Privacy Policy
Effective Date: April 7, 2026
Raileon LLC (“Raileon,” “we,” “our,” or “us”) is committed to protecting the privacy and security of your information. This Privacy Policy explains how we collect, use, store, share, and protect your data when you use our website at raileon.comand our AI workforce platform (collectively, the “Services”).
1. Information We Collect
Information You Provide
- Account Information: Name, email address, phone number, business name, and billing information when you sign up or book a consultation.
- Onboarding Data: Business workflows, tool credentials, integration preferences, goals, and operational details you share during the onboarding process.
- Communications: Messages, emails, and other communications you send to us through any channel.
- Business Content: Data, files, contacts, and other materials you provide to or generate through your AI agents on the Platform.
Information Collected Automatically
- Usage Data: How you interact with the Platform, including pages visited, features used, agent activity logs, and dashboard interactions.
- Device & Browser Data: IP address, browser type, operating system, device identifiers, and referring URLs when you visit our website.
- Cookies: We use essential cookies to maintain your session and preferences. We may use analytics cookies to understand how visitors use our website. You can control cookie settings through your browser.
Information from Third-Party Integrations
When you connect third-party tools (e.g., Gmail, HubSpot, Slack, Calendly) to the Platform, your AI agents may access and process data from those services on your behalf. We access only the data necessary to perform the tasks you have configured.
2. How We Use Your Information
We use the information we collect to:
- Deploy, configure, and operate your AI agents and workspace
- Provide customer support and respond to your inquiries
- Process payments and manage your subscription
- Monitor agent performance and optimize workflows
- Improve the reliability, security, and functionality of the Platform
- Send service-related communications (billing notices, maintenance alerts, onboarding updates)
- Comply with legal obligations
3. Data Architecture & Storage
Each Raileon client operates on a dedicated, isolated server instance. Your business data — including agent configurations, workflow outputs, and integration credentials — resides on your own private server and is not commingled with other clients’ data.
- Encryption in transit: All data transmitted between your browser, your server, and third-party integrations is encrypted using TLS 1.2 or higher.
- Encryption at rest: Data stored on your server is encrypted at rest using industry-standard AES-256 encryption.
- Access controls: Server access is restricted to authorized Raileon personnel on a need-to-know basis for maintenance and support purposes.
- Credential management: Third-party integration credentials are stored using secure credential management with restricted access permissions.
4. AI Processing & Your Data
Your AI agents process your data using large language models (LLMs) provided by third-party AI providers (e.g., Anthropic, Google). When your agents process tasks:
- Data is sent to the AI provider’s API solely to generate the requested output.
- We use API configurations that do not permit the AI provider to use your data for model training.
- Processed data is returned to your server and is not retained by the AI provider beyond the duration of the API request, subject to the AI provider’s own data handling policies.
We encourage you to review the privacy policies of our AI providers for additional detail on how they handle API data.
5. Sharing Your Information
We do not sell, rent, or trade your personal information. We may share limited information with the following categories of recipients:
- Infrastructure Providers: Cloud hosting and server providers that host your dedicated instance. These providers are contractually obligated to protect your data.
- AI Model Providers: As described in Section 4, for the purpose of processing agent tasks via API.
- Payment Processors: To process subscription payments. We do not store your full credit card information on our servers.
- Legal & Compliance: When required by law, regulation, legal process, or enforceable government request, or to protect the rights, property, or safety of Raileon, our clients, or the public.
- Business Transfers: In connection with a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity. We will notify you before your data becomes subject to a different privacy policy.
6. Data Retention
We retain your data for as long as your account is active and as needed to provide you with our services. Upon cancellation of your subscription:
- You may request an export of your data within 30 days.
- After 30 days, your server instance and all associated data will be permanently deleted.
- We may retain anonymized, aggregated data that cannot be used to identify you for analytics and service improvement purposes.
- We retain billing records and basic account information as required by applicable tax and accounting regulations.
7. Your Rights
Depending on your jurisdiction, you may have the following rights regarding your personal information:
- Access: Request a copy of the personal data we hold about you.
- Correction: Request correction of inaccurate or incomplete personal data.
- Deletion: Request deletion of your personal data, subject to legal retention requirements.
- Portability: Request your data in a structured, machine-readable format.
- Objection: Object to certain processing activities, such as marketing communications.
- Withdrawal of Consent: Where processing is based on consent, you may withdraw consent at any time.
To exercise any of these rights, contact us at admin@raileon.com. We will respond within 30 days.
8. California Residents
If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with additional rights, including the right to know what personal information we collect and how it is used, the right to request deletion, and the right to opt out of the sale of personal information. We do not sell personal information. To exercise your CCPA rights, contact us at admin@raileon.com.
9. International Users
Raileon is based in the United States. If you access our Services from outside the United States, your data may be transferred to and processed in the United States. By using our Services, you consent to the transfer of your data to the United States, where data protection laws may differ from those in your jurisdiction.
If you are located in the European Economic Area (EEA) or United Kingdom, we process your data on the basis of contractual necessity, legitimate interest, or your consent, as applicable. You may contact us to exercise your rights under GDPR.
10. Children’s Privacy
Raileon’s services are designed for business use and are not directed at individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child, we will take steps to delete that information promptly.
11. Security
We implement technical and organizational measures designed to protect your data, including isolated server infrastructure, encrypted storage, access controls, and regular security monitoring. However, no method of electronic transmission or storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security.
12. Changes to This Policy
We may update this Privacy Policy from time to time. When we make material changes, we will notify you via email or through the Platform at least 15 days before the changes take effect. The “Effective Date” at the top of this page indicates when this policy was last revised.
13. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, contact us at:
Raileon LLC
Miami, Florida
admin@raileon.com