Rearden Labs Privacy Policy

Effective Date: December 23, 2025  |  Last Updated: December 23, 2025

Rearden Labs ("we," "our," or "us") operates manufacturing intelligence software and services, including PRISM AI. This Privacy Policy describes how we collect, use, and protect your information when you use our services.

1. Information We Collect

1.1 Account Information

When you create an account, we collect:

• Email address (used for authentication via magic link)
• Account creation date
• Last sign-in date

1.2 Subscription and Usage Data

We track:

• Your subscription tier and status
• Monthly usage counts (number of scans, code generations, training uploads)
• Upgrade requests

1.3 Training Data (Optional)

If you voluntarily contribute training data to improve our AI:

• Part metadata (part numbers, materials, machine models)
• G-code content
• Extracted feature data (dimensions, tolerances)

1.4 Standard Web Data

Like most services, we may collect:

• Browser type and version
• Access times
• Error logs

2. Blueprint and Document Handling

2.1 Client-Side Processing

Your original blueprints and technical drawings are never uploaded to our servers.

When you upload a document to our services:

1. The file is loaded directly into your web browser's memory
2. All viewing and processing occurs locally on your device
3. The original file remains on your device and is never transmitted

2.2 Redaction Process

Our software includes an automatic redaction feature to protect sensitive information:

1. Detection: When enabled, the system scans for potentially sensitive content (company names, addresses, contact information)
2. Local Processing: All detection and redaction occurs entirely within your browser
3. Permanent Redaction: When you apply redaction, the system creates a NEW image with black rectangles permanently covering selected areas
4. Original Preserved Locally: Your original file remains untouched on your device

2.3 AI Analysis

When you use AI-powered features:

• Only the redacted version of your document is sent to our AI service
• The original, unredacted document is never transmitted
• Image data is sent via encrypted HTTPS connection
• We do not store the images after analysis is complete

2.4 What We Do NOT Collect

• Original blueprint files
• Unredacted document images
• CAD file contents (beyond extracted metadata)
• Proprietary design information (if redacted)

3. Third-Party Services

3.1 AI Services

We use third-party AI services for document analysis. When you perform feature extraction:

• The redacted image is sent to our AI provider's API
• The AI provider's privacy policy applies to their processing
• We select AI providers with strong privacy and security practices

Your API Key Option: You may use your own API key, in which case your requests go directly to the AI provider under your own account.

3.2 Infrastructure

We use industry-standard cloud infrastructure for user authentication, storing account and subscription data, and usage tracking. All data is encrypted at rest and in transit.

3.3 Stripe (Payment Processing)

We use Stripe to process payments. When you subscribe:

• Your payment information is sent directly to Stripe
• We do not store credit card numbers
• Stripe's privacy policy applies to payment processing

3.4 Hosting

Our applications are hosted on industry-standard cloud infrastructure. Standard server logs may be collected.

4. Data Storage and Security

4.1 What Is Stored

Data Type	Storage Location	Retention
Account info	Encrypted database	Until account deletion
Usage counts	Encrypted database	12 months rolling
Training data	Encrypted database	Until you delete it
Original blueprints	Not stored	N/A
Redacted images	Not stored	N/A

4.2 Security Measures

• All data transmission uses TLS/HTTPS encryption
• Database access is protected by Row Level Security (RLS)
• API endpoints require authentication tokens
• Admin access is restricted to whitelisted accounts
• Passwords are not stored (magic link authentication)

4.3 Data Retention

• Account data: Retained until you request deletion
• Usage data: Retained for 12 months for billing purposes
• Training contributions: Retained until you delete them
• Blueprint images: Not retained (processed in memory only)

5. Your Rights and Choices

5.1 Access and Export

You may request a copy of your account data by contacting us.

5.2 Deletion

You may request deletion of your account and associated data. Contact us at info@reardenlabs.ai.

5.3 Redaction Control

• You control what information is redacted before AI processing
• You can skip redaction entirely if you choose
• You can manually draw additional redaction regions

5.4 Training Data

• Contributing training data is entirely optional
• You can delete your training contributions at any time
• You retain ownership of your contributed data

6. Children's Privacy

Our services are business-to-business products intended for manufacturing professionals. We do not knowingly collect information from children under 16.

7. International Data Transfers

Our services are hosted in the United States. If you access our services from outside the US, your information may be transferred to and processed in the US.

8. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes by posting the updated policy on our website, updating the "Last Updated" date, and notifying you via email for significant changes.

9. Contact Us

For privacy-related questions or requests:

Rearden Labs
Email: info@reardenlabs.ai
Website: reardenlabs.ai

Summary: Your Blueprint Security

Stage	What Happens	Data Leaves Your Device?
Upload	File loaded into browser memory	❌ No
Viewing	Rendered locally in browser	❌ No
Redaction	New image created with black boxes	❌ No
AI Analysis	Redacted image sent to AI	✅ Redacted only
Storage	Image discarded after analysis	❌ Not stored

This policy is effective as of December 23, 2025.