Jettson™ AI is liveTry now
Legal

Privacy Policy

How RWX-TEK collects, uses, stores, and protects your personal information.

This document was prepared with AI assistance. RWX-TEK INC recommends periodic review by a licensed California attorney.

Effective Date: April 20, 2026
Last Updated: April 20, 2026

1. Introduction

RWX-TEK INC (“RWX‑TEK,” “we,” “us,” “our”) is a California C-Corporation, Registration Number B20250231751, with its principal place of business at 8605 Santa Monica Blvd #664055, West Hollywood, CA 90069. RWX‑TEK operates two primary online properties: rwxtek.com (our corporate website) and jettson.dev (our AI-powered productivity platform, “Jettson”).

This Privacy Policy describes how we collect, use, store, disclose, and protect personal information from users, website visitors, and custom software clients. It applies to all personal data collected through rwxtek.com, jettson.dev, the Jettson Mac application, and any other data-collecting interfaces we operate (collectively, the “Services”).

Please read this Privacy Policy carefully. By using the Services you acknowledge that you have read and understood this policy. If you disagree with any part of this Privacy Policy, please do not use the Services. This Privacy Policy is incorporated by reference into our Terms of Service.

2. Information We Collect

2.1 Account Information

When you create an account we collect your full name, email address, hashed password (plaintext passwords are never stored), selected subscription tier, account creation date, and any voluntary profile information you choose to provide. This data is used to create and manage your account, authenticate you, and personalize your experience.

2.2 Usage Data

We collect information about how you interact with the Services, including:

  • Jettson features used (Chat, Research, Content, Agent);
  • Session IDs and timestamps;
  • Credit consumption per session and per action;
  • AI model interactions — which model was invoked, prompt and response length (not prompt content unless explicitly logged for a specific feature);
  • Feature flags and settings;
  • Error logs and performance metrics.

2.3 OAuth Integration Data

Jettson offers optional integrations with third-party accounts via OAuth. We request only the minimum necessary scopes, and OAuth access is granted only when you explicitly initiate the authorization flow.

  • Gmail (Google): Email messages and metadata read or drafted by the Jettson Agent at your explicit direction. This data is used only for the specific Agent task you initiate; it is not stored beyond the session unless you request multi-step continuity. We do not bulk-store or archive Gmail data, and we do not read email without an active user instruction.
  • Google Calendar: Events read, created, or modified by the Agent at your direction, including event metadata (titles, times, attendees, descriptions). Used only for the specific Agent task; not bulk-stored. We do not access your calendar without an active user instruction.
  • Outlook (Microsoft): Outlook email messages read or drafted at your direction, and Outlook Calendar events read, created, or modified at your direction, including email and calendar metadata. Used only for the specific Agent task; not bulk-stored. We do not read Outlook email or calendar data without an active user instruction.

2.4 Payment Information

Payments are processed by Stripe. RWX‑TEK does not collect, process, or store credit card numbers, bank account details, CVV codes, or any raw financial data on our own systems. We retain only the following limited billing data: Stripe customer ID, Stripe payment method tokens (anonymized), transaction IDs, transaction amounts and dates, and subscription status. Full payment data is subject to Stripe’s Privacy Policy.

2.5 Device and Technical Information

We automatically collect certain technical information when you access the Services, including: IP address, browser type and version, operating system and version, device type (desktop/mobile/tablet), device identifiers (Mac app), referring URL, crash logs, error reports, and performance and latency data. This information is used for security, debugging, and service reliability purposes.

2.6 Communications

When you contact us via email at customertek@rwxtek.com, legal@rwxtek.com, privacy@rwxtek.com, billing@rwxtek.com, accessibility@rwxtek.com, or through our contact forms, we collect the content of your message, any personal information you include, your email address, and the date and time of your communication. This data is used to respond to your inquiry and maintain a record of our correspondence.

2.7 Cookies and Tracking

We collect data via cookies and similar technologies. See Section 8 (Cookies and Tracking Technologies) and our full Cookie Policy at rwxtek.com/cookies for details.

3. How We Use Your Information

3.1 To Provide and Operate Services

We use account information, usage data, and OAuth integration data to deliver Jettson AI features, process your requests, and manage your subscription.

3.2 To Process Payments

We use account information and Stripe payment tokens for billing, generating invoices, and sending payment receipts.

3.3 Transactional Communications

We send transactional emails including: account registration confirmation, subscription confirmation, payment receipts, subscription renewal notices, password reset links, and service update notices.

3.4 Annual Subscription Reminders (California AB 2863)

For annual subscribers, we send a reminder email 15 to 45 days before your renewal date, as required by California’s automatic renewal law (AB 2863). The reminder will include the renewal price and instructions for canceling before renewal.

3.5 Customer Support

We use your contact information and communication history to respond to support, technical, billing, and accessibility requests.

3.6 Legal Compliance

We use your information to comply with applicable laws, respond to lawful requests from authorities, enforce our Terms of Service and Acceptable Use Policy, prevent fraud and abuse, and protect the rights, safety, and property of RWX‑TEK, our users, and the public.

3.7 Fraud Prevention and Security

We use technical and account data to detect and prevent fraudulent activity, unauthorized access, account abuse, and violations of our Acceptable Use Policy.

3.8 Service Improvement

We use aggregated, anonymized usage data to understand how users interact with the Services and to guide product development. This does not involve identifying or profiling individual users.

3.9 What We Do NOT Do

  • We DO NOT sell personal information to third parties for any purpose.
  • We DO NOT share personal information with third parties for their own advertising or marketing purposes.
  • We DO NOT use User Content or personal data to train, fine-tune, or improve any AI models, including Anthropic’s Claude models or OpenAI’s GPT models.
  • We DO NOT use analytics for behavioral advertising or cross-site tracking.

4. Google API Limited Use Policy

4.1 Required Disclosure

RWX-TEK INC’s use of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Information received through Google APIs is used only to: (a) provide or improve user-facing features that are prominent in the requesting application’s user interface; (b) protect users and the application; and (c) comply with applicable law. It is NOT used for advertising, user profiling, data brokering, or any other purpose.

4.2 Gmail OAuth Scopes

When you connect Gmail, Jettson requests only the minimum necessary scopes:

  • gmail.readonly — reads email messages and metadata that you explicitly direct the Agent to process for a specific Agent task; not used to read emails without your explicit instruction.
  • gmail.send (if applicable) — sends emails on your behalf when you explicitly direct the Agent to send; each send action is confirmed before execution.
  • gmail.compose (if applicable) — creates email drafts in Gmail when you direct the Agent to draft an email.

We request only the minimum necessary scopes for the specific task you initiate. We do not access your full Gmail history. Gmail data is not used for advertising, profiling, or any purpose beyond the specific Agent task.

4.3 Google Calendar OAuth Scopes

When you connect Google Calendar, Jettson requests only the minimum necessary scopes:

  • calendar.readonly — reads events and metadata that you direct the Agent to process (e.g., “show me my schedule” or “find a free slot”).
  • calendar.events (if applicable) — creates or modifies calendar events when you explicitly direct the Agent to do so.

We do not request more access than is needed for the specific Agent task you initiate.

4.4 Data Handling Under Google Policies

Data received through Google APIs is subject to the following restrictions:

  • Used only for the specific Agent task you initiate;
  • Not stored beyond the session unless you request multi-step task continuity;
  • Not shared with third parties except as necessary to transmit to Anthropic or OpenAI to execute the task, subject to their enterprise data protection policies;
  • Not used to train any AI models;
  • Not used for advertising;
  • Not sold or transferred to data brokers.

5. Microsoft / Outlook OAuth Data

5.1 Disclosure

RWX‑TEK applies the same principles to Microsoft OAuth data as to Google API data (see Section 4). Data received through Microsoft OAuth is used only for the Agent features you explicitly authorize; it is not stored beyond the session; it is not used for advertising, AI model training, profiling, or data brokering.

5.2 Outlook OAuth Scopes

When you connect Outlook, Jettson requests only the minimum necessary scopes:

  • Mail.Read — reads Outlook email messages and metadata that you explicitly direct the Agent to process.
  • Mail.Send (if applicable) — sends emails via Outlook when you explicitly direct the Agent to send.
  • Mail.ReadWrite / Mail.Compose (if applicable) — creates email drafts in Outlook when you direct the Agent to draft an email.
  • Calendars.Read — reads Outlook Calendar events that you direct the Agent to process.
  • Calendars.ReadWrite (if applicable) — creates or modifies Outlook Calendar events when you explicitly direct the Agent to do so.

5.3 Data Handling

Microsoft OAuth data is subject to the same restrictions described in Section 4.4. No data received via Microsoft APIs is stored or processed beyond active Agent tasks you have explicitly initiated.

6. AI Processing Disclosure

6.1 Transmission to AI Providers

When you use Jettson’s Chat, Research, Content, or Agent modes, your inputs are transmitted to Anthropic, Inc. and/or OpenAI, LLC for AI language model processing. Transmitted inputs may include text you type, documents you upload, and content from connected integrations that you explicitly direct the Agent to access.

6.2 Enterprise Agreements

RWX‑TEK maintains enterprise-tier agreements with both Anthropic and OpenAI. Under these agreements, neither provider uses customer input data transmitted through the API to train or improve their models. These agreements include data protection provisions, confidentiality obligations, and security requirements.

6.3 No AI Training on User Data

Neither RWX‑TEK nor its AI providers use personal data, User Content, or OAuth integration data to train AI models. This prohibition applies to inputs, outputs, and any data from connected integrations.

6.4 AI Provider Privacy Policies

We encourage you to review Anthropic’s and OpenAI’s enterprise privacy and data processing documentation. In the event of any conflict between those policies and RWX‑TEK’s enterprise Data Processing Agreements with those providers, the enterprise DPAs govern.

7. Sub-Processors

We use the following third-party service providers (“sub-processors”) to help deliver the Services. All sub-processors are bound by contractual obligations to protect your data and use it only for the purposes for which it is shared. RWX‑TEK will update this list as changes occur and will provide at least 30 days’ advance notice for material additions.

Sub-ProcessorLocationPurposeNotes
Anthropic, Inc.United StatesAI model processing (Claude)Enterprise agreement; no training on user data
OpenAI, LLCUnited StatesAI model processing (GPT)Enterprise agreement; no training on user data
Google LLCUnited StatesFirebase (database/auth), Firestore (database), Google Cloud (infrastructure), Gmail OAuth (Agent), Google Calendar OAuth (Agent), Google Analytics (usage analytics)Multiple services; governed by Google Cloud DPA
Microsoft CorporationUnited StatesOutlook email and calendar OAuth (Jettson Agent feature)Microsoft Online Services DPA
Telegram Messenger Inc.United States / UAETelegram messaging integration (Jettson Agent feature)Used only if user connects Telegram to Agent
Stripe, Inc.United StatesPayment processing and subscription managementPCI-DSS compliant; no raw card data shared with RWX‑TEK
Vercel, Inc.United StatesWeb application hosting and edge deploymentSOC 2 Type II
Transactional email providerUnited StatesSending account and subscription emailsUpdated as email provider changes

8. Cookies and Tracking Technologies

8.1 Summary

RWX‑TEK uses cookies and similar technologies on rwxtek.com and jettson.dev. Please see our full Cookie Policy at rwxtek.com/cookies for comprehensive details.

8.2 Types of Cookies We Use

  • Strictly Necessary: Session authentication cookies, CSRF protection tokens, and Stripe payment session cookies. These cannot be disabled; they are essential for the Services to function and are set without requiring consent.
  • Functional: Cookies that remember your user preferences (theme settings, Jettson interface preferences). These can be disabled via the Cookie Preference Center; disabling them may cause certain preferences to reset between sessions.
  • Analytics: We use Google Analytics to understand how users interact with the Services. Google Analytics sets cookies (_ga, _gid, and others). Analytics data is anonymized; IP addresses are anonymized. Analytics cookies require your consent and are only set if you opt in. They are NOT used for advertising.
  • No Advertising Cookies: RWX‑TEK does NOT use advertising, retargeting, behavioral tracking, or third-party marketing cookies of any kind.

8.3 Managing Cookie Preferences

A cookie consent banner is shown on your first visit to our websites. You may accept all cookies, essential cookies only, or customize your preferences. You may change your cookie preferences at any time via the “Cookie Preferences” link in the website footer, or by emailing privacy@rwxtek.com. Browser-level instructions are available in our full Cookie Policy.

8.4 California Residents

Analytics cookies may constitute “sharing” of personal information under the California Privacy Rights Act (CPRA). California residents may opt out via the Cookie Preference Center or by emailing privacy@rwxtek.com. We do not sell cookie data.

9. Data Retention

9.1 Active Accounts

Personal information associated with an active account is retained while the account is active plus a reasonable additional period as necessary to comply with applicable law, resolve disputes, prevent fraud, and enforce our agreements.

9.2 Account Deletion

Upon account deletion or termination, we will delete User Content and personal account data within30 days. Some data may be retained beyond this period only as required by law, for ongoing disputes, or pursuant to a legal hold.

9.3 Payment Records

Stripe payment records are retained per Stripe’s data retention policies, applicable financial regulations, and tax law. RWX‑TEK retains only Stripe customer IDs and transaction identifiers, not raw payment card data.

9.4 Support Communications

Customer support communications are retained for two years from the date of the communication, for quality assurance, dispute resolution, and service improvement.

9.5 Legal Holds

Data subject to a legal hold is retained beyond standard retention periods until the hold or relevant legal process has concluded.

9.6 Aggregated and Anonymized Data

Aggregated and anonymized data (data that cannot reasonably be used to identify an individual) may be retained indefinitely for business intelligence and product development purposes.

10. Data Security

10.1 Security Measures

RWX‑TEK implements the following security measures to protect your personal information:

  • TLS encryption for all data in transit;
  • Encryption of sensitive data at rest;
  • Access controls limiting data access to authorized personnel;
  • Industry-standard cloud infrastructure (Google Cloud, Firebase, Vercel) with their own security programs;
  • Regular security reviews and vulnerability assessments;
  • Documented incident response plan.

10.2 Password Security

Passwords are stored only as cryptographic hashes using industry-standard algorithms. Plaintext passwords are never stored.

10.3 Data Breach Notification

In the event of a confirmed data breach involving personal information, RWX‑TEK will:

  • Notify affected users within 30 days of confirming the breach, per California’s data breach notification law and SB‑446;
  • Notify the California Attorney General within 15 days if more than 500 California residents are affected;
  • Include in the notification: the nature of the breach, the categories of data affected, steps RWX‑TEK is taking to address the breach, and steps users can take to protect themselves.

10.4 Third-Party Security

Google Cloud, Firebase, Vercel, and Stripe maintain their own independent security programs. We select providers with strong security certifications and practices; however, we cannot guarantee the security of third-party systems.

10.5 No Absolute Security

No security measure is 100% effective. RWX‑TEK cannot guarantee that data will never be accessed, disclosed, altered, or destroyed as a result of a security breach. Please report any suspected security vulnerabilities to legal@rwxtek.com.

11. California Privacy Rights (CCPA/CPRA)

11.1 Right to Know

You have the right to request disclosure of: (a) the categories of personal information we have collected about you; (b) the categories of sources from which it was collected; (c) the business or commercial purpose for collecting it; (d) the categories of third parties with whom we share it; and (e) the specific pieces of personal information we have collected about you.

11.2 Right to Delete

You have the right to request deletion of personal information we have collected from you, subject to exceptions such as completing a transaction you have requested, complying with legal obligations, detecting security incidents, and exercising free speech.

11.3 Right to Correct

You have the right to request correction of inaccurate personal information we maintain about you.

11.4 Right to Opt Out of Sale

RWX‑TEK does NOT sell personal information. If you believe that your personal information is being sold, please contact us at privacy@rwxtek.com.

11.5 Right to Limit Use of Sensitive Personal Information

You have the right to direct us to limit the use and disclosure of sensitive personal information (such as health-related information shared in Jettson chats, financial information, or precise geolocation) to uses necessary to provide the Services you have requested.

11.6 Right to Non-Discrimination

We will not deny you services, charge you different prices, or degrade the quality of service because you exercised a privacy right under the CCPA or CPRA.

11.7 How to Submit a Request

To exercise any of the above rights, contact us at privacy@rwxtek.com (preferred) or by mail at:

RWX-TEK INC
Attn: Privacy Requests
8605 Santa Monica Blvd #664055
West Hollywood, CA 90069

We will verify your identity before processing your request. We will respond within 45 days of receipt. If an extension is needed, we will provide notice within the initial 45-day period.

11.8 Authorized Agents

California residents may designate an authorized agent to submit privacy requests on their behalf. The authorized agent must provide written authorization from the consumer. We may also need to directly verify the consumer’s identity.

12. European Privacy Rights (GDPR)

12.1 Applicability

This section applies to users located in the European Union (EU), European Economic Area (EEA), and United Kingdom (UK), where the GDPR and/or UK GDPR applies.

12.2 Data Controller

RWX-TEK INC is the data controller for personal data processed under this Privacy Policy. For data protection inquiries, contact us at privacy@rwxtek.com.

12.3 Your GDPR Rights

  • Right of Access (Art. 15): Request confirmation of whether we process personal data about you and, if so, receive a copy of that data.
  • Right to Rectification (Art. 16): Request correction of inaccurate or incomplete personal data.
  • Right to Erasure / Right to Be Forgotten (Art. 17): Request deletion of your personal data where it is no longer necessary for its original purpose or where you withdraw consent.
  • Right to Restriction of Processing (Art. 18): Request that we restrict processing of your personal data in certain circumstances.
  • Right to Data Portability (Art. 20): Receive your personal data in a structured, commonly used, machine-readable format and transmit it to another controller.
  • Right to Object (Art. 21): Object to processing of your personal data where we rely on legitimate interests as a legal basis.
  • Right to Withdraw Consent: Withdraw consent at any time without affecting the lawfulness of processing based on consent prior to withdrawal.
  • Right to Lodge a Complaint: Lodge a complaint with your local supervisory authority at any time.

12.4 Legal Bases for Processing

  • Contract Performance: Account management, delivery of AI features, subscription billing.
  • Legitimate Interests: Fraud prevention, security, service improvement, legal defense.
  • Legal Obligation: Compliance with applicable laws and regulatory requirements.
  • Consent: Analytics cookies, optional marketing communications.

12.5 International Transfers

RWX‑TEK is based in the United States. Personal data from EU/EEA/UK users may be transferred to and processed in the United States. We use Standard Contractual Clauses (SCCs) approved by the European Commission as the legal mechanism for such transfers. By using the Services, you acknowledge the transfer of your data to the United States.

12.6 How to Exercise Rights

To exercise any GDPR rights, contact us at privacy@rwxtek.com. We will respond within 30 days. For complex or numerous requests, the response period may be extended by up to two additional months, with prior notice to you.

13. Children’s Privacy (COPPA)

13.1 Age Restriction

The Services are not directed at children under the age of 13. RWX‑TEK does not knowingly collect personal information from children under 13, and the Services are not intended for use by anyone under 13.

13.2 Inadvertent Collection

If we become aware that we have inadvertently collected personal information from a child under 13 without verifiable parental consent, we will take immediate steps to delete that information from our systems.

13.3 Reporting

If you believe that RWX‑TEK may have collected personal information from a child under 13, please report it immediately to privacy@rwxtek.com.

13.4 Parental Rights

Parents or legal guardians may contact us at privacy@rwxtek.com to request review, deletion, or restriction of personal information collected from their child.

14. Automated Decision-Making (CPPA ADMT)

14.1 Disclosure

Jettson uses automated processing — specifically, large language model (LLM) AI inference — to generate responses, recommendations, and content for users. This automated processing may significantly affect users who act on AI-generated outputs. This disclosure is made in compliance with California Privacy Protection Agency (CPPA) Automated Decision-Making Technology (ADMT) regulations.

14.2 Nature of Automated Processing

Jettson’s AI outputs are driven by third-party AI models (Anthropic Claude and OpenAI GPT). These models produce outputs based on statistical patterns in training data; they may produce different outputs for similar inputs, and outputs may be inaccurate or incomplete. AI outputs are tools to assist and augment human decision-making, not to replace it. Jettson does NOT make final decisions about RWX‑TEK account access, suspension, or termination through automated means; those decisions are made by humans.

14.3 Opt-Out Right

To the extent required by California law, you have the right to opt out of automated processing for significant decisions. To exercise this right, contact us at privacy@rwxtek.com with a description of the decision you wish to opt out of. Please note that opting out of core AI processing will prevent you from using the AI features of Jettson.

14.4 Human Review

Decisions regarding account suspension, termination, and policy enforcement are subject to human review and are not made solely by automated means.

15. Do Not Track

Some web browsers transmit “Do Not Track” (DNT) signals to websites. RWX‑TEK honors DNT signals where technically feasible. Where a DNT signal is detected, we will not set analytics cookies without your affirmative consent.

Please note that some third-party services integrated with the Services — such as Stripe payment processing — may not respond to DNT signals. RWX‑TEK is not responsible for the DNT practices of third-party service providers.

16. Third-Party Links

The Services may contain links to third-party websites, applications, or services that are not operated by RWX‑TEK. We have no control over the content, privacy policies, or practices of third-party sites, and this Privacy Policy does not apply to them. We encourage you to review the privacy policies of any third-party services you access through links on our Services before providing personal information to those services.

17. Changes to This Policy

17.1 Updates

RWX‑TEK reserves the right to update this Privacy Policy at any time. Changes will be reflected in an updated policy posted on our websites with a new “Last Updated” date.

17.2 Material Changes

For material changes to data collection, use, or sharing practices, we will provide at least 30 days’ advance notice via email to your registered email address and via a prominent notice within the Services, prior to the changes taking effect.

17.3 Affirmative Consent

For changes that materially expand our use of personal data beyond the scope of your original consent, we will seek your affirmative consent before applying the updated practices to personal information we have already collected from you.

17.4 Archived Versions

Prior versions of this Privacy Policy are available on request by emailing privacy@rwxtek.com.

18. Contact Us

If you have questions, concerns, or requests relating to this Privacy Policy or our data practices, please contact us. We aim to respond to all inquiries within 5 business days. CCPA and GDPR requests will be handled within the timeframes required by applicable law.

RWX-TEK INC

Privacy Requests (CCPA / GDPR / COPPA): privacy@rwxtek.com

General Support: customertek@rwxtek.com

Legal / DMCA: legal@rwxtek.com

Billing: billing@rwxtek.com

Mailing Address:
RWX-TEK INC
8605 Santa Monica Blvd #664055
West Hollywood, CA 90069

Related policies: Terms of Service Cookie Policy Acceptable Use Policy Disclaimer

© 2026 RWX-TEK INC. All rights reserved.