Privacy Policy

Last Updated: Jan 1, 2023

Privacy Policy

GDPR Privacy Notice

Information we collect

How we share and disclose information

California Privacy Notice (CCPA)

WELCOME TO RUNE!

Rune provides a social platform via the Rune application (the “App”) and related Internet services (collectively, the “Service(s)”). The Service is operated by Rune AI Inc. (the “Company”, “we” or “us”) for users of the Service (“you”). This Privacy Policy sets forth our policy with respect to information that is collected from users of the App and/or the Services. Under applicable law, Rune AI Inc. is the “data controller” of personal data collected through the Services. Please also review our Terms of Service available at https://www.rune.ai/eula.

INFORMATION WE COLLECT

When you interact with us through the Services, we may collect information from you. We may collect the following categories of personal information about Users:

  • Personal Identifiers, including Telephone number
  • Online Identifiers, including Device identifier, IP address, Customer number, and Online identifier
  • Internet Activity, including Interactions with websites, apps or ads

We collect the following categories of personal information about Prospective Partners:

  • Personal Identifiers, including Email address
  • Internet Activity, including Email open and click-through rates

Data We Collect Automatically: When you interact with us through the Services, we receive and store certain information such as an IP address, device ID, and your activities within the Services. We may store such information and the Services may use such information and pool it with other information to track, for example, the total number of visitors to our Site, the amount of time users spend on voice chat, as well as the sites which refer visitors to Rune.

Aggregated Information: In an ongoing effort to better understand and serve the users of the Services, we may conduct research on our customer demographics, interests and behavior based on the information collected. This research may be compiled and analyzed on an aggregate basis, and we may share this aggregate data with our affiliates, agents and business partners. We may also disclose aggregated user statistics in order to describe our services to current and prospective business partners, and to other third parties for other lawful purposes.

We may use third party web site analytic tools such as Google Analytics on our website that employ cookies to collect certain information concerning your use of our Services. However, you can disable cookies by changing your browser settings. Further information about the procedure to follow in order to disable cookies can be found on your Internet browser provider's website via your help screen.

WHERE INFORMATION IS PROCESSED

The Company is based in the United States. No matter where you are located, you consent to the processing and transferring of your information in and to the U.S. and other countries. The laws of the U.S. and other countries governing data collection and use may not be as comprehensive or protective as the laws of the country where you live.

OUR USE OF YOUR INFORMATION

We use the information you provide in a manner that is consistent with this Privacy Policy. If you provide information for a certain reason, we may use the information in connection with the reason for which it was provided. For instance, if you contact us by email, we will use the information you provide to answer your question or resolve your problem. Also, if you provide information in order to obtain access to the Services, we will use your information to provide you with access to such services and to monitor your use of such services. The Company and its subsidiaries and affiliates (the “Related Companies”) may also use your information collected through the Services to help us improve the content and functionality of the Services, to better understand our users and to improve the Services.

OUR LEGAL BASES FOR HANDLING OF YOUR PERSONAL DATA

The laws in some jurisdictions require companies to tell you about the legal ground they rely on to use or disclose your personal data. To the extent those laws apply, our legal grounds are as follows:

  • To honor our contractual commitments to you: Much of our processing of personal data is to meet our contractual obligations to our users, or to take steps at users’ request in anticipation of entering into a contract with them. For example, we handle personal data on this basis to create your account and provide our Services.

  • Legitimate interests: In many cases, we handle personal data on the ground that it furthers our legitimate interests in ways that are not overridden by the interests or fundamental rights and freedoms of the affected individuals: This includes:

    • Provide Products or Services;
    • Providing a safe and enjoyable user experience;
    • Customer service;
    • Marketing, e.g. sending emails or other communications to let you know about new features;
    • Protecting our users, personnel, and property;
    • Analyzing and improving our business, e.g. collecting information about how you use our Services to optimize the design and placement of certain features;
    • Processing job applications;
    • Managing legal issues.

OUR DISCLOSURE OF YOUR INFORMATION

The Company is not in the business of selling your information. We consider this information to be a vital part of our relationship with you. There are, however, certain circumstances in which we may share your information with certain third parties, as set forth below:

  • Legal Requirements: We may disclose your information if required to do so by law or in the good faith belief that such action is necessary to (i) comply with a legal obligation, (ii) protect and defend the rights or property of the Company or Related Companies, (iii) protect the personal safety of users of the Services or the public, or (iv) protect against legal liability.

  • Aggregated Data: We may also share aggregated information with our partners or others for business purposes.

UNSOLICITED INFORMATION

You may provide us with ideas for new products or modifications to existing products, and other unsolicited submissions (collectively, “Unsolicited Information”). All Unsolicited Information shall be deemed to be non-confidential and we shall be free to reproduce, use, disclose, and distribute such Unsolicited Information to others without limitation or attribution.

CHILDREN

Our Services are for users age 13 and over and we do not knowingly collect personal information from children under the age of 13. If you are a parent or guardian of a child under the age of 13 and believe he or she has disclosed personal information to us please contact us at privacy@rune.ai.

DATA RETENTION

We generally retain personal data for so long as it may be relevant to the purposes identified herein. To dispose of personal data, we may anonymize it, delete it or take other appropriate steps. Data may persist in copies made for backup and business continuity purposes for additional time.

SECURITY

We take reasonable steps to protect the information provided via the Services from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. However, no Internet or email transmission is ever fully secure or error free. In particular, email sent to or from the Services may not be secure. Therefore, you should take special care in deciding what information you send to us via email. Please keep this in mind when disclosing any information via the Internet.

YOUR DATA RIGHTS AND CHOICES

We believe that users should be treated equally no matter where they are, and so we are making the following options to control your data available to all users, regardless of their location.

Individuals in the European Economic Area, Canada, Costa Rica and some other jurisdictions outside the United States have certain legal rights to obtain confirmation of whether we hold personal data about them, to access personal data we hold about them (including, in some cases, in portable form), and to obtain its correction, update, amendment or deletion in appropriate circumstances. They may also object to our uses or disclosures of personal data, to request a restriction on its processing, or withdraw any consent, though such actions typically will not have retroactive effect. They also will not affect our ability to continue processing data in lawful ways.

  • How can I access the personal data you have about me?

If you would like to submit a data access request, you can contact us at privacy@rune.ai. We will then start the process and provide you a link to access the personal data that Rune has on you within 30 days.

  • How do I correct, update, amend, or delete the personal data you have about me?

You can also request modifications from us directly by writing to us at privacy@rune.ai with an explanation of what data subject right you are seeking to exercise. For your protection, we may take steps to verify identity before responding to your request.

CHANGES TO THIS PRIVACY POLICY

We reserve the right to update or modify this Privacy Policy at any time and from time to time without prior notice. Please review this policy periodically, and especially before you provide any information. This Privacy Policy was last updated on the date indicated above. Your continued use of the Services after any changes or revisions to this Privacy Policy shall indicate your agreement with the terms of such revised Privacy Policy.

CONTACTING US

Please feel free to contact us if you have any questions about this Privacy Policy or the information practices of the Services. You may contact us as follows: privacy@rune.ai.

GDPR Notice

The following disclosure is made pursuant to the European General Data Protection Regulation (GDPR):

As a data controller of our clients’ personal data, we are committed to protecting and respecting your privacy in compliance with EU- General Data Protection Regulation (GDPR) 2016/679, dated April 27th 2016. This privacy statement explains when and why we collect personal information, how we use it, the conditions under which we may disclose it to others and how we keep it secure. This Privacy Statement applies to the use of our products and to our sales, marketing and customer contract fulfillment activities. You have the right to withdraw your consent at any time; and to submit a complaint to the relevant supervisory data protection authority.

Our legal basis for collecting personal data

We process personal data under the following lawful bases:

  • To honor our contractual commitments to you: Much of our processing of personal data is to meet our contractual obligations to our users, or to take steps at users’ request in anticipation of entering into a contract with them. For example, we handle personal data on this basis to create your account and provide our Services.
  • Legitimate interests: In many cases, we handle personal data on the ground that it furthers our legitimate interests in ways that are not overridden by the interests or fundamental rights and freedoms of the affected individuals:

We will always inform individuals about their privacy rights and the purpose for collecting personal data. Please refer to our privacy policy at privacy.rune.ai to understand the information we collect and how it's stored/transmitted. We may transfer personal data to countries other than the country in which the data was collected.

Your provision of personal data is part of contractual obligation. If you do not provide the required data, we will not be able to provide you the expected services outlined by our contract.

Your rights to your personal data

You have the following rights with respect to your personal data:

  • The right to request a copy of your personal data that Rune holds about you.
  • The right to request that Rune correct your personal data if inaccurate or out of date.
  • The right to request that your personal data be deleted when it is no longer necessary for Rune to retain such data.
  • The right to withdraw any consent to personal data processing at any time. For example, your consent to receive e-marketing or push notifications.
  • The right to request that Rune provide you with your personal data and, if possible, to pass on this information directly (in a portable format) to another data controller when the processing is based on consent or contract.
  • The right to request a restriction on further data processing, in case there is a dispute in relation to the accuracy or processing of your personal data.
  • The right to object to the processing of personal data, in case data processing has been based on legitimate interest and/or direct marketing.

Contact Us

If you have any questions related to this GDPR notice or our processing of your personal data, please send them to privacy@rune.ai. If you'd like to make use of your rights then please send a privacy request to us at https://privacy.rune.ai/privacy-request.

Information we collect

Information you provide to us

We collect the personal information you provide to us when you Users. The categories of information we may collect include:

  • Personal Identifiers, including telephone number

We collect the personal information you provide to us when you Prospective Partners. The categories of information we may collect include:

  • Personal Identifiers, including email address

To the extent we process deidentified personal information, we will make no attempt to reidentify such data.

Information collected automatically

We automatically collect internet or other electronic information about you when you visit our website, such as IP address, browsing history and interactions with our website. This data may be collected using browser cookies and other unique personal identifiers.

Opt-Out Preference Signals. Your browser settings may allow you to automatically transmit the Global Privacy Control (GPC) signal to online services you visit. When we detect such signal, we place a U.S. Privacy String setting in your browser so that any third party who respects that signal will not track your activity on our website. GPC is supported by certain internet browsers or as a browser extension. You can find out how to enable GPC here.

How long we keep your data

We do not retain data for any longer than is necessary for the purposes described in this Policy.

We generally retain data according to the guidelines below.

Type of Data Retention Period
Data we collect when you contact us for customer support and other inquiries, including Online Identifiers, Email address As a general rule, we keep customer feedback and correspondence until we have satisfactorily responded to their questions and comments. After emails have been archived, they are automatically deleted after 90 days.
Data we collect in connection with privacy requests, including Online Identifiers, Email address As a general rule, we keep customer privacy requests and correspondence until we have satisfactorily responded to their questions and comments. After emails have been archived, they are automatically deleted after 90 days.
Data we collect for security purposes, including Online Identifiers, Telephone number We retain security-related data as long as necessary to comply with our legal obligations and to maintain and improve our information security measures. After emails have been archived, they are automatically deleted after 90 days.

How we share and disclose information

Information Disclosed for Business or Commercial Purposes in the Last 12 Months, and Categories of Parties Disclosed To

We may disclose the following personal information about you when you Users:

Personal Information Disclosed Recipient (by Category)
Personal Identifiers Service Providers
Online Identifiers Service Providers
Internet Activity Service Providers

We may disclose the following personal information about you when you Prospective Partners:

Personal Information Disclosed Recipient (by Category)
Personal Identifiers Service Providers
Internet Activity Service Providers

California Privacy Notice (CCPA)

This section provides additional information for California residents under the California Consumer Privacy Act (CCPA). The terms used in this section have the same meaning as in the CCPA. This section does not apply to information that is not considered "personal information," such as anonymous, deidentified, or aggregated information, nor does it apply to publicly available information as defined in the CCPA.

Collection and Disclosure of Personal Information

The personal information we collect is described above in Information we collect. The personal information we disclose for business or commercial purposes is described above in How we share and disclose information. The length of time for which we retain personal information is described above in How long we keep your data.

Business and Commercial Purposes for Collection

We collect personal information for the following business purposes:

  • Creating Customer Profiles
  • Data Storage
  • Operating our Website or Mobile Apps

We also "sell" (as defined in the CCPA) personal information for commercial purposes, including to advertise and market our products.

Information “Sharing” and “Selling”

We use third party data analytics providers and this may be considered a “sale” of information under the CCPA.

You may opt-out of these data practices here.

CCPA Rights

Your CCPA rights are described below. You can make a Request to Know or a Request to Delete under the CCPA by submitting a Privacy Request at the top of this page, or by clicking here.

Right to Know

You have the right to request to know the following about the personal information we have collected about you in the past 12 months:

  • the categories and specific pieces of personal information we have collected about you
  • the categories of sources from which we collect personal information about you
  • the business and commercial purposes for which we collect personal information
  • the categories of third parties with whom we share the information
  • the categories of personal information about you that we disclosed for a business purpose, and the categories of third parties to whom we disclosed that information for a business purpose

The information we would provide to you in response to a Request to Know Categories is contained in this Privacy Notice. To access the specific personal information we have about you, submit a Request to Know via the link above. If you make a Request to Know more than twice in a 12-month period, we may require you to pay a small fee for this service.

Right to Delete

You have the right to request that we delete any personal information about you that you have provided to us. We will permanently delete from our records any personal information that is not necessary for our business operations and direct our service providers to do the same.

We consider information to be necessary for our business operations if it is used to:

  • Complete an obligation to you that you have requested
  • Detect and resolve issues related to security or functionality
  • Comply with legal obligations
  • Enable solely internal uses

Right to Non-Discrimination

If you exercise your CCPA consumer rights:

  • We will not deny goods or services to you
  • We will not charge you different prices or rates for goods or services, including through the use of discounts or other benefits or penalties
  • We will not provide a different level or quality of goods or services to you

Right to Opt-Out

You have the right to opt-out of any selling and sharing of your personal information.

You may exercise your right to opt-out here.

Request Verification

Before we can respond to a Request to Know or Request to Delete, we will need to verify that you are the consumer who is the subject of the CCPA request. Verification is important for preventing fraudulent requests and identity theft. Requests to Opt-Out do not require verification.

Typically, identity verification will require you to confirm certain information about yourself based on information we have already collected. For example, we will ask you to verify that you have access to the email address we have on file for you. If we cannot verify your identity based on our records, we cannot fulfill your CCPA request.

For a request that seeks specific personal information, we ask that you sign a declaration stating that you are the consumer whose personal information is the subject of the request, as required by the CCPA.

In some cases, we may have no reasonable method by which we can verify a consumer's identity. For example:

  • If a consumer submits a request but we have not collected any personal information about that consumer, we cannot verify the request.
  • If the only data we have collected about a consumer is gathered through website cookies (i.e. the consumer visited our website but had no other interaction with us), we are unable to reasonably associate a requester with any data collected; therefore, we cannot verify the request.

Authorized Agent

A California resident's authorized agent may submit a Request to Know or a Request to Delete under the CCPA by emailing us at privacy@rune.ai. Requests submitted by an authorized agent will still require verification of the person who is the subject of the request in accordance with the process described above. We will also ask for proof that the person who is the subject of the request authorized an agent to submit a privacy request on their behalf. An authorized agent that has power of attorney pursuant to California Probate Code section 4121 to 4130 must submit proof of statutory power of attorney, but consumer verification is not required.

If you have trouble accessing this notice, please contact us at privacy@rune.ai.

Contact Us

If you have any privacy-related questions, please send them to privacy@rune.ai.