Last updated: May 23, 2026.
Retayned, operated by Maniac Digital, LLC ("Retayned," "we," "our," "us"), is committed to protecting the privacy of our users and the clients they manage through the Service. This Privacy Policy describes how we collect, use, store, and share information when you use the Retayned platform, website (retayned.com), and related services (collectively, the "Service").
Retayned is designed for freelancers, consultants, and agencies to manage their relationships with their own clients. Because of this, the Service involves two distinct categories of people: (1) Users — the account holders who subscribe to Retayned, and (2) Clients — the third parties whose information Users enter into the Service. This policy explains how we handle data about both.
You are the controller of your Client Data. When you enter information about your clients into the Service, you act as the data controller for that information under applicable privacy laws (including GDPR, UK GDPR, and CCPA). Retayned acts as your data processor and processes Client Data solely on your behalf and according to your instructions as set out in these terms and our Data Processing Addendum.
This means you are responsible for: having a lawful basis to collect and process your clients' information (typically legitimate interest for B2B client management, but this is your determination to make); providing any notices your clients are entitled to under applicable law; obtaining any consents required in your jurisdiction; and responding to requests from your clients to access, correct, or delete information about them.
We will support you by providing tools to export, edit, and delete Client Data, and by routing any direct requests we receive from your clients to you for response. A Data Processing Addendum is available on request at privacy@retayned.com.
Account Information. When you register, we collect your name, email address, company name, and billing information. If you sign up via Google OAuth, we receive your name and email from Google. We do not store your Google password.
Client Data. You enter information about your clients into the Service, including names, contact information, relationship profiles, health check responses, revenue and billing records, notes, logged touchpoints, and other client-related data ("Client Data"). You control what Client Data you provide.
AI-Generated Data. The Service produces derived data about your clients, including retention scores, profile scores, archetype classifications, suggested daily actions, and conversation history with the Rai advisor ("AI-Generated Data"). This data is stored in association with the relevant client record.
Integration Data. Retayned offers an opt-in integration with Google Calendar, and may offer additional opt-in integrations in future (such as Gmail or Slack). If you choose to connect Google Calendar, we receive your Google account identifier and, with your authorization, read access to your calendar events via the https://www.googleapis.com/auth/calendar.readonly scope. We use this data only to display upcoming meetings inside Retayned, link calendar events to client records you have created, and inform Rai's preparation suggestions for those meetings. We do not modify your calendar, we do not access events the API does not return, and we do not read email or other Google services. Integrations are opt-in, can be disconnected at any time from your account settings, and disconnection deletes all stored Google event data within 30 days. See Section 5 below for additional protections specific to Google user data.
Usage Data. We automatically collect information about how you interact with the Service, including pages viewed, features used, session duration, device type, browser type, IP address, and referring URLs.
Cookies and Tracking. We use essential cookies to maintain your session and preferences, and analytics tools to understand usage patterns. We do not use third-party advertising cookies. You may disable non-essential cookies through your browser settings.
We use the information we collect to: provide, operate, and maintain the Service; generate retention scores, health assessments, and AI-powered recommendations through Rai; process payments and manage your subscription; send transactional communications (account confirmations, billing notices, security alerts); respond to support requests; and comply with legal obligations.
We do not sell, rent, or lease your personal information or Client Data to third parties. We do not use your Client Data for advertising purposes.
What Rai does. Rai is Retayned's AI advisor. When you interact with Rai or when the Daily Sweep runs, Client Data relevant to the request — relationship profiles, scores, recent notes, revenue data, and recent Rai conversation history — is sent to a third-party AI provider (currently Anthropic's Claude API) to generate recommendations, suggestions, and responses.
Data minimization. We send only the Client Data necessary to generate a relevant response. We do not send your full account, your billing details, your credentials, or data about clients other than those relevant to the request.
Zero retention at the AI provider. Our AI provider is contractually prohibited from retaining your Client Data beyond the duration of the API request and from using it for model training. We rely on Anthropic's zero-retention posture for API traffic.
Rai conversations. When you chat with Rai about a specific client, the conversation is stored in Retayned so Rai can maintain context across sessions. Conversations are capped at a rolling window (currently 20 messages per client) and are stored against that client record. Individual messages are automatically purged 180 days after they are sent, on a rolling per-message basis, so Rai's context reflects only recent relationship history. You can delete a Rai conversation at any time from the client profile. Deleting a client deletes all associated Rai conversations and AI-Generated Data within 30 days.
Daily Sweep outputs. Rai generates suggested tasks for your clients on a scheduled basis. These suggestions, along with whether you promoted or dismissed them, are stored as history to improve suggestion quality for you over time and to avoid repeating completed suggestions. This history is treated as Client Data and is deleted when the associated client is deleted.
AI Outputs are not professional advice. Retention scores, suggestions, scripts, and Rai responses are informational. They do not constitute legal, financial, or business advice, and you should exercise your own judgment before acting on them.
This section describes how Retayned handles user data received from Google APIs. It is in addition to, and not in place of, the rest of this Privacy Policy.
Limited Use compliance. Retayned's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
Scopes we request. Retayned currently requests one Google scope: https://www.googleapis.com/auth/calendar.readonly. This grants read-only access to a User's Google Calendar events. We do not request write, delete, or share scopes for Google Calendar, and we do not request any other Google scope (Gmail, Drive, Contacts, etc.).
How we use Google user data. Google Calendar data is used exclusively to provide and improve user-facing features of the Service. Specifically:
How we do not use Google user data.
Storage and processing of Google user data. Calendar event data is stored in our database (currently Supabase, encrypted at rest with AES-256) and is accessible only to the User who connected the integration and to Retayned personnel with a legitimate operational need. Calendar event data is included in your account's regular data retention and deletion practices (see Section 9).
Disconnecting Google Calendar. You may disconnect Google Calendar at any time from your Retayned account settings, or by revoking access at your Google Account permissions page. Disconnection stops further data retrieval immediately and deletes stored Google event data from your Retayned account within 30 days.
Questions specific to Google data. Contact privacy@retayned.com with "Google data" in the subject line.
We may use aggregated, de-identified patterns derived from Service usage to improve the Service — including refining scoring weights, archetype definitions, and suggestion quality. Aggregated data of this kind is stripped of identifiers that would allow it to be linked back to you, your clients, or any specific account, and is used in the aggregate only.
We do not use your Client Data, your Rai conversations, your AI-Generated Data, or your Google user data to train, fine-tune, or improve any third-party AI or machine learning models. Our AI API providers are contractually prohibited from doing so.
We share information only in the following circumstances: with service providers who help us operate the Service, subject to contractual obligations to protect your data; with your consent or at your direction; to comply with applicable law, regulation, legal process, or governmental request; to protect the rights, safety, or property of Retayned, our users, or the public; and in connection with a merger, acquisition, or sale of assets, in which case you will be notified of any change in data practices.
Categories of service providers we use:
All service providers are bound by data processing agreements that prohibit them from using your data for their own purposes. A current list of sub-processors is available on request at privacy@retayned.com.
We implement industry-standard security measures to protect your data, including: encryption of data in transit (TLS 1.2+) and at rest (AES-256); secure authentication with password hashing and optional OAuth; row-level access controls in our database limiting access between accounts; administrative access controls limiting employee access to production data; regular security reviews of our infrastructure and dependencies; and secure API communication with all third-party providers.
No method of transmission or storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.
Breach notification. In the event of a data breach affecting your personal information or Client Data, we will notify affected Users without undue delay and, where required by applicable law, within the statutory timeframe (typically 72 hours under GDPR). Our notice will describe the nature of the breach, the categories and approximate number of records affected, likely consequences, and the steps we are taking to address it.
Active accounts. We retain Account Information, Client Data, and AI-Generated Data for as long as your account is active.
Account cancellation. If you cancel your subscription, your data will be retained in an inactive state for 30 days to allow for reactivation, after which it will be permanently deleted within 90 days.
Deleting a client. When you delete a client from your portfolio, all associated Client Data, AI-Generated Data, Rai conversations, and suggestion history for that client will be deleted within 30 days. Backups may retain deleted data for an additional period not to exceed 60 days, after which it is purged from backup media.
Rai conversation messages. Individual Rai conversation messages are automatically deleted 180 days after they are sent, on a rolling per-message basis, regardless of whether the associated client is still in your portfolio.
Immediate deletion. You may request immediate deletion of your account and all associated data at any time by contacting privacy@retayned.com.
Legal retention. Certain data may be retained as required by law (for example, billing records for tax purposes) even after account deletion.
Aggregated data. Aggregated, de-identified data that cannot be used to identify you or your clients may be retained indefinitely for product improvement purposes.
Depending on your jurisdiction, you may have the right to: access, correct, or delete your personal information; export your data in a portable format; restrict or object to certain processing; withdraw consent where processing is based on consent; and lodge a complaint with a supervisory authority. These rights are recognized by, among others, the EU General Data Protection Regulation (GDPR), the UK GDPR, the California Consumer Privacy Act and CPRA (CCPA), and the District of Columbia's Consumer Personal Data Privacy Act.
To exercise any of these rights regarding information about you (as a User), contact us at privacy@retayned.com. We will respond within 30 days.
Requests from your clients. If you are a third-party client (not a User) and you believe a Retayned User has entered information about you into the Service, please contact that User directly — they are the controller of information about you and are responsible for responding to your request. If you are unable to identify or reach the relevant User, you may contact us at privacy@retayned.com and we will make reasonable efforts to route your request to the appropriate User. We do not independently access, modify, or delete client records without instruction from the controlling User, except where required by law.
Retayned is based in Washington, DC, United States. If you access the Service from outside the United States, your information may be transferred to, stored, and processed in the United States. By using the Service, you consent to the transfer of your information to the United States, where data protection laws may differ from those in your jurisdiction. For transfers from the EEA, UK, or Switzerland, we rely on Standard Contractual Clauses or equivalent safeguards as set out in our Data Processing Addendum.
The Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will delete it promptly.
Retayned offers an Enterprise product with additional access surfaces, including a managed agent API. Enterprise customers are governed by a separate agreement that may include additional or modified data processing terms. The practices described in this policy apply to the self-serve Service unless superseded by an Enterprise agreement.
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on the Service and updating the "Last updated" date, and, for material changes, by email or in-app notice. Your continued use of the Service after any changes constitutes acceptance of the updated policy.
If you have questions about this Privacy Policy or our data practices, contact us at:
privacy@retayned.com
Maniac Digital, LLC
Washington, DC, United States