you upload for review, composition, or refresh.
  • Project context — brand voice, terminology, and example materials you upload to help the Service draft regulated content.
  • Communications — emails and messages you send to us at hello@redcliffe.ai or support@redcliffe.ai.

Information we collect automatically

  • Usage data such as pages visited, features used, and timestamps.
  • Device and browser metadata (operating system, browser version).
  • Authentication tokens and session cookies used to keep you signed in.

2. How we use your information

  • To provide and operate the Service.
  • To process content you submit through the compliance engine and return findings, generated content, or change logs.
  • To maintain an immutable audit trail of compliance activity.
  • To communicate with you about your account, beta updates, and product changes.
  • To improve the Service, including evaluating model performance, retrieval quality, reliability, and security.
  • To comply with legal obligations and enforce our Terms.

We do not use customer content to train public foundation models, and we do not submit your content to our AI providers as model-improvement feedback unless you explicitly ask us to do so.

3. Legal bases (UK / EU GDPR)

We process personal data on the following legal bases: performance of a contract (to deliver the Service you have requested), legitimate interests (to operate, secure, and improve the Service), consent (where explicitly requested, e.g., marketing emails), and compliance with legal obligations.

4. Sharing and processors

We do not sell your personal data. We share it only with service providers (“processors”) acting on our instructions. These include:

  • Secure cloud infrastructure providers — hosting, database, authentication, content delivery, and file storage.
  • AI service providers — compliance analysis, drafting, retrieval, matching, search, web fetch, and vision features where you use them.
  • Payment processors — payment processing when billing is enabled.
  • Transactional email providers — service emails and account notifications when email delivery is enabled.

Each processor is bound by a written data processing agreement and appropriate safeguards. A category-level summary is available on our Subprocessors page. Named provider details can be made available to customers where required under a data processing agreement, security review, or confidentiality arrangement.

5. International transfers

Some processors are based outside the UK and EEA. Where personal data is transferred internationally we rely on appropriate safeguards, such as the UK International Data Transfer Addendum and EU Standard Contractual Clauses where applicable.

6. Retention

We retain personal data only as long as necessary for the purposes described above, to comply with legal obligations, or to resolve disputes. Audit-trail records associated with compliance reviews may be retained for the lifetime of the related project, and some records may be preserved where needed for security, legal, or dispute-resolution purposes.

7. Your rights

Under UK and EU GDPR you have the right to access, rectify, erase, and port your personal data, to restrict or object to processing, and to withdraw consent at any time. To exercise any of these rights, contact us at hello@redcliffe.ai.

8. Security

We use industry-standard technical and organisational measures to protect personal data, including encryption in transit and at rest, Row-Level Security in our database, and strict access controls. No system is perfectly secure; where required by law, we will notify affected users without undue delay in the event of a personal data breach.

9. Cookies

We use a small number of essential cookies for authentication and access control. See our Cookies notice for details.

10. Changes to this policy

We may update this Privacy Policy from time to time. The “Last updated” date at the top of this page reflects the most recent version. Material changes will be communicated via email or in the Service.

11. Contact

Questions about this Privacy Policy or our data practices can be sent to hello@redcliffe.ai.