Privacy Policy

Last Updated: January 21, 2026

RadishAI, Inc. ("Radish," "we," "us," or "our") is an AI-powered platform dedicated to helping people build and run AI assistants through natural language conversations. Our mission is to make assistants simple to create and dependable to use across chat, channels, and integrations, while prioritizing the privacy and security of your data. We are committed to fostering a vibrant community of builders and ensuring compliance with applicable privacy laws in the United States (including all applicable state privacy statutes), European Economic Area, United Kingdom, Switzerland, and Canada.

This Privacy Policy ("Policy") outlines how Radish collects, uses, shares, and otherwise processes personal information from users, including developers, entrepreneurs, builders and visitors ("user," "you," or "your") of our website, platform, and services (collectively, the "Services"). By using our Services, you acknowledge and consent to the Policy. If you disagree with the terms of this Policy, you should avoid using our Services.

If you are using the Services on behalf of a company or other legal entity, you represent that you have authority to bind that entity, and "you" will refer to that entity.

Definitions

  1. Consent means a clear affirmative act signifying a user's freely given, specific, informed, and unambiguous agreement to allow the processing of personal data relating to the user. "Consent" may include a written statement, including by electronic means, or any other unambiguous affirmative action.
  2. Personal data or Personal information under the Delaware Personal Data Privacy Act and similar U.S. state laws means any information that is linked or reasonably linkable to an identified or identifiable individual. It excludes de-identified data and publicly available information. This definition is consistent with the EU GDPR, UK GDPR, Canada's PIPEDA, the revised Swiss Federal Act on Data Protection, and all applicable U.S. federal and state privacy laws. Personal data may include, for example, your name, email address, username, unique device or browser identifiers, Internet-protocol (IP) address, authentication tokens, usage and telemetry logs, or other information generated through your use of our Services.
  3. Sensitive data or Sensitive personal data means personal data that includes any of the following:
    1. Data revealing racial or ethnic origin, religious beliefs, mental or physical health condition or diagnosis (including pregnancy), sex life, sexual orientation, status as transgender or nonbinary, national origin, citizenship status, or immigration status.
    2. Genetic or biometric data.
    3. Personal data of a known child.
    4. Precise geolocation data.

    Radish does not intentionally collect Sensitive Personal Data, such as biometric identifiers, health information, or precise geolocation, and instructs users not to upload such information. This definition will be interpreted to include any equivalent term under other privacy laws that come into force during the life of this Policy.

Information We Collect

  • Personal Information You Provide: Upon authentication via the Login feature on Radish, you expressly grant us access to the following personal information associated with your login account: your name, email address, profile picture etc. This information is obtained solely with your consent as part of the authentication process and is necessary for the creation and management of your Radish account. Any personal data you voluntarily provide through our services or integrations shall be deemed to constitute your explicit, informed, and unambiguous consent for its collection, processing, and use in accordance with this Privacy Policy.
  • Automatically Collected Data: IP address, Browser type, device info, session logs, cookies data, usage, telemetry data, error reports, customer support communications, and service interaction metadata.
  • Third-Party Platform Data: Radish or any assistants you create may access data from third-party accounts and services you authorize, such as Google Workspace, Instagram, Notion and other platforms, solely to perform and complete the tasks assigned to the assistant. Such access occurs only to the extent necessary for the assistant's intended functionality and is governed by the applicable third-party API terms, with access limited to the minimum permissions required or supported by the platform. We use incremental authorization to ensure we only request access to the specific data and permissions necessary for the assistant to perform the tasks the user wants. Data accessed via third-party APIs is isolated to the specific user's assistants and is not used to benefit other users or shared across the platform's general AI model. This data will not be used for AI training, analytics, or external profiling beyond the purposes explicitly authorized. The use of your information by these third parties is subject to their own privacy policies and terms, and Radish is not responsible for their practices.
  • Third-Party Integrations: When you connect third-party websites or platforms to Radish to fetch data or facilitate assistant functionality, these third parties may access and use your information stored with or provided to Radish solely for authentication and to perform the specific functionalities of your assistants. Such use is governed by the respective third parties' privacy policies.

How We Use Your Information

  • Facilitate account creation, authentication, and management.
  • Provide, operate, and enhance assistant functionality and our overall platform.
  • Enable communication and collaboration features.
  • Process payments securely via third-party processors.
  • Provide customer support, respond to inquiries, and gather feedback.
  • Ensure platform security, detect and prevent fraudulent or unauthorized activities.
  • Comply with legal and regulatory obligations.
  • Send administrative, service-related, and promotional communications only with consent.

Legal Bases for Processing

Radish processes personal data only when there is a valid legal basis for doing so under applicable data protection laws, including but not limited to the General Data Protection Regulation (GDPR), Delaware Personal Data Privacy Act, and other relevant statutes.

The legal bases on which we rely to collect, use, and disclose your personal data include:

  • Performance of a Contract: Processing is necessary to enter into or perform our contractual obligations with you, such as providing, maintaining, and supporting Radish services, including assistant development, account management, and transaction processing.
  • Consent: Where required by law or applicable regulations, we seek your explicit consent before processing your personal data, such as for marketing communications, non-essential cookies, or third-party integrations. You may withdraw this consent at any time without affecting the lawfulness of prior processing.
  • Legitimate Interests: We may process your personal data to fulfill legitimate interests pursued by Radish or by third parties (usually for assistant execution), provided such interests are not overridden by your rights or freedoms. These include platform security, fraud detection and prevention, service improvement, product development, analytics, and internal research.
  • Compliance with Legal Obligations: Processing is necessary for Radish to comply with applicable laws, statutes, regulations, or government orders, including tax, accounting, export controls, and sanctions compliance.
  • Protection of Vital Interests: In rare cases, processing may be necessary to protect the vital interests of you or another individual, for example, in emergencies to prevent serious harm.
  • Public Interest or Official Authority: Where applicable, Radish may process personal data to carry out tasks in the public interest or exercise official authority vested in us.

Radish processes personal data strictly in accordance with the specific limitations and protections imposed by the relevant privacy laws and will not engage in processing that exceeds what is reasonably necessary for these purposes.

Sharing and Disclosure

  • Shared only with trusted service providers, contractors, and partners under strict contracts safeguarding your data.
  • Data accessed via third party APIs is used for authorized purposes only.
  • No sale of personal information.
  • Business transfers are subject to privacy safeguards.
  • Disclosure when legally compelled or to protect rights and platform integrity.

Google API Disclosure

Radish's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy , including the Limited Use requirements. We do not use Google user data to serve advertisements or for the purpose of training general-purpose AI models.

Cookies and Tracking Technologies

Radish and its service providers use cookies to collect and store information when you visit or use our Services. These technologies help us to:

  • Ensure the proper functioning and security of our platform,
  • Authenticate users and prevent fraudulent access,
  • Analyze usage patterns and improve service performance,
  • Personalize your experience and remember your preferences,
  • Measure the effectiveness of marketing campaigns and deliver relevant advertisements.

We deploy the following categories of cookies:

  • Strictly Necessary Cookies: Required for core site functions such as login authentication and session management. These cookies do not require your consent.
  • Performance and Analytics Cookies: Collect information on how you interact with our Services to help us improve functionality and user experience. We obtain prior consent where legally required.
  • Functional Cookies: Enable enhanced features and personalization, such as language preferences and interface customization.

Most web browsers accept cookies by default. You can typically modify your browser settings to block or delete cookies; however, doing so may affect your ability to use certain features of the Services.

Data Retention

Radish retains your personal data only for as long as necessary to fulfill the purposes for which it was collected, including providing, managing, and improving our Services, complying with our legal and regulatory obligations, resolving disputes, and enforcing our agreements. The retention period may vary depending on the nature of the personal data, the context of its collection, and the applicable legal, tax, or accounting requirements. When we no longer have a legitimate business need to process your personal data, we will either delete or anonymize it. In cases where deletion is not feasible (for example, because your data is stored in backup archives), we will securely isolate the data from any further processing until deletion becomes possible. Usage data and operational logs may be retained for shorter periods to monitor performance, improve service quality, and ensure security, but always in compliance with applicable laws. Your personal data may also be retained for longer periods if necessary to protect our legal rights or comply with a legal obligation. You have the right to request the deletion of your personal data, subject to exceptions provided by law.

Data Security

Radish is committed to protecting the security and confidentiality of your personal information. We implement appropriate technical and organizational measures designed to safeguard your data against unauthorized access, disclosure, alteration, and destruction. Our security controls include encryption, access controls, intrusion detection, regular security assessments, and secure development practices. Access to personal data is limited to authorized personnel and service providers who require it to perform their duties under strict confidentiality obligations. Despite these measures, no method of electronic transmission or storage can be guaranteed to be completely secure. Therefore, while we strive to protect your data, we cannot guarantee absolute security against all risks, including cyberattacks or unauthorized third-party actions. You are responsible for maintaining the security of your account credentials and should take care to protect your login information. We recommend using strong passwords and secure environments when accessing our services. In the event of a data breach that poses a risk to your rights or freedoms, Radish will comply with all applicable laws regarding breach notification, including timely communication to affected individuals and relevant authorities.

Children's Privacy

Radish's Services are not intended for use by individuals under the age of 13 without verifiable parental consent. In compliance with the Children's Online Privacy Protection Act, 1998, and applicable provisions under the Delaware Personal Data Privacy Act (DPDPA), we do not knowingly collect or solicit personal information from children under 13 without obtaining explicit consent from their parent or legal guardian.

For users aged 13 to under 18, in accordance with DPDPA, consent must be obtained directly from the minor before processing their personal data for purposes such as targeted advertising or the sale of data.

If we discover that personal data from a child under 13 has been collected without proper parental consent, or from a minor without required consent under applicable laws, we will promptly delete such information.

Your Rights and Controls

You have certain rights regarding your personal information and how it is collected, used, and shared by Radish. These rights may vary depending on your jurisdiction and applicable privacy laws, but generally include:

  • Access and Correction: You may request access to the personal information we hold about you and ask us to correct any inaccuracies.
  • Data Portability: Where applicable, you have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller.
  • Deletion: You may request the deletion of your personal data, subject to certain exceptions where retention is necessary for legal compliance, dispute resolution, or other legitimate interests. Users can delete their account and associated data by emailing legal@radish.build.
  • Restriction of Processing: In some cases, you may request that we limit the processing of your personal data.
  • Objection to Processing: You may object to certain processing activities, including processing based on legitimate interests or for direct marketing purposes.
  • Consent Management: You have the right to withdraw consent at any time for processing activities that rely on your consent, without affecting the lawfulness of processing conducted before your withdrawal.

Radish may require you to verify your identity before responding to such requests to protect your privacy and security. Please note that some information may need to be retained to comply with legal obligations or to complete transactions already initiated.

How We Will Notify You of Changes

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information and update our practices.

Contact Us

For questions, privacy rights requests, concerns, or to exercise rights specified in this policy, contact us at: legal@radish.build