Privacy Policy

Last updated: March 24, 2026

1. Introduction

ActReady ("we," "us," or "our") operates the website getactready.com and the ActReady platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our services.

We are committed to protecting your privacy and complying with applicable data protection laws, including the General Data Protection Regulation (GDPR).

2. Information we collect

Information you provide directly:

  • Account information (name, email address) when you sign up
  • Organization details you enter in your settings
  • AI system descriptions and compliance data you input into the platform
  • Payment information processed securely through Stripe (we do not store card details)
  • Communications you send to us via email or support channels

Information collected automatically:

  • Usage data (pages visited, features used, time spent)
  • Device information (browser type, operating system)
  • IP address and approximate geographic location
  • Cookies and similar tracking technologies

3. How we use your information

We use the information we collect to:

  • Provide, maintain, and improve our services
  • Process transactions and manage your subscription
  • Generate compliance documents based on your AI system details
  • Send service-related communications (account updates, security alerts)
  • Respond to your inquiries and provide customer support
  • Analyze usage patterns to improve the platform
  • Comply with legal obligations

4. AI-powered document generation

When you use our document generation feature, the information you provide about your AI systems is sent to our AI provider (Anthropic) to generate compliance documents. This data is used solely for the purpose of generating your requested documents and is not used to train AI models. Generated documents are stored in your account and are accessible only to you and your organization.

5. Data sharing and third parties

We share your information only with the following categories of service providers:

  • Authentication: Clerk — manages user authentication and sessions
  • Database: Supabase — stores your account and compliance data
  • Payments: Stripe — processes subscription payments securely
  • AI generation: Anthropic — generates compliance documents from your inputs
  • Hosting: Vercel — hosts and serves our web application

We do not sell, rent, or trade your personal information to third parties. We may disclose information if required by law or to protect our rights and safety.

6. Data retention

We retain your personal data for as long as your account is active or as needed to provide you with our services. If you delete your account, we will delete or anonymize your personal data within 30 days, except where we are required to retain it for legal or regulatory purposes.

7. Data security

We implement appropriate technical and organizational measures to protect your personal data, including encryption in transit (TLS), encryption at rest, access controls, and regular security reviews. However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

8. Your rights (GDPR)

If you are located in the European Economic Area, you have the right to:

  • Access the personal data we hold about you
  • Rectify inaccurate or incomplete data
  • Request erasure of your personal data
  • Restrict or object to processing of your data
  • Data portability — receive your data in a structured, machine-readable format
  • Withdraw consent at any time where processing is based on consent
  • Lodge a complaint with a supervisory authority

To exercise any of these rights, contact us at hello@getactready.com.

9. Cookies

We use essential cookies required for the functioning of our service (authentication, session management). We do not use advertising or tracking cookies. You can control cookie settings through your browser preferences.

10. Children's privacy

Our services are not directed to individuals under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child, we will take steps to delete it promptly.

11. Changes to this policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. Your continued use of our services after changes constitutes acceptance of the updated policy.

12. Contact us

If you have questions about this Privacy Policy or our data practices, contact us at:

ActReady
Email: hello@getactready.com