Privacy Policy
Last updated March 23, 2026
At Datarails (“we“, “us“, or “our“) we are committed to protecting the data that we collect when you use our website located at www.datarails.com (the “Website“) or our software platform and related services (the “Service“). By using the Website or Service you acknowledge that your Personal Information will be processed in accordance with this Privacy Policy. If you accept this Privacy Policy on behalf of your employees, colleagues, or any other person, you hereby represent and warrant that you have obtained their consent to do so in accordance with the terms of this Privacy Policy.
Capitalized terms not defined in this Privacy Policy shall have the meanings assigned to them in the Terms of Service and any other applicable policies governing the use of the Service.
1. Collection of Personal Information
1.1. Types of Data and Data Subjects
For the purpose of this Privacy Policy, “Personal Information” means any information relating to an identified or identifiable natural person. We may collect Personal Information in the following contexts:
(a) Customer Data. We process Personal Information provided by our customers in connection with their use of the Service (“Customer Content“), which may include Personal Information relating to their employees, end users, or other individuals. Customers determine what data they upload or submit to the Service and are responsible for ensuring that such processing complies with applicable laws. Where Datarails processes Personal Information, it does so on behalf of the customer and in accordance with the applicable Data Processing Agreement.
(b) User Data. We collect Personal Information relating to individuals who access or use the Website or the Service, including Website visitors, employees and representatives of our customers. This may include name, email address, company name, login credentials, contact information, usage information and device and browser information. This information is used to provide access to the Service, authenticate users, provide support, and fulfill contractual obligations.
(c) Prospect Data. We may collect Personal Information relating to prospective customers, business partners, or individuals who interact with our marketing activities, including through our website, events, webinars, digital content, or other communications. This may include contact details, professional information, and information relating to interactions with our marketing materials or services, including through interactions with advertisements, marketing campaigns, or third-party platforms.
(d) AI Content. Where users access artificial intelligence functionality available within the Service, we may process information submitted to such functionality, including prompts, files, text, data inputs and generated outputs. The use of such functionality and the processing of such content are governed by the AI Terms.
1.2. Registration by Others
In some cases, another user (such as a system administrator) may create an account on your behalf. If you provide Personal Information relating to another individual, you must ensure that you have the authority to do so and that such individual has been informed about the processing of their Personal Information.
Users may invite colleagues or external collaborators to use the Service. If you invite another user, we may collect information such as their name and email address.
1.3. Paying Customers
If you purchase subscriptions to the Service, we may collect billing and payment information. Payments are processed through third-party payment processors. Datarails does not store full payment card details and does not directly process payment card information.
1.4. Sensitive Information
We do not intentionally collect sensitive Personal Information such as medical or health information, racial or ethnic origin, political opinions, religious beliefs, sexual orientation and trade union membership.
1.5. Voluntary Provision of Information
You are not legally required to provide us with Personal Information. However, if you choose not to provide certain information, you may not be able to access or use certain features of the Service.
1.6. Sources of Personal Information
We collect Personal Information from the following sources:
(a) Directly from you, when you use the Service, register an account, request a demo, or communicate with us;
(b) Automatically, through your use of the Website or Service, including via cookies, analytics tools, and log data;
(c) From third parties, such as your employer, colleagues, business partners, event organizers, or other third parties, including publicly available sources, where permitted by law.
2. Legal Basis for Using Personal Information
Where applicable data protection laws apply, we rely on the following legal bases:
(a) Contractual Necessity — the processing is necessary for the performance of our contractual obligations, including providing access to and operating the Service, managing user accounts, processing transactions, and providing customer support in accordance with the Terms of Service.
(b) Legitimate Interests — we may process Personal Information where necessary for our legitimate interests, provided such interests are not overridden by the rights and freedoms of individuals. These interests may include: (a) operating, maintaining, and improving the Service; (b) understanding how the Service is used and improving product functionality; (c) protecting the security and integrity of the Service; (d) preventing fraud, abuse, or misuse of the Service; (e) providing customer support and responding to inquiries; and (f) marketing, promoting, and improving our services.
(c) Consent — where required by applicable law, we may rely on your consent to process Personal Information. For example, we may rely on consent when you subscribe to marketing communications or participate in certain promotional activities. You may withdraw your consent at any time by contacting us at compliance@datarails.com or by using the unsubscribe mechanism included in marketing communications.
(d) Legal Obligations — we may process Personal Information where necessary to comply with applicable laws, regulations, legal processes, or governmental requests.
3. How We Use Personal Information
We may use Personal Information for the following purposes:
(a) Provision of service. To operate, maintain, and provide the Service, including enabling access to the platform, delivering requested features, and improving the functionality and performance of the Service.
(b) Customer Support. To respond to support requests, troubleshoot issues, and communicate with users regarding their use of the Service.
(c) Account Administration. To create, manage, and administer user accounts, authentication credentials, and subscriptions.
(d) Service Communications. To send administrative messages relating to the Service, including notifications regarding account status, security alerts, updates to the Service, changes to the Terms of Service, AI Terms, or other policies. These communications are necessary for the operation of the Service and cannot be disabled while maintaining an active account.
(e) Marketing Communications. We may send marketing communications regarding our services, events, webinars, or updates that may be of interest to you. Users may opt out of marketing communications at any time by using the unsubscribe link included in such communications or by contacting us at compliance@datarails.com.
(f) Analytics and Service Improvement. To analyze usage patterns, conduct research, and improve the functionality, performance, and security of our products and services. We may also use aggregated or de-identified information derived from the Service for these purposes.
(g) Artificial Intelligence Functionality. Where the Service includes artificial intelligence functionality, we may process inputs, prompts, files, or other data submitted by users in order to generate automated outputs such as analyses, insights, or recommendations. Such processing may involve third-party AI service providers solely for the purpose of generating outputs and enabling AI functionality within the Service. The use of artificial intelligence functionality is governed by the Datarails AI Terms.
(h) Protecting Our Interests and Security. To investigate, prevent, or address fraud, abuse, security incidents, or potential violations of our policies, and to protect the rights, property, or safety of Datarails, our users, or third parties.
(i) Enforcement of Policies. To enforce our Terms of Service, AI Terms, Privacy Policy, and other applicable policies.
(j) Compliance with Legal Obligations. To comply with applicable laws, regulations, legal processes, or governmental requests.
4. How We Share Personal Information
Datarails does not sell Personal Information. We may share Personal Information with third parties in the following circumstances.
i. Service Providers. We may share information with service providers that support our operations, including cloud infrastructure providers, payment processors, analytics providers, security providers, customer support tools, and artificial intelligence service providers. These providers process Personal Information solely on our behalf and in accordance with our instructions.
ii. Legal Requirements. We may disclose Personal Information where required by law or legal process.
iii. Protection of Rights. We may disclose information where necessary to protect our legal rights, the security or integrity of the Service, and the safety of our users and customers.
iv. Business Transfers. Where Datarails is involved in a merger, acquisition, or sale of assets, Personal Information may be transferred as part of the transaction.
v. Customer Integrations with Third-Party Systems. Customers may choose to connect the Service with third-party systems, including artificial intelligence systems. Such integrations are configured and controlled by the customer. Datarails does not control and is not responsible for the processing of Personal Information performed by such third-party systems.
vi. Affiliates. We may share Personal Information within our group of companies for the purposes described in this Privacy Policy.
5. Data Retention
We retain Personal Information only as long as necessary to provide the Service and comply with legal obligations. In determining retention periods, we consider the nature, sensitivity, and purpose of the Personal Information, as well as applicable legal, regulatory, and contractual requirements. Customer Content is retained for the duration of the customer subscription and in accordance with the Terms of Service or customer instructions. We may retain anonymized or aggregated information indefinitely for analytics and product improvement.
6. How Information Is Protected
Datarails implements appropriate technical and organizational measures designed to protect Personal Information, including encryption, access controls, and network security protections. User accounts may be secured by user-created passwords. You are responsible for maintaining the confidentiality of your login credentials and for restricting access to your account. We rely on reputable third-party cloud infrastructure providers and service providers to host and operate the Service, subject to appropriate contractual and security safeguards. Despite our efforts, no method of transmission over the Internet or method of electronic storage is completely secure.
In the event of a security incident affecting Personal Information, Datarails will notify affected customers in accordance with applicable law.
7. International Transfer of Information
Datarails operates globally. Personal Information may be transferred to and processed in countries where Datarails or its service providers operate, including, without limitation, Israel and the United States. Where required by data protection laws, Datarails implements appropriate safeguards for international data transfers, including the use of Standard Contractual Clauses approved by the European Commission, the UK Information Commissioner’s Office, or other applicable mechanisms. These safeguards are intended to ensure that Personal Information receives an adequate level of protection regardless of the jurisdiction in which it is processed.
8. Data Subject Rights
Depending on applicable law, individuals may have certain rights regarding their Personal Information, including the right to: (a) access their Personal Information; (b) correct inaccurate information; (c) request deletion of their Personal Information; (d) restrict or object to certain processing activities; and (e) request data portability. Users may also access and update certain account information directly through their account settings.
Requests regarding Personal Information may be submitted to: compliance@datarails.com. We may take reasonable steps to verify your identity before responding to such requests. Where Datarails processes Personal Information on behalf of a customer, such requests should be directed to the relevant customer.
9. Minors
The Service is not intended for individuals under the age of 13 (or such other age as required under applicable law), and we do not knowingly collect Personal Information directly from children. However, as part of the Services, we may process Personal Information on behalf of our customers, which may include information relating to children, depending on the data uploaded by the customer. In such cases, the customer is responsible for ensuring that the processing of such data complies with applicable law.
If we become aware that we have collected Personal Information directly from a child without appropriate authorization, we will take steps to delete such information.
10. Cookies and Tracking Technologies
We use cookies and similar technologies to operate the Website and the Service, remember user preferences, analyze usage patterns, and improve our products and services. Cookies are small files placed on your device that enable us to recognize your browser and collect certain information about your interactions with the Website or the Service. We use different types of cookies, including cookies that are necessary for the operation of the Service, as well as analytics cookies that help us understand how users interact with our Website and Service.
Where required by applicable law, we will obtain your consent before placing non-essential cookies on your device. You may control or disable cookies through your browser settings. However, disabling cookies may affect the functionality of certain parts of the Website or the Service.
We may use third-party analytics tools, such as Google Analytics, to help us understand how users interact with the Website and improve our services. These tools may collect information such as pages visited, referring websites, and general usage statistics.
When you access or use the Website or the Service, our servers may automatically record certain technical information, including IP address, browser type, device information, and usage data. We use this information for system administration, security monitoring, analytics, and to improve the Service.
11. Third Party Links
The Website may contain links to third-party websites or services. This Privacy Policy does not apply to such third-party websites or services, and Datarails is not responsible for their privacy practices. We encourage you to review the privacy policies of any third-party websites or services you access.
12. Changes to This Privacy Policy
Datarails may update this Privacy Policy from time to time. The updated version will be posted on the Website. Continued use of the Service after such updates constitutes acceptance of the revised Privacy Policy.
If you have any questions about this Privacy Policy or our data practices, please contact: compliance@datarails.com.