1. Who we are

Radd is operated from Kuwait. Contact us at hello@radd.app.

2. What we collect

Anonymous Plausible pageview analytics (no cookies, no PII).
Waitlist signups: email, business name, country, business type, optional WhatsApp number, IP-hash, user-agent, UTM source.
For active tenants: encrypted Meta access tokens, custom greeting audio, owner notify number, availability schedule.
Per call: caller phone number, audio recording, transcript, call metadata.

3. Why

Lawful basis: consent for marketing and analytics, contract performance for service operation.

4. Where data is stored

Fly.io Frankfurt (Germany) for compute, database, and recordings. Cloudflare for DNS, CDN, and bot defense. Meta Platforms for WhatsApp delivery. No third-party AI processors — transcription runs on our infrastructure.

5. Retention

Waitlist: until you ask us to delete.
Call audio: 30 days default, configurable per tenant.
Transcripts: 90 days default, configurable.
Account data: lifetime of the contract + 30 days.

6. Sub-processors

Meta Platforms (WhatsApp Business Calling API + notifications)
Fly.io (hosting, Frankfurt)
Cloudflare (DNS, CDN, Turnstile)
Plausible (anonymous analytics)

7. Your rights

Access, rectification, deletion, portability, withdraw consent, object to processing. Email privacy@radd.app from the address on your account.

8. Cross-border transfers

Data resides in the EU. Standard Contractual Clauses applied where required for GCC residents.

9. Security

TLS 1.3 in transit, Fernet-encrypted credentials at rest, encrypted disk volumes, HMAC-signed Meta webhooks.

10. Cookies

None. Plausible uses no cookies, no fingerprinting, no PII.

11. Children

Service is not intended for users under 16.

12. Updates

Material changes notified by email 30 days before they take effect.

13. Complaints

Saudi SDAIA, UAE Data Office, Bahrain PDPA. Contact us first and we'll work to resolve before escalation.

Privacy Policy