Legal
Privacy Policy
How Recon.AI collects, uses, and protects information when you visit our site, request a demo, or use the Trust Accounting platform.
Effective date: June 15, 2026
Overview
Recon.AI (“Recon,” “we,” “us,” or “our”) builds trust infrastructure for AI systems. This Privacy Policy describes how we handle personal information when you use reconai.net, related marketing pages, the Recon dashboard, our SDK and APIs, and other services we operate (collectively, the “Services”).
If you use Recon on behalf of an organization, your organization may have its own policies and a data processing agreement with us. Where those agreements apply, they control how we process your organization's data.
Information we collect
The information we collect depends on how you interact with the Services.
- Account and profile information. When you create an account or join an organization, we collect identifiers such as your name, email address, organization name, and authentication credentials managed through our identity provider.
- Billing information. If you purchase a paid plan, payment processing is handled by Stripe. We receive billing status, subscription tier, and limited transaction metadata—not full payment card numbers.
- Product and platform data. When you instrument AI workflows with Recon, we process trust telemetry, replay references, diagnostics, governance events, and related metadata that your organization sends to the platform. Your organization controls what payloads are transmitted and may configure redaction or reference-only retention.
- Communications and forms. When you request a demo, apply as a design partner, or contact us, we collect the information you submit—such as name, work email, company, role, and message content.
- Website usage data. On public marketing pages we may collect page views, referral URLs, device and browser type, and similar analytics through PostHog.
- Support and security logs. We retain technical logs needed to operate, secure, and troubleshoot the Services, including IP address, timestamps, and error diagnostics.
How we use information
- Provide, maintain, and improve the Services
- Authenticate users and enforce organization access controls
- Process subscriptions, invoices, and usage-based billing
- Respond to demo requests, sales inquiries, and support tickets
- Measure product adoption and marketing performance
- Detect abuse, fraud, and security incidents
- Comply with legal obligations and enforce our terms
Legal bases (EEA, UK, and Switzerland)
Where applicable privacy law requires a legal basis, we rely on: performance of a contract (providing the Services you request); legitimate interests (securing and improving the platform, understanding product usage, and responding to inquiries); consent (where required for analytics cookies or optional marketing); and legal obligation.
How we share information
We do not sell personal information. We share information only as described below.
- Service providers. We use vendors that help us operate the Services, including hosting and database providers (such as Supabase), payment processing (Stripe), product analytics (PostHog), and scheduling tools used for demo booking.
- Your organization. If you access Recon through an organization account, administrators in that organization may access usage and trust data associated with your workspace.
- Legal and safety. We may disclose information if required by law, to protect rights and safety, or in connection with a merger, acquisition, or asset sale.
Customer data and subprocessors
When an organization uses Recon to monitor or govern AI agents, that organization typically acts as the controller of workflow and end-user data processed through the platform. Recon acts as a processor for that data and processes it only on the organization's instructions, including retention, redaction, and access controls configured in the product.
Enterprise customers may request a Data Processing Addendum (DPA) and a list of subprocessors by contacting us.
Retention
We retain personal information for as long as needed to provide the Services, meet contractual and legal obligations, resolve disputes, and enforce agreements. Platform telemetry and trust records may be retained according to your organization's plan settings and configured retention policies. You may request deletion of marketing or account information subject to applicable law and legitimate business needs.
Security
We implement administrative, technical, and organizational measures designed to protect information against unauthorized access, loss, or misuse. No method of transmission or storage is completely secure; we cannot guarantee absolute security.
International transfers
Recon is operated from the United States. If you access the Services from other regions, your information may be processed in the United States and other countries where we or our service providers operate. Where required, we use appropriate safeguards for cross-border transfers.
Your choices and rights
Depending on where you live, you may have rights to access, correct, delete, or export personal information, to object to or restrict certain processing, and to withdraw consent where processing is consent-based.
To exercise these rights, contact us at privacy@reconai.net. We may need to verify your identity before responding. If you are an end user of a customer organization, please contact your organization administrator first.
Cookies and analytics
We use cookies and similar technologies on marketing pages to remember preferences and measure traffic. Our analytics provider may set identifiers in local storage or cookies. You can control cookies through your browser settings. Disabling cookies may affect certain site features.
Children
The Services are not directed to children under 16, and we do not knowingly collect personal information from children.
Changes to this policy
We may update this Privacy Policy from time to time. We will post the revised policy on this page and update the effective date above. Material changes may also be communicated through the Services or by email where appropriate.
Contact us
Questions about this Privacy Policy or our data practices:
- Email: privacy@reconai.net
- General inquiries: founder@reconai.net
- Web: Contact form