Effective date: April 12, 2026
← Back to homeTable of Contents
This Privacy Policy ("Policy") describes how Alexander Carlson, operating as Rémis ("Rémis," "we," "us," or "our"), collects, uses, stores, protects, and discloses information obtained from users ("you," "your," or "User") of the Rémis platform, accessible at remis.business (the "Service"). Rémis is a sole proprietorship operated by Alexander Carlson, with a general locality in Indianapolis, Indiana, United States.
We are committed to protecting your privacy and handling your personal information with transparency and care. This Policy applies to all information collected through the Service, including our website, application interfaces, APIs, email communications, and any other channels through which you interact with Rémis.
By accessing or using the Service, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with the practices described in this Policy, you should not access or use the Service. We encourage you to review this Policy periodically to stay informed about how we are protecting your information.
This Policy is incorporated into and subject to our Terms of Service. Capitalized terms not defined herein shall have the meanings ascribed to them in the Terms of Service.
We collect various types of information in connection with the Service, including information you provide directly, information generated through your use of the Service, and information collected automatically. The categories of information we collect are described below.
When you create an account on Rémis, we collect the following personal information:
You are responsible for maintaining the accuracy of your account information and for keeping your login credentials secure. We strongly recommend using a unique, complex password for your Rémis account.
To generate AI-powered business reports and analyses, we collect company and organizational information that you voluntarily submit through our forms and interfaces. This may include, but is not limited to:
This company profile data is essential for the Service to generate meaningful, tailored reports and analyses. You should only submit information that you are authorized to share and that does not include sensitive personal data of third parties unless you have obtained appropriate consent.
Through your use of the Service, AI-generated content is created and stored in association with your account. This generated content includes, but is not limited to:
Generated content is stored in your account and is accessible only to you unless you choose to share or export it. We retain generated content as described in Section 6 (Data Retention) of this Policy.
We automatically collect information about how you interact with the Service to improve functionality, enforce subscription limits, and enhance the user experience. Usage data includes:
When you access the Service, we automatically collect certain technical information from your device and browser, including:
This technical data is collected through standard web server logging mechanisms and is used to ensure the security, compatibility, and optimal performance of the Service.
All payment processing for the Service is handled exclusively by Stripe, Inc. ("Stripe"), our third-party payment processor. When you subscribe to a paid plan or make a purchase through the Service:
We encourage you to review Stripe's Privacy Policy to understand how your payment information is handled. Stripe is PCI DSS Level 1 certified, the highest level of certification available in the payment card industry.
We use the information we collect for the following purposes, each of which constitutes a legitimate basis for processing under applicable privacy laws:
We do not sell, rent, lease, or trade your personal information to any third party for monetary or other valuable consideration. We do not use your company profile data, business information, or generated reports to train, fine-tune, or otherwise improve AI models. Your data is used solely and exclusively for the purpose of generating the outputs you request through the Service.
We may use anonymized, aggregated, and de-identified data that cannot reasonably be used to identify you for research, analytics, benchmarking, and service improvement purposes. Such anonymized data is not considered personal information under this Policy.
Rémis uses artificial intelligence (AI) technology to generate reports, analyses, and assessments based on the company profile data you provide. It is important that you understand how your data is processed in this context.
When you request a report or analysis, the relevant company profile data you have submitted is transmitted to third-party AI service providers via secure API connections. This data is sent for the sole purpose of generating the specific output you have requested. Currently, Rémis utilizes Anthropic's Claude API as its primary AI provider.
We use AI providers under enterprise and commercial API agreements that include data protection provisions. Under these agreements and the providers' published policies, data submitted through API calls is not used by the AI providers to train, retrain, or improve their foundation models. The AI providers process the data solely to generate the requested output and may retain inputs and outputs only for limited periods as required for abuse monitoring, safety compliance, and legal obligations, in accordance with their respective enterprise data handling policies.
Certain features of the Service may involve automated web research to gather publicly available information relevant to your report (such as industry benchmarks, vendor pricing, regulatory updates, and market data). During this process, only general research queries based on public topics are submitted to search providers. Your personal information, account details, and proprietary company data are not shared with, transmitted to, or made accessible to any websites, search engines, or data sources that are researched as part of this process.
AI-generated outputs may contain inaccuracies, outdated information, or errors. All reports and analyses are provided for informational purposes only and do not constitute professional, legal, financial, or compliance advice. You should independently verify all AI-generated content before relying on it for business decisions.
We take the security of your information seriously and implement industry-standard technical and organizational measures to protect your data against unauthorized access, alteration, disclosure, or destruction.
The Service is hosted on industry-standard cloud infrastructure provided by reputable hosting providers. Our infrastructure is designed with security, availability, and scalability in mind. Data is stored in secure data centers located in the United States that maintain physical security controls, environmental safeguards, and access restrictions.
User authentication is managed through Supabase, which implements industry-standard security practices including:
All data transmitted between your browser and the Service, as well as between the Service and third-party providers, is encrypted using HTTPS with TLS (Transport Layer Security) protocols. We enforce HTTPS across all endpoints and do not permit unencrypted connections.
Access to user data is strictly limited to authorized personnel on a need-to-know basis. Administrative access to infrastructure and databases is protected by strong authentication mechanisms. We regularly review access permissions to ensure that only necessary personnel retain access to sensitive systems.
While we implement reasonable security measures, no method of electronic transmission or storage is completely secure. We cannot guarantee absolute security of your information. You acknowledge that you provide your information at your own risk and that you are responsible for maintaining the security of your account credentials.
We retain your information for as long as necessary to fulfill the purposes described in this Policy, unless a longer retention period is required or permitted by law.
While your account remains active, we retain all account information, company profile data, generated reports, usage data, and associated records necessary to provide the Service and maintain your account in good standing.
Upon your request to delete your account, or upon account termination, we will process the deletion as follows:
We may retain anonymized, aggregated, and de-identified data indefinitely for research, analytics, and service improvement purposes. This data cannot reasonably be used to identify any individual user and is not subject to deletion requests.
Notwithstanding the above, we may retain certain information for longer periods if required by applicable law, regulation, or legal process, or if necessary to establish, exercise, or defend legal claims.
Cookies are small text files placed on your device by your web browser when you visit a website. We use cookies and similar technologies as described below.
We use strictly necessary cookies that are essential for the operation of the Service. These include session management cookies that maintain your authenticated state as you navigate the platform, as well as security cookies that help protect against cross-site request forgery (CSRF) and other common web vulnerabilities. These cookies are required for the Service to function and cannot be disabled without impairing core functionality.
As of the effective date of this Policy, Rémis does not use analytics cookies or third-party analytics tracking services. If we introduce analytics cookies in the future, we will update this Policy and provide appropriate notice before deploying such cookies. Any future analytics cookies will be accompanied by a cookie consent mechanism that allows you to opt in or opt out.
Rémis does not use advertising cookies, retargeting pixels, or any form of ad-related tracking technology. We do not participate in ad networks or serve targeted advertisements.
Some browsers transmit "Do Not Track" (DNT) signals to websites. Because there is no universally accepted standard for how to respond to DNT signals, we do not currently respond to DNT signals. However, as stated above, we do not engage in cross-site tracking or advertising-related tracking.
The Service integrates with and relies upon certain third-party service providers to deliver its functionality. Each of these providers operates under its own privacy policy and terms of service. We encourage you to review the privacy practices of each provider.
We select third-party providers that maintain reasonable security practices and data protection measures. However, we are not responsible for the privacy practices or security of these third-party services. Your interactions with these providers are governed by their respective privacy policies.
Depending on your jurisdiction, you may have certain rights regarding your personal information. Rémis is committed to honoring these rights to the extent required by applicable law. You may exercise any of the following rights by contacting us at our LinkedIn page.
You have the right to request a copy of the personal information we hold about you. Upon verification of your identity, we will provide you with a summary of the categories of personal information collected, the purposes for which it is used, and the third parties with whom it has been shared.
You have the right to request correction of any inaccurate or incomplete personal information we hold about you. You may update certain account information directly through the Service, or you may contact us to request corrections to information that cannot be modified through the platform.
You have the right to request deletion of your personal information, subject to certain exceptions. Upon receiving a verified deletion request, we will delete your personal information in accordance with the retention schedule described in Section 6 of this Policy. Please note that we may retain certain information as required by law or for legitimate business purposes, such as fraud prevention or dispute resolution.
You have the right to export your generated reports and analyses from the Service. The platform provides built-in export functionality that allows you to download your reports in standard formats. If you require assistance with data export, you may contact us at our LinkedIn page.
Where we process your personal information based on your consent, you have the right to withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing that occurred prior to the withdrawal. Please note that withdrawing consent may result in your inability to use certain features of the Service that require the processing of your information.
To exercise any of the rights described above, please send a written request to our LinkedIn page. In your request, please clearly describe the right you wish to exercise and provide sufficient information for us to verify your identity. We will respond to verified requests within thirty (30) days, or such shorter period as may be required by applicable law. We will not discriminate against you for exercising your privacy rights.
If you are a California resident, you have additional rights under the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (collectively, "CCPA"). This section supplements the information provided in the rest of this Policy.
In the preceding twelve (12) months, we have collected the following categories of personal information as defined by the CCPA: identifiers (email address, name, IP address); commercial information (subscription and transaction records); internet or other electronic network activity information (usage data, browsing history within the Service); and professional or employment-related information (company profile data submitted by you).
Rémis does not sell your personal information as defined by the CCPA. We do not share your personal information for cross-context behavioral advertising purposes. We have not sold or shared personal information in the preceding twelve (12) months.
As a California resident, you have the right to:
To exercise your CCPA rights, please contact us at our LinkedIn page. You may also designate an authorized agent to make a request on your behalf, provided that the agent can demonstrate proper authorization.
Rémis is operated from the United States of America. If you are accessing the Service from outside the United States, please be aware that your information will be transferred to, stored in, and processed in the United States, where data protection laws may differ from those in your jurisdiction.
By using the Service, you consent to the transfer, storage, and processing of your information in the United States. If you do not consent to such transfer, you should not use the Service. We will take reasonable steps to ensure that your information is treated securely and in accordance with this Privacy Policy regardless of where it is processed.
If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, please note that Rémis does not currently maintain Standard Contractual Clauses (SCCs) or other approved transfer mechanisms for cross-border data transfers. By using the Service, you acknowledge and accept the risks associated with the transfer of your data to the United States.
The Service is not intended for, directed at, or designed to be used by individuals under the age of eighteen (18). Rémis is a business-oriented SaaS platform, and we expect all users to be adults capable of entering into binding legal agreements.
We do not knowingly collect, solicit, or receive personal information from individuals under the age of eighteen (18). If we become aware that we have collected personal information from a minor, we will take prompt steps to delete such information from our records. If you are a parent or guardian and believe that your child under the age of eighteen (18) has provided personal information to Rémis, please contact us immediately at our LinkedIn page so that we can take appropriate action.
We reserve the right to modify, amend, or update this Privacy Policy at any time at our sole discretion. When we make changes to this Policy, we will update the "Effective date" at the top of this page and take reasonable steps to notify you of material changes.
Notification of material changes may be provided through one or more of the following methods: a prominent notice within the Service, an email to the address associated with your account, or a notification upon your next login to the platform. We encourage you to review this Policy periodically to stay informed about our privacy practices.
Your continued use of the Service after any changes to this Policy become effective constitutes your acceptance of the revised Policy. If you do not agree with the terms of the updated Policy, you must discontinue your use of the Service and may request deletion of your account and personal information in accordance with Section 9 of this Policy.
In the event of a security breach that results in the unauthorized access, acquisition, disclosure, or use of your personal information, Rémis is committed to responding promptly and transparently.
We will notify affected users of a qualifying data breach within seventy-two (72) hours of becoming aware of the breach, or as soon as reasonably practicable thereafter, via email to the address associated with the affected account. The notification will include, to the extent known at the time:
We will also notify applicable regulatory authorities as required by law. We maintain internal procedures for detecting, investigating, and responding to security incidents, and we will take all reasonable steps to contain and remediate any breach as quickly as possible.
If you have any questions, concerns, or requests regarding this Privacy Policy, our data practices, or the exercise of your privacy rights, please contact us at:
We will make reasonable efforts to respond to all legitimate inquiries within thirty (30) days. If you are not satisfied with our response, you may have the right to lodge a complaint with your local data protection authority, where applicable.
This Privacy Policy is governed by and construed in accordance with the laws of the State of Indiana, United States, without regard to its conflict of law provisions.