Privacy Policy

RegNexia AI ("RegNexia", "we", "us", or "our") is a regulatory intelligence platform for life sciences organizations. This Privacy Policy explains how we collect, use, disclose, and protect information about you when you use our website, platform, or services.

For the purposes of applicable data protection law, RegNexia AI is the data controller of your personal information.

We collect information in the following ways:

Information you provide directly:

- Account registration details (name, email address, job title, company)

- Contact form submissions and support requests

- Payment information (processed by our payment provider; we do not store card details)

- Preferences, watchlist configurations, and alert settings you create within the platform

Information collected automatically:

- Usage data (features accessed, pages visited, actions taken within the platform)

- Device and browser information (IP address, browser type, operating system)

- Log data (access times, pages viewed, errors encountered)

- Cookies and similar tracking technologies (see Section 8)

Information from third parties:

- If you sign in using single sign-on (SSO), we receive basic profile information from your identity provider

We use the information we collect to:

- Provide, maintain, and improve the RegNexia platform and services

- Process account registrations and manage user access

- Deliver regulatory alerts, summaries, and reports you have configured

- Respond to your inquiries, support requests, and feedback

- Send service-related communications (security notices, product updates, billing)

- Comply with legal obligations

- Detect and prevent fraud, abuse, and security incidents

- Analyze platform usage to improve features and user experience

We do not sell your personal data to third parties. We do not use your regulatory watchlist configurations or usage patterns for advertising purposes.

If you are located in the European Economic Area or United Kingdom, we process your personal data under the following legal bases:

Contract performance: Processing necessary to provide the services you have contracted for

Legitimate interests: Processing for platform security, fraud prevention, and service improvement

Legal obligation: Processing required to comply with applicable laws

Consent: Where we have asked for and received your consent (e.g., marketing emails)

You may withdraw consent at any time where we rely on consent as the legal basis.

We share your information only in the following circumstances:

**Service providers:** We share data with trusted vendors who help us operate the platform (cloud infrastructure, email delivery, payment processing, analytics). These providers process data only on our instructions and are contractually bound to protect it.

**Legal requirements:** We may disclose information if required by law, court order, or government authority, or to protect the rights, property, or safety of RegNexia, our customers, or others.

**Business transfers:** If RegNexia is acquired or merges with another company, your information may be transferred as part of that transaction. We will notify you of any such change.

**With your consent:** We may share information for other purposes with your explicit consent.

We do not sell personal data.

We retain your personal data for as long as your account is active and for a reasonable period thereafter to fulfill the purposes described in this Policy, comply with legal obligations, and resolve disputes.

Upon contract termination, customers may export their data within 30 days. After this window, data is permanently deleted from production systems. Backup retention may extend this by up to 90 days.

You may request deletion of your personal data at any time by contacting us at privacy@regnexia.ai.

Depending on your location, you may have the following rights regarding your personal data:

Access: Request a copy of the personal data we hold about you

Correction: Request correction of inaccurate or incomplete data

Deletion: Request deletion of your personal data

Restriction: Request that we restrict processing of your data

Portability: Receive your data in a structured, machine-readable format

Objection: Object to processing based on legitimate interests

Withdrawal of consent: Withdraw consent at any time where processing is consent-based

To exercise any of these rights, contact us at privacy@regnexia.ai. We will respond within 30 days. EEA and UK residents may also lodge a complaint with their local data protection authority.

We use cookies and similar technologies to operate the platform, remember your preferences, and analyze usage. For full details on the types of cookies we use and how to manage them, see our Cookie Policy.

You can manage cookie preferences at any time through your browser settings or by visiting our Cookie Preferences page.

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, or disclosure. These include encryption in transit and at rest, role-based access controls, audit logging, and regular security testing.

No system is completely secure. If you believe your account has been compromised, contact us immediately at security@regnexia.ai.

RegNexia operates globally. Your data may be transferred to and processed in countries outside your country of residence, including countries that may not provide the same level of data protection as your home country.

Where we transfer personal data from the EEA or UK to countries not deemed adequate by the European Commission or UK authorities, we rely on appropriate safeguards such as Standard Contractual Clauses. Copies of these safeguards are available upon request.

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email or through a notice on the platform at least 30 days before the changes take effect. Your continued use of the platform after the effective date constitutes acceptance of the updated policy.

For privacy-related questions, requests, or complaints, contact us at:

**Email:** privacy@regnexia.ai

We aim to respond to all privacy inquiries within 10 business days.