— Document 02

Privacy Policy

Last updated: April 27, 2026

This Privacy Policy describes how RemoveWise, LLC, doing business as RemoveWise ("RemoveWise," "we," "our," or "us"), collects, uses, discloses, and protects information in connection with our deepfake detection and removal services and the website at removewise.com (the "Services").

01Who We Are

Contact: RemoveWise, LLC, 490 Post St Ste 500, San Francisco, CA 94102. Email: hello@removewise.com.

RemoveWise is a service provider, not a law firm. Use of the Services does not create an attorney-client relationship and does not constitute legal advice. See our Service Agreement for details.

02Scope

This Policy applies to information we collect from clients, prospective clients, website visitors, and individuals whose information may be included in materials our clients submit to us (for example, channel URLs, screenshots, or other evidence of suspected deepfake or counterfeit content).

03Information We Collect

3.1 Information You Provide Directly

  • Identity and contact information: name, email address, phone number, organization, role, and billing address.
  • Account and authorization information: credentials, signed engagement letters, authorization documents, and verification materials supporting takedown filings.
  • Payment information: processed by our payment processor (Stripe). We do not store full payment card numbers on our systems. We receive transaction confirmations and limited card metadata (e.g., last four digits, brand, expiration).
  • Communications: emails, support tickets, contract negotiations, and notes from calls.
  • Submitted content: URLs, screenshots, video links, channel handles, and other evidence you provide for analysis or enforcement. Submitted content may include personal information about third parties (for example, the operator of an infringing channel or the depicted individual).

3.2 Information Collected Automatically

  • Usage and device data: IP address, browser type, device identifiers, referring URL, pages viewed, and timestamps.
  • Cookies and similar technologies: we use strictly necessary cookies for site functionality and limited analytics cookies (e.g., Google Analytics) to understand site usage. We do not use cookies for cross-site behavioral advertising. See Section 10.

3.3 Information from Third Parties

  • Public sources: publicly available information from search engines, public social media profiles, and platform APIs (e.g., YouTube Data API) used to support our enforcement work.
  • Referrals and prospecting: contact information from B2B data providers (e.g., Apollo, RocketReach) and referrals from existing clients.
  • Platform partners: status updates and communications from platforms (e.g., YouTube, Meta) regarding submitted enforcement actions.

04How We Use Information

We use information for the following purposes:

  • Service delivery: operating the Services; analyzing submitted content; preparing, filing, and managing takedown notices and platform escalations; monitoring for new infringements; preparing client reports and dashboards.
  • Account management: identity verification, authentication, billing, and customer support.
  • Communications: operational notices, service updates, and responses to inquiries.
  • Marketing: limited outreach to prospective B2B clients (subject to opt-out and applicable law).
  • Improvement and analytics: analyzing usage patterns to improve the Services. We do not use submitted client content to train machine learning models.
  • Legal and compliance: complying with legal obligations, enforcing our agreements, preventing fraud, and protecting our rights and the rights of others.

05Legal Bases for Processing (EEA/UK)

If you are in the European Economic Area or United Kingdom, our legal bases for processing personal information are:

  • Performance of a contract — to provide the Services you have engaged us to perform.
  • Legitimate interests — to operate, secure, and improve our Services; to conduct B2B marketing; to enforce our rights and clients' rights against infringing content. We balance these interests against your rights.
  • Consent — where required (e.g., certain cookies, marketing emails in jurisdictions requiring opt-in). You may withdraw consent at any time.
  • Legal obligation — where processing is necessary to comply with law.

06How We Share Information

We do not sell personal information. We do not share personal information for cross-context behavioral advertising. We share information only as described below:

  • Service providers / processors: cloud hosting (Google Workspace, Lovable, Supabase), email and communications (Gmail, Instantly), payment processing (Stripe), analytics (Google Analytics), e-signature (SignWith), independent contractors who assist with takedown operations and related services, and similar vendors that process information on our behalf under written agreements.
  • Platforms: YouTube, Meta, TikTok, and other platforms to which we submit takedown notices, counter-notices, or related communications on behalf of clients.
  • Professional advisors: attorneys, accountants, and auditors bound by confidentiality.
  • Legal disclosures: law enforcement, regulators, or other parties when required by law, subpoena, or court order; or to enforce our rights or protect against harm.
  • Business transfers: in connection with a merger, acquisition, financing, or sale of assets, subject to standard confidentiality protections.
  • With your direction: when you ask us to share information with a third party (e.g., a referenced client testimonial after written consent).

07Submitted Content and Third-Party Information

Clients sometimes submit content that includes personal information about third parties (for example, the operator of an infringing channel, or the depicted individual in a deepfake). We process this information solely to perform the Services our client has engaged us to perform, including filing takedown notices that may, by their nature, identify the alleged infringer to the relevant platform.

If you are a third party whose information appears in submitted content and you wish to inquire about that processing, contact hello@removewise.com. We will respond consistent with applicable law and any contractual obligations to our clients.

08Data Retention

We retain personal information only as long as necessary for the purposes described in this Policy, to comply with legal obligations, or to enforce our agreements. General retention windows:

  • Account and contract records: duration of the engagement plus seven (7) years.
  • Billing and tax records: seven (7) years from the date of the transaction.
  • Submitted content samples: retained while necessary to support active enforcement and reporting; archived takedown logs may be retained for the duration of the engagement plus three (3) years for evidentiary purposes.
  • Support communications: three (3) years from the last interaction.
  • Marketing and prospect data: until opt-out, deletion request, or two (2) years of inactivity, whichever is earlier.
  • Cookies and analytics data: per the retention settings of the relevant tool (typically 14 to 26 months).

09Security

We maintain administrative, technical, and physical safeguards designed to protect personal information, including encryption in transit (TLS 1.2+), encryption at rest for sensitive data stored in our cloud providers, multi-factor authentication for staff access, role-based access controls, vendor due diligence, and periodic review of access. No system is perfectly secure; we cannot guarantee absolute security.

10Cookies and Tracking

We use the following categories of cookies and similar technologies:

  • Strictly necessary — required for the website to function (e.g., session, security).
  • Analytics — to understand how visitors use the site (e.g., Google Analytics).

We do not use third-party advertising cookies. You can control cookies through your browser settings. Strictly necessary cookies are required for the site to function.

We do not sell personal information or share it for cross-context behavioral advertising, so Global Privacy Control (GPC) signals do not change our processing of your data. We respect your browser-level privacy preferences with respect to optional analytics.

11Your Rights

11.1 General Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal information we hold about you;
  • Correct inaccurate or incomplete information;
  • Delete your personal information;
  • Restrict or object to certain processing;
  • Receive a portable copy of your information;
  • Withdraw consent where processing is based on consent;
  • Opt out of marketing communications;
  • Lodge a complaint with a supervisory authority (EEA/UK) or your state attorney general.

11.2 California Residents (CCPA/CPRA)

California residents have the rights described above and additional rights under the California Consumer Privacy Act, as amended:

  • Right to know the categories and specific pieces of personal information we have collected, the sources, the business or commercial purposes for collection, and the categories of third parties with whom we share it.
  • Right to delete personal information, subject to exceptions.
  • Right to correct inaccurate personal information.
  • Right to opt out of sale or sharing — we do not sell personal information or share it for cross-context behavioral advertising.
  • Right to limit use of sensitive personal information — we do not use sensitive personal information for purposes that would trigger this right.
  • Right to non-discrimination for exercising these rights.

Categories of personal information collected in the past 12 months: identifiers (name, email, IP address); commercial information (transactions); internet activity; geolocation (general, from IP); professional information; and inferences.

Sources: you, your organization, public sources, B2B data providers, platforms, and referrals.

Business purposes: performing the Services, account management, billing, communications, security, marketing, and legal compliance.

Categories of third parties with whom we share personal information: service providers (hosting, payments, communications, analytics), platforms to which we submit enforcement actions, professional advisors, and as required by law.

Authorized agents: you may designate an authorized agent to make a request on your behalf. We will require written authorization and verification of your identity.

11.3 Other U.S. State Residents

Residents of states with comprehensive privacy laws (including Colorado, Connecticut, Virginia, Utah, Texas, Oregon, Montana, Iowa, Delaware, New Hampshire, New Jersey, Maryland, and Minnesota) have rights similar to those described above, which may include the right to access, correct, delete, port, opt out of targeted advertising, opt out of sale, opt out of certain profiling, and appeal denied requests. We honor these rights consistent with applicable law.

11.4 EEA/UK Residents

If you are in the EEA or UK, you may exercise the rights set out in the GDPR or UK GDPR, including the right to lodge a complaint with your local supervisory authority. To the extent we transfer personal information outside the EEA/UK, we use appropriate safeguards (e.g., Standard Contractual Clauses).

11.5 How to Exercise Your Rights

Submit requests to hello@removewise.com. We will verify your identity using information you provide and information already in our records, in a manner proportionate to the sensitivity of the data. We will respond within the time required by applicable law (typically 45 days, with possible extension). If we deny a request, you may appeal by replying to our response with the word "Appeal" in the subject line.

12Automated Decision-Making

We use automated tools to detect potential deepfake and counterfeit content. A human reviews material decisions before takedown notices are filed. We do not make decisions producing legal or similarly significant effects about you based solely on automated processing.

13Children

The Services are not directed to children under 16 and we do not knowingly collect personal information from them. If you believe a child has provided personal information to us, contact hello@removewise.com and we will delete it.

14International Transfers

We are based in the United States and process information in the United States and in jurisdictions where our service providers operate. Where required by law, we use appropriate safeguards for international transfers, including the European Commission's Standard Contractual Clauses and the UK Addendum.

15Changes to This Policy

We may update this Policy from time to time. The "Last updated" date reflects the most recent revision. For material changes, we will provide reasonable notice (e.g., by email to active clients or a prominent website notice) before the changes take effect.

16Contact

General contact: hello@removewise.com
Mail: RemoveWise, LLC, 490 Post St Ste 500, San Francisco, CA 94102

RemoveWise, LLC · San Francisco, CA ← Service Agreement
OK
Ready.