Privacy Policy

1. Introduction and Data Controller

Regent ("we," "us," or "our") respects your privacy and is committed to protecting your personal information. This Privacy Policy ("Policy") describes how we collect, use, store, share, and protect information about you when you access our website, purchase our digital playbooks, use the Regent assistant subscription, or otherwise interact with any part of our service (collectively, the "Service"). The entity operating the Service and acting as data controller is Regent, incorporated under the laws of the State of Delaware, United States. Where applicable law requires designation of a representative or data protection contact in the European Economic Area or United Kingdom, you may reach us at cole@useregent.com.

2. Scope and Applicability

This Policy applies to all users of the Service, including visitors to our website, purchasers of Playbooks, subscribers to the Regent assistant, and anyone who contacts us through the website or other channels. It does not apply to third-party websites, services, or applications that may be linked from the Service; those are governed by their own privacy policies. By using the Service, you acknowledge that you have read and understand this Policy. If you do not agree with this Policy, please do not use the Service.

3. Information We Collect

We collect information in several ways: directly from you when you provide it, automatically when you use the Service, and from third-party providers we integrate with. The categories of personal information we collect are as follows.

Account and authentication data: When you create an Account or sign in using a third-party provider (currently Google), we receive your email address, display name, and profile picture from that provider. We use this information to create and manage your Account and to identify you when you return to the Service.

Payment and billing data: Payment transactions are processed by Stripe, Inc. We do not store your full payment card number, CVV, or full card details on our servers. We receive and retain your billing email address, the last four digits of your card, card type, billing postal code, and Stripe customer and subscription identifiers as needed to manage your billing relationship, process your payments, prevent fraud, and comply with applicable law.

Subscription and usage data: We collect data about your subscription plan, credit balance and reload history, connected integrations (such as Telegram), and how you interact with Service features. We use this to operate the Service, calculate billing, and improve our product.

Assistant and message data: When you use the Regent assistant, your messages and the assistant's responses are processed on our infrastructure. We treat message content as sensitive. We do not use the content of your conversations for advertising, behavioral profiling, or for purposes unrelated to providing and improving the assistant service to you. Message content may be retained on our servers for a period necessary to operate the Service, including to maintain conversation context and to investigate reported safety or abuse issues, as further described in Section 9.

Playbook access data: We maintain records of which Playbooks you have purchased and the date and method of delivery, to enable you to re-access your purchases and to support you with delivery issues.

Waitlist and lead data: If you submit your email to join our waitlist, request early access, or subscribe to our newsletter, we collect your email address and any other information you provide. We use this to communicate with you about the Service and related offers.

Contact and support data: When you submit a support request or contact us through the website, we collect your name, email address, and the content of your message. We may use a third-party customer relationship management or helpdesk tool to manage these communications. We do not sell support inquiry data.

Technical and device data: We automatically collect certain technical information when you use the Service, including your IP address, browser type and version, operating system, referring URL, pages visited, time spent, and other standard log data. We use this information to operate and maintain the Service, diagnose technical problems, detect fraud, and analyze aggregate usage trends.

Cookies and tracking data: We use cookies and similar tracking technologies as described in our Cookie Policy, available at /cookies.

4. How We Use Your Information

We use the personal information we collect for the following purposes: to create and manage your Account and authenticate your identity; to process payments, manage your subscription and credits, and send billing communications; to deliver Playbook purchases to your email; to operate and provide the Regent assistant and related features; to respond to your support requests and inquiries; to send you transactional communications necessary for the Service; to send you marketing and product communications where you have opted in or where permitted by applicable law; to monitor, analyze, and improve the Service, including through aggregate and anonymized analytics; to detect, investigate, and prevent fraudulent, unauthorized, or abusive activity; to comply with applicable legal obligations, including tax, financial reporting, and regulatory requirements; and to enforce our Terms of Service and Acceptable Use Policy. We process your personal information only where we have a lawful basis to do so, as described in Section 6.

5. AI and Automated Processing

The Regent assistant uses artificial intelligence models to generate responses to your messages. Processing your messages through AI models is inherent to providing the Service and is described in your Terms of Service. We do not make legally significant automated decisions about you solely on the basis of automated processing without human involvement, except where expressly required by law. Where AI-generated outputs could affect you materially (for example, a business recommendation), you retain full discretion to accept, reject, or seek human review of that output. If you are located in the European Economic Area and have concerns about automated processing, please contact us at cole@useregent.com.

6. Legal Bases for Processing (EEA and UK Users)

If you are located in the European Economic Area ("EEA") or United Kingdom ("UK"), we process your personal data only where we have a lawful basis under the General Data Protection Regulation (EU) 2016/679 ("GDPR") or the UK GDPR, as applicable. Our lawful bases are as follows. We process account, payment, subscription, and delivery data to perform our contract with you (Article 6(1)(b) GDPR). We process technical, security, and fraud-prevention data based on our legitimate interests in operating a secure and reliable service, where such interests are not overridden by your rights and freedoms (Article 6(1)(f) GDPR). We process data to comply with legal obligations, such as tax recordkeeping requirements (Article 6(1)(c) GDPR). We may process your data for marketing communications on the basis of your consent or, where permitted, on the basis of legitimate interests (Article 6(1)(a) or (f) GDPR). Where we process special categories of personal data, we do so only with your explicit consent or as otherwise permitted by applicable law.

7. Sharing and Disclosure

We do not sell your personal information to third parties. We share your information only in the following circumstances. With service providers: We share data with third-party vendors who help us operate the Service, including cloud infrastructure providers (for hosting and compute), Stripe (for payment processing), Google (for authentication), Telegram (for assistant messaging where you have connected that channel), email delivery providers, and analytics service providers. These vendors are permitted to use your data only for the purposes we specify and are contractually obligated to maintain appropriate security. With professional advisors: We may share data with attorneys, accountants, auditors, or other professional advisors under confidentiality obligations where reasonably necessary for legal, financial, or compliance purposes. In connection with business transfers: If the Company is involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of all or substantially all of its assets, your information may be transferred as part of that transaction; we will provide reasonable notice to affected users. To comply with law: We may disclose information where required by applicable law, court order, or legal process, or where we believe disclosure is necessary to: (a) comply with a legal obligation; (b) protect and defend the rights or property of the Company; (c) prevent or investigate possible wrongdoing in connection with the Service; or (d) protect the personal safety of users or the public.

8. Third-Party Service Providers

The following is a non-exhaustive list of key third parties with whom we share data: Stripe, Inc. (payment processing; privacy policy at stripe.com/privacy); Google LLC (authentication and sign-in; privacy policy at policies.google.com/privacy); Telegram Messenger (assistant channel integration, only if you connect your account; privacy policy at telegram.org/privacy); and cloud infrastructure providers used for hosting, storage, and compute. When you connect any third-party channel to your Regent account, you are also subject to that third party's terms and privacy practices.

9. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes for which it was collected, subject to the following. Account and billing data are retained for the life of your Account and for a period of at least seven (7) years thereafter as required for tax, accounting, and legal purposes. Playbook purchase records are retained indefinitely to support your access and to resolve disputes. Assistant and message data are retained for a rolling period sufficient to maintain conversation context and to investigate reported abuse issues, after which older messages are deleted from active systems. Marketing and contact data are retained until you opt out or request deletion. Technical log data is typically retained for up to 90 days, after which it may be aggregated and anonymized. You may request deletion of your personal data as described in Section 11; note that certain data must be retained to comply with applicable legal obligations even after a deletion request.

10. Security

We implement technical and organizational security measures designed to protect your personal information against unauthorized access, disclosure, alteration, or destruction. These measures include encryption in transit (TLS) and at rest for sensitive data, access controls limiting data access to employees and contractors with a legitimate need, isolated infrastructure for each Regent assistant instance, and regular review of our security practices. No security system is impenetrable, and the Company cannot guarantee the absolute security of your data. You are responsible for maintaining the confidentiality of your Account credentials. If you believe your Account has been compromised, notify us immediately at cole@useregent.com. In the event of a data breach that triggers notification obligations under applicable law, we will notify affected users and relevant authorities as required by law.

11. Your Privacy Rights

Depending on your location, you may have certain rights with respect to your personal data. You may request access to, correction of, deletion of, or portability of your personal data. You may object to or request restriction of certain processing. You may withdraw consent to processing where consent was the lawful basis. To exercise any of these rights, contact us at cole@useregent.com. We will respond to all requests within the timeframes required by applicable law (generally 30 days, with the possibility of extension). We may require you to verify your identity before processing a request. Please note that some requests may be limited by our legal obligations or legitimate interests (for example, we may retain certain billing records even after an Account deletion request).

12. Additional Rights for EEA and UK Residents

If you are located in the EEA or UK, in addition to the rights described in Section 11, you have the following rights under GDPR or UK GDPR: the right to lodge a complaint with your national data protection supervisory authority; the right not to be subject to solely automated decision-making with legal or similarly significant effects; and, where processing is based on legitimate interests, the right to object at any time on grounds relating to your particular situation. For EEA residents, the lead supervisory authority for Regent is the relevant authority in the EU member state where we have our main establishment or where you reside.

13. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act, as amended by the California Privacy Rights Act ("CCPA/CPRA"). You have the right to know what categories of personal information we have collected about you, the purposes for collection, and the categories of third parties with whom we have shared or disclosed your information. You have the right to access the specific pieces of personal information we have collected about you. You have the right to request deletion of your personal information, subject to applicable exceptions. You have the right to correct inaccurate personal information we hold about you. You have the right to opt out of the sale or sharing of your personal information. The Company does not sell your personal information and does not share it for cross-context behavioral advertising purposes. You have the right not to receive discriminatory treatment for exercising your CCPA/CPRA rights. To exercise your California rights, contact us at cole@useregent.com or submit a request through our Contact page. We will verify your identity before processing requests and will respond within the timeframes required by law. You may designate an authorized agent to submit requests on your behalf; authorized agents must provide written authorization signed by you.

14. International Data Transfers

The Service is operated in the United States. If you are accessing the Service from outside the United States, your personal information may be transferred to and processed in the United States and other countries where our service providers operate. These countries may have data protection laws that differ from those in your country. Where we transfer personal data from the EEA or UK to countries that are not subject to an adequacy decision, we rely on appropriate safeguards such as Standard Contractual Clauses approved by the European Commission or the UK International Data Transfer Agreement, as applicable. By using the Service from outside the United States, you acknowledge that your personal information will be transferred to and processed in the United States.

15. Children's Privacy

The Service is not directed to children under the age of 16. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe that your child under 16 has provided us with personal information without your consent, please contact us at cole@useregent.com and we will promptly delete such information from our records. If we become aware that we have collected personal information from a child under 16 without verification of parental consent, we will take steps to remove that information.

16. Marketing Communications

Where you have opted in to marketing communications, or where otherwise permitted by applicable law, we may send you emails about our products, promotions, and updates. You may opt out of marketing emails at any time by clicking the "unsubscribe" link in any marketing email or by contacting us at cole@useregent.com. Opting out of marketing communications will not affect your receipt of transactional or Account-related emails, which are necessary for the operation of the Service.

17. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to operate the Service and to understand how you use it. For detailed information about the types of cookies we use, how we use them, and how you can control your cookie preferences, please see our Cookie Policy at /cookies.

18. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons. When we update this Policy, we will post the revised version on this page and update the "Last updated" date. For material changes that affect how we use your personal information, we will provide at least 14 days' prior notice by email to the address associated with your Account, or by a prominent notice within the Service. Your continued use of the Service after the effective date of any update constitutes your acceptance of the revised Policy.

19. Contact and Data Protection Inquiries

For questions, concerns, or requests related to this Privacy Policy or the handling of your personal information, please contact us at cole@useregent.com or through our Contact page. We take privacy inquiries seriously and will respond as promptly as practicable and within any timeframe required by applicable law.