Privacy Policy

Recursive SAS (getrecursive.ai) provides AI-powered revenue intelligence for B2B companies. This policy explains how we collect, use, and protect personal data.

(a) Website visitors

Email address (if submitted via waitlist or contact form). With your consent, we use Google Analytics (page views, anonymized traffic data), PostHog (product analytics, session behavior), and RB2B (visitor identification for marketing, production only).

(b) Customer data (processed on behalf of our customers as a data processor)

• Business contact information (name, email, title, company)
• Activity metadata from connected tools (timestamps, types, participants)
• Order and deal data (amounts, products, dates)
• Derived intelligence (signal scores, risk assessments, recommendations)

We do NOT collect: raw email content, call recordings, passwords, payment card details, health data, or any special category data under GDPR.

Website data: to respond to inquiries and send product updates (with consent).

Customer data: solely to provide revenue intelligence services as described in our service agreement.

• We never use customer data to train AI models.
• We never share customer data with other customers.
• We never sell personal data.

• Website: consent (Art. 6(1)(a)).
• Customer data: performance of contract (Art. 6(1)(b)) and legitimate interest (Art. 6(1)(f)).
• Data processing on behalf of customers: as processor under a Data Processing Agreement.

• Website inquiries: 24 months from last interaction.
• Customer data: duration of service agreement plus 30 days for deletion.
• Derived and aggregated intelligence (anonymized, no PII): retained indefinitely for product improvement.

You have the right to: access, rectification, erasure, restriction, portability, and objection.

Contact: privacy@getrecursive.ai

Response within 30 days.

You may also lodge a complaint with your supervisory authority (CNIL for France).

AES-256 encryption at rest, TLS 1.3 in transit, per-customer tenant isolation, role-based access control, audit logging, 24-hour breach notification.

See the Subprocessor Registry below. We notify customers 30 days before engaging new sub-processors.

All data processed within the EU/EEA. LLM API calls use anonymized context only — no personal data is transmitted to model providers.

We will notify registered users of material changes 30 days in advance.

Contact: privacy@getrecursive.ai

When you visit or log in to our website, cookies and similar technologies may be used by our online data partners or vendors to associate these activities with other personal information they or others have about you, including by association with your email or home address. We (or service providers on our behalf) may then send communications and marketing to these email or home addresses. You may opt out of receiving this advertising by visiting https://app.retention.com/optout.