Privacy Policy

Effective date: June 27, 2026  |  Last updated: June 27, 2026

RadRoot is operated by Rad Consultants, LLC ("Rad Consultants," "we," "us"). This policy explains what data we collect, how we use it, and the choices you have. Questions? Email chris@radconsultants.com.

1. Who this applies to

This policy covers:

2. Data we collect

From operators: Name, email, company name, and billing information (processed by Stripe — we never store raw card data). We also log campaign configuration, uploaded CSV contact lists, and usage activity.

From respondents: The email address used to send the interview link; answers to the five-question interview; the AI-generated narrative based on those answers. We do not require respondents to create accounts or provide names unless the operator's dataset includes them.

Automatically: Server access logs (IP, timestamp, user agent) for security and debugging. No persistent tracking cookies are used on the respondent interview page.

3. How we use data

We do not sell personal data to third parties. We do not use respondent answers to train AI models.

4. AI processing

RadRoot uses Anthropic's Claude API to generate interview questions and narrative reports. Respondent answers are sent to Anthropic's API solely to produce the report for the operator. Anthropic's data use policies apply to that processing; see anthropic.com/privacy.

We do not share respondent data with any other AI provider.

5. Data sharing

We share data only with the following categories of parties, as necessary to operate the service:

6. Data retention

Respondent sessions and narratives are retained for the duration of the operator's account plus 90 days after account closure, then permanently deleted. Billing records are retained as required by applicable tax law (typically 7 years). Operators may request early deletion of their data by emailing chris@radconsultants.com.

7. Your rights (GDPR / CCPA)

If you are in the European Economic Area, the United Kingdom, or California, you have the right to:

To exercise any of these rights, email chris@radconsultants.com. We will respond within 30 days.

California residents: We do not sell personal information as defined under the CCPA. We do not use "sensitive personal information" in ways that require an opt-out right.

8. Security

Data in transit is encrypted via TLS. Data at rest is stored in a PostgreSQL database on a hardened VPS. Passwords are hashed using bcrypt. API keys use constant-time comparison. We review security posture regularly.

No system is perfectly secure. If you discover a security issue, please disclose it responsibly to chris@radconsultants.com.

9. Cookies

The admin interface stores a JWT authentication token in localStorage. The respondent interview page stores no cookies or persistent identifiers. We do not use third-party advertising or analytics cookies.

10. Children

RadRoot is not directed to individuals under 16. If we learn that we have collected data from a child under 16 without verifiable parental consent, we will delete it promptly.

11. Changes to this policy

We may update this policy. Material changes will be communicated to operators by email at least 14 days before they take effect. Continued use after that date constitutes acceptance.

12. Contact

Rad Consultants, LLC
Email: chris@radconsultants.com
Website: radconsultants.com