RootCX — AI‑native customer operating system

This Privacy Policy describes how RootCX ("RootCX", "we", "us", or "our") collects, uses, stores, and discloses personal data in connection with the use of our websites, hosted platform, and self-managed deployments (collectively, the "Services").

We are committed to protecting personal data in accordance with applicable privacy and data protection laws, including the General Data Protection Regulation (GDPR) and relevant European regulations. This Privacy Policy applies to individuals who engage with us as customers, users of our Services, or visitors to our websites.

1. Scope and Applicability

This Privacy Policy applies to:

Visitors to our website(s)
Customers and their authorized users of our Services
Individuals communicating with our teams for sales, support, or contractual matters

If you are an end user whose data is uploaded or processed by a customer via our Services, please note that we act as a data processor, and the customer is the data controller.

2. Data We Collect

We collect and process a limited amount of personal data necessary to provide, maintain, and improve our Services. This may include:

Identification and Contact Information: name, email, company, job title, credentials
Technical and Usage Data: IP, browser, session logs, query usage
Communications: information from support tickets or product inquiries
Billing and Transaction Data: company address, tax IDs, subscription records

We do not collect or process sensitive categories of data.

3. Purpose of Processing

We process personal data for:

Service delivery and account management
Customer support
Product improvement and service reliability
Security and legal compliance
Billing and customer relationship management

4. Legal Basis for Processing

Our legal bases for processing personal data include:

Contractual necessity
Legitimate interest
Legal obligation
Consent (only when legally required)

5. Data Sharing and Subprocessors

We share data only with authorized service providers, advisors, or public authorities when required by law. All third parties are bound by confidentiality obligations and process data exclusively on our behalf.

6. International Data Transfers

Where data is transferred outside the EEA, RootCX ensures appropriate safeguards including Standard Contractual Clauses or adequacy mechanisms.

7. Data Retention

We retain personal data only as long as necessary for the purposes described in this Policy. Retention periods vary depending on data type and legal requirements but generally include:

Account data: retained during the contract and up to 90 days after termination
Billing data: retained per financial regulations
Support logs: retained for up to 365 days

8. Data Security

We implement industry-standard technical and organizational measures such as TLS encryption, access controls, and security audits to protect your data.

9. Your Rights

You may request access to the personal data we hold about you or request its deletion. To do so, contact us at contact@rootcx.com. We may ask for proof of identity. Some data may be retained for legal or operational reasons.

10. Cookies and Tracking

We use cookies for session management, performance monitoring, and analytics. See our Cookie Policy for more details.

11. Updates to This Policy

This Policy may be updated to reflect changes in law or service operations. Updates will be posted here, and material changes will be communicated to users.

Questions about our Privacy Policy?

We're here to help. Contact our team for any privacy-related questions.

Contact Team