Privacy Policy

    Effective Date: December 6, 2025 | Last Updated: December 6, 2025

    1. Introduction and Scope

    Runa, Inc. and its affiliates ("Runa," "we," "our," or "us") are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy ("Policy") describes how we collect, use, disclose, retain, and safeguard information when you access or use our AI-powered research interview platform, websites, mobile applications, and related services (collectively, the "Service").

    This Policy applies to all users of the Service, including researchers who create and manage studies ("Researchers"), individuals who participate in research interviews ("Participants"), and visitors to our websites. By accessing or using the Service, you acknowledge that you have read, understood, and agree to be bound by this Policy. If you do not agree with this Policy, you must discontinue use of the Service immediately.

    For residents of the European Economic Area ("EEA"), United Kingdom ("UK"), or Switzerland, Runa acts as the "data controller" for personal data we collect directly from you. When processing data on behalf of Researchers, we act as a "data processor."

    2. Definitions

    • "Personal Data" means any information relating to an identified or identifiable natural person, including but not limited to name, email address, IP address, device identifiers, and any other information that can be used to directly or indirectly identify an individual.
    • "Sensitive Personal Data" means Personal Data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, health data, or data concerning sex life or sexual orientation.
    • "Processing" means any operation performed on Personal Data, including collection, recording, organization, structuring, storage, adaptation, retrieval, consultation, use, disclosure, dissemination, alignment, combination, restriction, erasure, or destruction.
    • "Research Data" means all content, data, and information created, uploaded, or generated through the Service in connection with research studies, including study designs, questions, participant responses, and analytical outputs.

    3. Information We Collect

    3.1 Information You Provide Directly

    Account Registration Data: When you create an account, we collect your full name, email address, and authentication credentials. If you register using Google OAuth, we receive your Google account email address, display name, profile photograph URL, and unique Google user identifier. We do not store passwords for accounts authenticated through third-party providers.

    Profile and Organizational Data: You may optionally provide additional information including company name, company description, industry classification, organization size, job title, department, and professional contact information.

    Research Content: We collect and process research study configurations, research objectives, interview questions, screening criteria, study settings, branding assets, and any other content you create or upload to the Service.

    4. How We Use Your Information

    We use the information we collect for the following purposes:

    • Service Provision: To create and manage accounts, authenticate access, provide core platform functionality, process research studies, facilitate interviews, and generate insights and analytics.
    • AI Processing: To power AI-generated interview questions, follow-up questions, response analysis, theme identification, and research insights.
    • Service Improvement: To understand usage patterns, identify areas for enhancement, develop new features, and optimize performance and user experience.
    • Communications: To send transactional messages (account verification, study updates, participant notifications), respond to inquiries, and provide customer support.

    5. Data Security

    We implement comprehensive technical and organizational security measures designed to protect your Personal Data against unauthorized access, alteration, disclosure, or destruction. These measures include encryption (TLS 1.3 for data in transit, AES-256 for data at rest), industry-standard OAuth 2.0 authentication, role-based access control, and 24/7 security monitoring.

    6. Your Privacy Rights

    You have the right to access, rectify, or erase your Personal Data. You may also have the right to data portability, to object to certain processing, to restrict processing, and to withdraw consent. To exercise any privacy rights, contact us at admin@joinruna.com.

    7. Contact Us

    Runa, Inc.

    Privacy Inquiries

    Email: admin@joinruna.com

    We will acknowledge receipt of your inquiry within 5 business days and provide a substantive response within 30 days (or as required by applicable law).

    This Privacy Policy constitutes a legally binding agreement between you and Runa, Inc. regarding the collection, use, and disclosure of your Personal Data. By using the Service, you acknowledge that you have read, understood, and agree to be bound by this Policy.