1. Who We Are
RegScope AI is operated by NewFrame Legal ("we", "us", "our"). This policy explains how we collect, use, and protect your personal data when you use the RegScope AI regulatory screening service at this website.
Data controller: NewFrame Legal. Contact: privacy@newframelegal.com
2. What Data We Collect
| Data | When collected | Why |
|---|---|---|
| Project questionnaire answers | When you submit an assessment | To generate your regulatory assessment |
| Uploaded documents (whitepaper, pitch deck) | If you choose to upload | To improve analysis accuracy |
| Email address | If you provide it voluntarily | To send your report link |
| Session ID | Automatically when assessment starts | To retrieve and persist your report |
| Payment information | Where payment is enabled | Processed by our payment provider — we do not store card details |
| Usage data (pages visited, time on site) | Automatically via Cloudflare | Site analytics and performance |
3. How We Use Your Data
We use the data we collect to:
- Generate and store your regulatory assessment report
- Send you your report link by email (only if you provided an email address)
- Improve the accuracy of our AI pipeline and knowledge base
- Comply with our legal obligations
We do not use your project description or questionnaire answers for any purpose other than generating your assessment and improving the service. We do not sell your data to third parties. We do not use your data for advertising.
4. Legal Basis for Processing (GDPR)
If you are located in the European Economic Area, our legal bases for processing your personal data are:
- Contract performance — processing your questionnaire answers to deliver the assessment you requested
- Legitimate interests — improving service quality, preventing fraud, operating the platform
- Consent — where you have provided your email address voluntarily for communications
5. Data Sharing
We share your data with the following third parties, strictly for the purposes listed:
- Anthropic (Claude API) — your project description and questionnaire answers are sent to Anthropic's API to generate the assessment. Anthropic processes this data under its own privacy policy and enterprise API terms.
- Cloudflare — our infrastructure provider (Workers, Pages, D1, R2). Your data is stored in Cloudflare's systems. See Cloudflare's privacy policy for details.
- Resend — if you provide an email address, we use Resend to deliver your report link email.
- WayForPay — where payment is enabled, payment is processed by WayForPay. We do not receive or store your card details.
6. Data Retention
Your assessment data (questionnaire answers, report JSON) is stored in our Cloudflare D1 database for 24 months from the date of creation, after which it is deleted. Uploaded documents are stored in Cloudflare R2 for 90 days then automatically deleted. If you request deletion before these periods expire, we will delete your data within 30 days.
7. Your Rights
If you are located in the EEA or UK, you have the following rights under GDPR/UK GDPR:
- Access — request a copy of the data we hold about you
- Rectification — request correction of inaccurate data
- Erasure — request deletion of your data
- Portability — receive your data in a structured, machine-readable format
- Objection — object to processing based on legitimate interests
- Restriction — request restriction of processing in certain circumstances
To exercise any of these rights, contact us at privacy@newframelegal.com with your session ID and email address. We will respond within 30 days.
You also have the right to lodge a complaint with your national data protection supervisory authority.
8. Cookies
We use minimal cookies. See our Cookie Policy for details.
9. Security
We use industry-standard security measures including HTTPS encryption in transit, access controls, and Cloudflare's security infrastructure. However, no internet transmission is 100% secure. We cannot guarantee the absolute security of your data.
10. Changes to This Policy
We may update this policy from time to time. Material changes will be indicated by an updated "Last updated" date at the top of this page.
11. Contact
For privacy questions or to exercise your rights: privacy@newframelegal.com