Privacy Policy

Last Updated: Dec 7, 2023

Privacy Policy

GDPR Privacy Notice

Information we collect

How we disclose information

California Privacy Notice (CCPA)

WELCOME TO RUNE!

Rune provides a social platform via the Rune application (the “App”) and related Internet services (collectively, the “Service(s)”). The Service is operated by Rune AI Inc. (the “Company”, “we” or “us”) for users of the Service (“you”). This Privacy Policy sets forth our policy with respect to information that is collected from users of the App and/or the Services. Under applicable law, Rune AI Inc. is the “data controller” of personal data collected through the Services. Please also review our Terms of Service available at https://www.rune.ai/eula.

INFORMATION WE COLLECT

When you interact with us through the Services, we may collect information from you. We may collect the following categories of personal information about Users:

  • Personal Identifiers, including Telephone number
  • Online Identifiers, including Device identifier, IP address, Customer number, and Online identifier
  • Internet Activity, including Interactions with websites, apps or ads

We collect the following categories of personal information about Prospective Partners:

  • Personal Identifiers, including Email address
  • Internet Activity, including Email open and click-through rates

Data We Collect Automatically: When you interact with us through the Services, we receive and store certain information such as an IP address, device ID, and your activities within the Services. We may store such information and the Services may use such information and pool it with other information to track, for example, the total number of visitors to our Site, the amount of time users spend on voice chat, as well as the sites which refer visitors to Rune.

Aggregated Information: In an ongoing effort to better understand and serve the users of the Services, we may conduct research on our customer demographics, interests and behavior based on the information collected. This research may be compiled and analyzed on an aggregate basis, and we may share this aggregate data with our affiliates, agents and business partners. We may also disclose aggregated user statistics in order to describe our services to current and prospective business partners, and to other third parties for other lawful purposes.

We may use third party web site analytic tools such as Google Analytics on our website that employ cookies to collect certain information concerning your use of our Services. However, you can disable cookies by changing your browser settings. Further information about the procedure to follow in order to disable cookies can be found on your Internet browser provider's website via your help screen.

WHERE INFORMATION IS PROCESSED

The Company is based in the United States. No matter where you are located, you consent to the processing and transferring of your information in and to the U.S. and other countries. The laws of the U.S. and other countries governing data collection and use may not be as comprehensive or protective as the laws of the country where you live.

OUR USE OF YOUR INFORMATION

We use the information you provide in a manner that is consistent with this Privacy Policy. If you provide information for a certain reason, we may use the information in connection with the reason for which it was provided. For instance, if you contact us by email, we will use the information you provide to answer your question or resolve your problem. Also, if you provide information in order to obtain access to the Services, we will use your information to provide you with access to such services and to monitor your use of such services. The Company and its subsidiaries and affiliates (the “Related Companies”) may also use your information collected through the Services to help us improve the content and functionality of the Services, to better understand our users and to improve the Services.

OUR LEGAL BASES FOR HANDLING OF YOUR PERSONAL DATA

The laws in some jurisdictions require companies to tell you about the legal ground they rely on to use or disclose your personal data. To the extent those laws apply, our legal grounds are as follows:

  • To honor our contractual commitments to you: Much of our processing of personal data is to meet our contractual obligations to our users, or to take steps at users’ request in anticipation of entering into a contract with them. For example, we handle personal data on this basis to create your account and provide our Services.

  • Legitimate interests: In many cases, we handle personal data on the ground that it furthers our legitimate interests in ways that are not overridden by the interests or fundamental rights and freedoms of the affected individuals: This includes:

    • Provide Products or Services;
    • Providing a safe and enjoyable user experience;
    • Customer service;
    • Marketing, e.g. sending emails or other communications to let you know about new features;
    • Protecting our users, personnel, and property;
    • Analyzing and improving our business, e.g. collecting information about how you use our Services to optimize the design and placement of certain features;
    • Processing job applications;
    • Managing legal issues.

OUR DISCLOSURE OF YOUR INFORMATION

The Company is not in the business of selling your information. We consider this information to be a vital part of our relationship with you. There are, however, certain circumstances in which we may share your information with certain third parties, as set forth below:

  • Legal Requirements: We may disclose your information if required to do so by law or in the good faith belief that such action is necessary to (i) comply with a legal obligation, (ii) protect and defend the rights or property of the Company or Related Companies, (iii) protect the personal safety of users of the Services or the public, or (iv) protect against legal liability.

  • Aggregated Data: We may also share aggregated information with our partners or others for business purposes.

UNSOLICITED INFORMATION

You may provide us with ideas for new products or modifications to existing products, and other unsolicited submissions (collectively, “Unsolicited Information”). All Unsolicited Information shall be deemed to be non-confidential and we shall be free to reproduce, use, disclose, and distribute such Unsolicited Information to others without limitation or attribution.

CHILDREN

Our Services are for users age 13 and over and we do not knowingly collect personal information from children under the age of 13. If you are a parent or guardian of a child under the age of 13 and believe he or she has disclosed personal information to us please contact us at privacy@rune.ai.

DATA RETENTION

We generally retain personal data for so long as it may be relevant to the purposes identified herein. To dispose of personal data, we may anonymize it, delete it or take other appropriate steps. Data may persist in copies made for backup and business continuity purposes for additional time.

SECURITY

We take reasonable steps to protect the information provided via the Services from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. However, no Internet or email transmission is ever fully secure or error free. In particular, email sent to or from the Services may not be secure. Therefore, you should take special care in deciding what information you send to us via email. Please keep this in mind when disclosing any information via the Internet.

YOUR DATA RIGHTS AND CHOICES

We believe that users should be treated equally no matter where they are, and so we are making the following options to control your data available to all users, regardless of their location.

Individuals in the European Economic Area, Canada, Costa Rica and some other jurisdictions outside the United States have certain legal rights to obtain confirmation of whether we hold personal data about them, to access personal data we hold about them (including, in some cases, in portable form), and to obtain its correction, update, amendment or deletion in appropriate circumstances. They may also object to our uses or disclosures of personal data, to request a restriction on its processing, or withdraw any consent, though such actions typically will not have retroactive effect. They also will not affect our ability to continue processing data in lawful ways.

  • How can I access the personal data you have about me?

If you would like to submit a data access request, you can contact us at privacy@rune.ai. We will then start the process and provide you a link to access the personal data that Rune has on you within 30 days.

  • How do I correct, update, amend, or delete the personal data you have about me?

You can also request modifications from us directly by writing to us at privacy@rune.ai with an explanation of what data subject right you are seeking to exercise. For your protection, we may take steps to verify identity before responding to your request.

CHANGES TO THIS PRIVACY POLICY

We reserve the right to update or modify this Privacy Policy at any time and from time to time without prior notice. Please review this policy periodically, and especially before you provide any information. This Privacy Policy was last updated on the date indicated above. Your continued use of the Services after any changes or revisions to this Privacy Policy shall indicate your agreement with the terms of such revised Privacy Policy.

CONTACTING US

Please feel free to contact us if you have any questions about this Privacy Policy or the information practices of the Services. You may contact us as follows: privacy@rune.ai.

GDPR Notice

The following disclosure is made pursuant to the European General Data Protection Regulation (GDPR):

As a data controller of our clients’ personal data, we are committed to protecting and respecting your privacy in compliance with EU- General Data Protection Regulation (GDPR) 2016/679, dated April 27th 2016. This privacy statement explains when and why we collect personal information, how we use it, the conditions under which we may disclose it to others and how we keep it secure. This Privacy Statement applies to the use of our products and to our sales, marketing and customer contract fulfillment activities. You have the right to withdraw your consent at any time; and to submit a complaint to the relevant supervisory data protection authority.

Our legal basis for collecting personal data

We process personal data under the following lawful bases:

  • To honor our contractual commitments to you: Much of our processing of personal data is to meet our contractual obligations to our users, or to take steps at users’ request in anticipation of entering into a contract with them. For example, we handle personal data on this basis to create your account and provide our Services.
  • Legitimate interests: In many cases, we handle personal data on the ground that it furthers our legitimate interests in ways that are not overridden by the interests or fundamental rights and freedoms of the affected individuals:

We will always inform individuals about their privacy rights and the purpose for collecting personal data. Please refer to our privacy policy at privacy.rune.ai to understand the information we collect and how it's stored/transmitted. We may transfer personal data to countries other than the country in which the data was collected.

Your provision of personal data is part of contractual obligation. If you do not provide the required data, we will not be able to provide you the expected services outlined by our contract.

Your rights to your personal data

You have the following rights with respect to your personal data:

  • The right to request a copy of your personal data that Rune holds about you.
  • The right to request that Rune correct your personal data if inaccurate or out of date.
  • The right to request that your personal data be deleted when it is no longer necessary for Rune to retain such data.
  • The right to withdraw any consent to personal data processing at any time. For example, your consent to receive e-marketing or push notifications.
  • The right to request that Rune provide you with your personal data and, if possible, to pass on this information directly (in a portable format) to another data controller when the processing is based on consent or contract.
  • The right to request a restriction on further data processing, in case there is a dispute in relation to the accuracy or processing of your personal data.
  • The right to object to the processing of personal data, in case data processing has been based on legitimate interest and/or direct marketing.

Contact Us

If you have any questions related to this GDPR notice or our processing of your personal data, please send them to ia.enur@ycavirp. If you'd like to make use of your rights then please send a privacy request to us at https://privacy.rune.ai/privacy-request.

Information we collect

Information you provide to us

We collect the personal information you provide to us when you Users. The categories of information we may collect include:

  • Personal Identifiers, including email address and telephone number

To the extent we process deidentified personal information, we will make no attempt to reidentify such data.

Information collected automatically

We automatically collect internet or other electronic information about you when you visit our website, such as IP address, browsing history and interactions with our website. This data may be collected using browser cookies and other tracking technologies.

Opt-Out Preference Signals. Your browser settings may allow you to automatically transmit an opt-out preference signal, such as the Global Privacy Control (GPC) signal, to online services you visit. When we detect such signal, we place a U.S. Privacy String setting in your browser so that any third party who respects that signal will not track your activity on our website. Your request to opt-out of sale/sharing will be linked to your browser identifier only and not linked to any account information because the connection between your browser and the account is not known to us. GPC is supported by certain internet browsers or as a browser extension. Find out how to enable GPC..

How long we keep your data

We do not retain data for any longer than is necessary for the purposes described in this Policy.

We generally retain data according to the guidelines below.

Type of DataRetention Period
Data we collect when you contact us for customer support and other inquiries, including Email address, Online IdentifiersAs a general rule, we keep customer feedback and correspondence until we have satisfactorily responded to their questions and comments. After emails have been archived, they are automatically deleted after 90 days.
Data we collect in connection with privacy requests, including Email address, Online IdentifiersAs a general rule, we keep customer privacy requests and correspondence until we have satisfactorily responded to their questions and comments. After emails have been archived, they are automatically deleted after 90 days.
Data we collect for security purposes, including Telephone number, Online IdentifiersWe retain security-related data as long as necessary to comply with our legal obligations and to maintain and improve our information security measures. After emails have been archived, they are automatically deleted after 90 days.

Purposes of Processing

We process personal information for the following purposes:

  • Creating Customer Profiles
  • Data Storage
  • Operating our Website or Mobile Apps

How we disclose information

Information Disclosed for Business or Commercial Purposes in the Last 12 Months, and Categories of Parties Disclosed To

We may disclose the following personal information about you when you Users:

Personal Information CategoryCategories of Service ProvidersCategories of Third Parties
Personal IdentifiersCustomer Support Tools, IT Infrastructure Services, and Sales & Marketing ToolsNone
Online IdentifiersIT Infrastructure Services and Sales & Marketing ToolsNone
Geolocation InformationIT Infrastructure ServicesNone

California Privacy Notice (CCPA)

This section provides additional information for California residents under the California Consumer Privacy Act (CCPA). The terms used in this section have the same meaning as in the CCPA. This section does not apply to information that is not considered "personal information," such as anonymous, deidentified, or aggregated information, nor does it apply to publicly available information as defined in the CCPA.

To the extent we process deidentified personal information, we will make no attempt to reidentify such data.

Collection and Disclosure of Personal Information

The personal information we collect is described above in Information we collect. The personal information we disclose for business or commercial purposes is described above in How we disclose information. The length of time for which we retain personal information is described above in How long we keep your data. Our purposes for processing data are described above in Purposes of processing.

Information “Sharing” and “Selling”

We do not receive monetary or other valuable consideration in exchange for your data and therefore do not "sell" your data as defined in CCPA.

We do not “share” personal data with third parties, as that term is defined in the CCPA.

We do not knowingly sell or share (for cross-context behavioral advertising) the personal information of consumers under 16 years of age.

CCPA Rights

Your CCPA rights are described below. Make a Privacy Request by clicking here or the link at the top of this page or by emailing us at ia.enur@ycavirp.

Right to Know and Access

You have the right to request to know and access the following about the personal information we have collected about you in the past 12 months:

  • the categories and specific pieces of personal information we have collected about you
  • the categories of sources from which we collect personal information about you
  • the business or commercial purposes for which we collect, sell, or share personal information
  • the categories of third parties with whom we disclose the information
  • the categories of personal information about you that we have sold, shared, or disclosed for a business purpose, and the categories of third parties to whom we have sold, shared, or disclosed that information for a business purpose

The information we would provide to you in response to a Request to Know Categories is contained in this Privacy Notice. To receive a copy of the specific personal information we have about you, submit a Request to Know or Access via the link above. If you make a Request to Know more than twice in a 12-month period, or we determine the request is manifestly unfounded or excessive, we may require you to pay a small fee for this service.

Right to Delete

You have the right to request that we delete any personal information about you that you have provided to us. Subject to certain limitations, we will delete from our records your requested personal information and direct our service providers to do the same.

Right to Non-Discrimination

If you exercise your CCPA consumer rights:

  • We will not deny goods or services to you
  • We will not charge you different prices or rates for goods or services, including through the use of discounts or other benefits or penalties
  • We will not provide a different level or quality of goods or services to you
  • We will not suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services
  • We will not retaliate against you, as an employee, applicant for employment, or independent contractor

We may still offer you certain financial incentives permitted by the CCPA such as discounts, rewards, premium features, or loyalty accounts that can result in different prices, rates, or quality levels.

Right to Opt-Out

We do not sell or share any personal information to third parties.

Right to Correct

You have the right to correct inaccuracies in your personal data, taking into account the nature of the data and our purposes for processing it.

Request Verification

Before we can respond to a Request to Know or Request to Delete, we will need to verify that you are the consumer who is the subject of the CCPA request. Verification is important for preventing fraudulent requests and identity theft. Requests to Opt-Out do not require verification.

Typically, identity verification will require you to confirm certain information about yourself based on information we have already collected. For example, we will ask you to verify that you have access to the email address we have on file for you. If we cannot verify your identity based on our records, we cannot fulfill your CCPA request. If you submit a request not through our webform, we will ask you to provide the same information requested in the webform.

For a request that seeks specific personal information, we ask that you sign a declaration stating that you are the consumer whose personal information is the subject of the request, as required by the CCPA.

In some cases, we may have no reasonable method by which we can verify a consumer's identity. For example:

  • If a consumer submits a request but we have not collected any personal information about that consumer, we cannot verify the request.
  • If the only data we have collected about a consumer is gathered through website cookies (i.e. the consumer visited our website but had no other interaction with us), we are unable to reasonably associate a requester with any data collected; therefore, we cannot verify the request.

Authorized Agent

A California resident's authorized agent may submit a rights request under the CCPA by emailing us at ia.enur@ycavirp. Requests submitted by an authorized agent will still require verification of the consumer who is the subject of the request in accordance with the process described above. We will also ask for proof that the consumer who is the subject of the request authorized an agent to submit a privacy request on their behalf by either verifying their own identity with us directly or directly confirming with us that they provided the authorized agent permission to submit the request. An authorized agent that has power of attorney pursuant to California Probate Code section 4121 to 4130 may also submit proof of statutory power of attorney, which does not require separate consumer verification.

If you have trouble accessing this notice, please contact us at ia.enur@ycavirp.

Contact Us

If you have any privacy-related questions or have trouble accessing this notice, please email ia.enur@ycavirp.