Privacy Policy

Last updated: December 7, 2025

This Privacy Policy explains how Flying Raccoon Private Limited ("Raccoon AI," "we," "us," or "our"), a company incorporated in Karnataka, India, handles personal information when you use our AI agent platform, deployed applications, APIs, and related services (collectively, the "Services").

Our Services include AI task execution, third-party connectors, sandbox computing environments, application deployment, team workspaces, API access, multi-agent workflows, and other features that may be introduced over time.

By accessing or using our Services, you acknowledge that you have read and understood this Privacy Policy.

1. Scope and Definitions

1.1 Who This Policy Applies To

This Policy applies to:

  • Users: Individuals who create accounts and use our Services directly
  • Team Members: Individuals who access Services through an organization's Team Plan

1.2 Key Definitions

  • "Input" refers to task instructions, prompts, files, and data you provide to our Services
  • "Output" refers to content, files, code, and results generated by our AI agent
  • "Deployed Applications" refers to websites and applications created through our Services and hosted on our infrastructure
  • "Connectors" refers to third-party services you connect to your account via OAuth or API credentials
  • "Sandbox" refers to the isolated computing environment where tasks execute

2. Information We Collect

2.1 Information You Provide Directly

Account Information:

  • Name, email address, and authentication credentials
  • Organization name and role (for Team Plans)
  • Profile preferences and settings

Task and Interaction Data:

  • Instructions, prompts, and queries you submit to our AI agent
  • Files you upload, create, or modify through the Services
  • Code, scripts, and commands you execute
  • Feedback, ratings, and reports you submit

Payment Information:

  • Billing details are collected and processed by our payment provider, Lemon Squeezy, which acts as the merchant of record. We receive transaction confirmations, subscription status, and invoice records but do not store payment card details.

Communications:

  • Correspondence when you contact support or provide feedback
  • Referral program participation data

2.2 Information from Connected Services

When you authorize Connectors, we may access data from third-party services including but not limited to:

  • Email services: Message content, metadata, attachments (when you instruct our agent to access them)
  • Calendar services: Events, attendees, schedules
  • File storage services: Documents, folders, metadata
  • Code repositories: Repository content, issues, pull requests
  • Other services: Data necessary to perform tasks you request

We access Connector data only when you explicitly instruct our agent to do so. We store OAuth tokens and refresh tokens to maintain your connections. Connector data is processed in real-time and is not permanently stored on our servers unless explicitly saved by you.

2.3 Information Collected Automatically

Usage and Analytics Data:

  • Feature usage, click patterns, and navigation paths
  • Task execution logs, tool invocations, and system events
  • Session duration and interaction timestamps
  • Error logs and performance metrics

Analytics: We use analytics services to understand how users interact with our platform. This may include tracking page views, feature usage, and user flows. You may contact us to adjust your analytics preferences.

Technical Information:

  • IP address and approximate geographic location (city/region)
  • Browser type, version, and language settings
  • Device type, operating system, and screen resolution
  • Referring URLs and search terms

Cookies and Tracking Technologies: We use cookies, local storage, and similar technologies to:

  • Maintain your authenticated session
  • Remember your preferences and settings
  • Analyze usage patterns and service performance
  • Prevent fraud and enhance security

2.4 Information Related to Deployed Applications

When you deploy applications through our Services:

  • Deployment Metadata: Application URLs, domain configurations, deployment timestamps, server configurations
  • Resource Usage: Compute time, memory consumption, bandwidth usage
  • Sandbox States: Backup images that enable application restoration

Important: We do not collect, access, or monitor data that visitors submit to your Deployed Applications. You, as the application creator, are solely responsible for the privacy practices of your Deployed Applications and any data collected from your application's visitors.

2.5 Information for Team Plans

For organizations using Team Plans:

  • Team membership and role assignments
  • Workspace activity and resource allocation
  • Usage metrics aggregated at team level

Team administrators may have visibility into team members' usage in accordance with their organization's policies.

3. How We Use Your Information

3.1 Service Delivery

  • Execute tasks and generate Output based on your Input
  • Maintain your account, process subscriptions, and handle billing
  • Provide customer support and respond to inquiries
  • Send transactional communications (confirmations, alerts, updates)
  • Enable Connectors and process data from connected services
  • Deploy, host, and maintain your Deployed Applications

3.2 Service Improvement and Development

  • Analyze usage patterns to enhance features and performance
  • Identify and fix bugs, errors, and technical issues
  • Develop new capabilities and features
  • Conduct internal research and analysis

3.3 AI System Improvement

We may use Input, Output, and interaction data to improve our AI planning and reasoning capabilities. This includes:

  • Training and fine-tuning our proprietary systems
  • Evaluating output quality and accuracy
  • Developing new AI features

Opt-Out: You may opt out of having your data used for AI improvement by emailing team@raccoonai.tech or adjusting your account settings. Opt-out does not apply to:

  • Content you explicitly submit as feedback
  • Content flagged for safety or policy review
  • Data necessary for abuse prevention and security

3.4 Safety and Compliance

  • Detect, prevent, and respond to fraud, abuse, and security threats
  • Enforce our Terms of Use and acceptable use policies
  • Comply with legal obligations and respond to lawful requests
  • Protect rights, property, and safety of users and third parties

3.5 Communications

  • Send service-related notifications (required for service operation)
  • Send marketing communications
  • Notify you of policy changes and important updates

4. How We Share Your Information

4.1 Service Providers and Partners

We engage third-party companies to help operate our Services:

AI and Machine Learning Providers: We transmit Input and relevant context to various artificial intelligence providers to generate Output. These providers process data according to their respective terms and privacy policies. We may change providers or use multiple providers without prior notice.

Infrastructure and Hosting: Cloud computing, sandbox execution, database hosting, and content delivery services.

Payment Processing: Lemon Squeezy (https://lemonsqueezy.com/) processes all payments as merchant of record. They handle payment card data, tax collection, refunds, and chargebacks according to their Privacy Policy and Terms of Service.

Analytics and Monitoring: Services that help us understand usage patterns, track errors, and improve performance.

Communication Services: Email delivery, notification services, and support tools.

4.2 Connector Providers

When you connect Connectors, data flows between our Services and the third-party provider according to your instructions and the permissions you grant. We act as an intermediary; each provider's privacy policy governs their handling of your data.

4.3 Team Plan Administrators

If you use Services through a Team Plan, your organization's administrators may access:

  • Your account status and role within the team
  • Aggregated usage metrics and resource consumption
  • Content created within the team workspace (subject to team settings)

4.4 Legal Requirements

In limited circumstances, we may be required to disclose information:

  • When required by valid legal process (such as a court order, subpoena, or search warrant)
  • To comply with applicable laws where we have a good-faith belief that disclosure is necessary
  • To protect the safety of any person or to prevent illegal activity
  • To protect our legal rights in the context of litigation

We will attempt to notify you of legal demands for your information when legally permitted, unless doing so would be futile, ineffective, or would create a risk of harm.

4.5 Business Transactions

If we undergo a merger, acquisition, reorganization, or sale of assets, your information may be transferred. We will notify you of any change in ownership or control and any choices you may have.

4.6 Aggregated and De-identified Data

We may create, use, and share aggregated or de-identified data that cannot reasonably identify you. This data may be used for research, analytics, benchmarking, and public reporting.

5. Deployed Applications and Third-Party Data

5.1 Your Role as Application Creator

When you create and deploy applications through our Services, you act as the data controller for any information collected through those applications. This includes:

  • Data submitted by visitors to your applications
  • Analytics or tracking you implement in your applications
  • User accounts or authentication you configure

Your Responsibilities:

  • Provide appropriate privacy notices to your application visitors
  • Obtain necessary consents for data collection
  • Handle data subject requests from your application visitors
  • Comply with applicable data protection laws

5.2 Our Role as Infrastructure Provider

For Deployed Applications, we act solely as an infrastructure provider. We:

  • Host and serve your application code and assets
  • Provide the computing environment for your application
  • Do not access, monitor, or process data within your applications except as necessary for hosting

We are not responsible for the content, functionality, or data practices of your Deployed Applications.

6. Data Retention

We retain information based on the following schedule:

Data TypeRetention Period
Account InformationUntil account deletion
Task Execution Logs1 year from creation
Sandbox Files and Snapshots30 days (Free tier) / 90 days (Paid tiers) after last access
Connector TokensUntil you disconnect the Connector
Session HistoryUntil you delete or account closure
Billing Records7 years (required by Indian tax law)
Analytics Data2 years
Security Logs1 year

After retention periods expire, data is deleted or anonymized. Some information may be retained longer if required by law or necessary for legitimate business purposes (e.g., resolving disputes, enforcing agreements).

Account Deletion: You may delete your account at any time. Upon deletion, we will remove or anonymize your personal information within 30 days, except where retention is required by law or necessary for legitimate purposes.

7. Data Security

We implement technical and organizational measures designed to protect your information:

Technical Safeguards:

  • Encryption of data in transit using TLS (Transport Layer Security)
  • Encryption of data at rest using industry-standard encryption
  • Isolated sandbox environments for task execution with resource limits and network restrictions
  • Regular security assessments

Organizational Safeguards:

  • Role-based access controls for our personnel
  • Authentication requirements for administrative access
  • Incident response procedures

Infrastructure Security:

  • Hosting on reputable cloud infrastructure providers
  • Network security controls and monitoring
  • Automated alerting for security anomalies

Despite these measures, no method of transmission over the Internet or electronic storage is completely secure. We cannot guarantee absolute security of your information. You are responsible for maintaining the confidentiality of your account credentials and for any activity under your account.

8. International Data Transfers

We are headquartered in India and use service providers located in various countries including the United States. Your information may be transferred to and processed in countries with different data protection laws than your country of residence.

When we transfer data internationally, we implement appropriate safeguards:

  • Standard Contractual Clauses approved by relevant authorities
  • Data processing agreements with service providers
  • Technical measures to protect data during transfer

9. Your Rights and Choices

9.1 Access and Control

Depending on your location and applicable law, you may have the right to:

  • Access: Request a copy of personal information we hold about you
  • Correction: Request correction of inaccurate or incomplete information
  • Deletion: Request deletion of your personal information
  • Portability: Receive your data in a structured, machine-readable format
  • Restriction: Request that we limit processing of your information
  • Objection: Object to processing based on legitimate interests

To exercise these rights, contact us at team@raccoonai.tech. We will respond within 30 days (or sooner if required by applicable law).

9.2 Managing Connectors

You can view, manage, and disconnect Connectors at any time through your account settings or directly through the third-party service. Disconnecting a Connector removes our access and deletes stored tokens.

9.3 Communication Preferences

  • Marketing: Opt out using the unsubscribe link in emails or through account settings
  • Service Communications: Cannot be opted out as they are necessary for service operation

9.4 Cookie and Analytics Preferences

Manage cookie preferences through your browser settings. To adjust analytics preferences, contact us at team@raccoonai.tech. Note that disabling certain cookies may affect functionality.

10. Children's Privacy

Our Services are not directed to individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us immediately and we will delete it.

11. Notice to Users in Specific Regions

11.1 European Economic Area and United Kingdom

If you are located in the EEA or UK, the following additional provisions apply:

Legal Bases for Processing:

PurposeLegal Basis
Provide ServicesPerformance of contract
Process paymentsPerformance of contract
Improve ServicesLegitimate interests
AI system trainingLegitimate interests (with opt-out)
AnalyticsLegitimate interests
MarketingConsent
Security and fraud preventionLegitimate interests
Legal complianceLegal obligation

Your Additional Rights:

  • Right to withdraw consent at any time (where processing is based on consent)
  • Right to lodge a complaint with your local supervisory authority

Data Protection Authorities:

  • UK: Information Commissioner's Office (ico.org.uk)
  • EU: Your local data protection authority

International Transfers: We transfer data outside the EEA/UK using Standard Contractual Clauses and other appropriate safeguards.

11.2 California Residents

If you are a California resident, you have the right to:

  • Know what personal information we collect, use, and disclose
  • Request deletion of your personal information
  • Opt out of "sales" of personal information (we do not sell personal information)
  • Non-discrimination for exercising your rights

To exercise these rights, contact team@raccoonai.tech.

11.3 Indian Residents

As a company incorporated in India, we comply with the Information Technology Act, 2000 and applicable rules. Our Grievance Officer can be contacted at team@raccoonai.tech. We will acknowledge grievances within 24 hours and resolve them within 30 days.

12. API and Developer Access

If you access our Services through APIs:

  • API usage is logged for security, billing, and service improvement
  • API credentials must be kept confidential; you are responsible for all activity under your credentials
  • Rate limits and usage restrictions apply as specified in your API agreement
  • The same data handling practices described in this Policy apply to API access

13. Referral Program

If you participate in our referral program:

  • We generate and store unique referral codes associated with your account
  • We track referral relationships between referring and referred users
  • We record referral timestamps and validation status for benefit distribution
  • Referral data is retained for the duration of your account plus any required audit period
  • We do not share referral relationship data with third parties except as necessary for service operation

14. Changes to This Privacy Policy

We may update this Privacy Policy periodically. When we make material changes:

  • We will update the "Last Updated" date at the top
  • We will notify you by email or through the Services

Your continued use after the last updated date constitutes acceptance of the updated Policy. We encourage you to review this Policy periodically.

15. Contact Us

For questions, concerns, or requests regarding this Privacy Policy or our data practices:

Email: team@raccoonai.tech

Address: Flying Raccoon Private Limited 1st Floor, Urban Vault 468, Parangi Palaya Sector 2, HSR Layout Bengaluru - 560102, Karnataka, India

Grievance Officer (for Indian law compliance): Email: team@raccoonai.tech Response time: Within 30 days as required by Indian law

Last Updated: December 7, 2025

Previous Versions: Available upon request at team@raccoonai.tech

Privacy Policy | Raccoon AI