LOGINCONTACT SALES
Scam AI logo
Login
Get A Demo

Privacy Policy

Last updated: 9/8/2025

1. Introduction

Reality Inc. (“we,” “our,” or “us”) operates ScamAI, an advanced AI detection platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

2. Information We Collect

2.1 Information You Provide

  • Account registration information (name, email address, company details, job title, phone number)
  • Contact information when you reach out to us (support tickets, sales inquiries)
  • Payment information for billing purposes (credit card details, billing address, tax information)
  • Content you submit for analysis (images, audio, video files, metadata associated with such content)
  • API usage data and integration logs
  • Feedback, surveys, and communication preferences
  • Identity verification documents (for enterprise customers)

2.2 Information We Collect Automatically

  • Usage data and analytics (features used, session duration, error logs)
  • Device information and browser data (device type, operating system, browser type and version)
  • IP addresses and approximate location information
  • Cookies and similar tracking technologies (performance cookies, functional cookies)
  • API call logs and timestamps
  • Performance metrics and system diagnostics
  • Referral sources and campaign attribution data

2.3 Information from Third Parties

  • Data from payment processors and billing systems
  • Information from identity verification services
  • Analytics data from third-party services
  • Lead generation and marketing platform data
  • Integration data from connected applications

3. How We Use Your Information

3.1 Service Provision

  • To provide and improve our AI detection services and algorithms
  • To process and analyze submitted content for deepfake and synthetic media detection
  • To maintain and optimize API performance and reliability
  • To provide customer support and technical assistance
  • To manage user accounts and access controls

3.2 Communications

  • To send service-related notifications and updates
  • To respond to inquiries and support requests
  • To send marketing communications (with your consent)
  • To conduct surveys and gather feedback
  • To provide security alerts and account notifications

3.3 Business Operations

  • To process payments and manage billing
  • To prevent fraud and ensure platform security
  • To comply with legal obligations and regulatory requirements
  • To improve our machine learning models (with proper anonymization and aggregation)
  • To conduct analytics and business intelligence
  • To enforce our terms of service and acceptable use policies

4. Data Retention and Security

4.1 Data Retention Periods

  • Account Information: Retained while your account is active and for 2 years after account closure
  • Submitted Content: Processed immediately and deleted within 30 days unless longer retention is requested
  • API Logs: Retained for 90 days for troubleshooting and performance monitoring
  • Billing Information: Retained for 7 years as required by accounting regulations
  • Support Communications: Retained for 3 years to improve service quality
  • Analytics Data: Aggregated and anonymized data may be retained indefinitely

4.2 Security Measures

  • End-to-end encryption for data transmission (TLS 1.3)
  • Encryption at rest for all stored data (AES-256)
  • Multi-factor authentication for administrative access
  • Regular security audits and penetration testing
  • SOC 2 Type II compliance
  • Role-based access controls and principle of least privilege
  • Automated vulnerability scanning and patch management
  • 24/7 security monitoring and incident response

4.3 Data Backup and Recovery

We maintain secure backups of your data to ensure service continuity and data recovery capabilities. Backups are encrypted, geographically distributed, and subject to the same security controls as production data.

5. Data Sharing

We do not sell your personal information. We may share information with:

  • Service providers who assist in our operations
  • Legal authorities when required by law
  • Business partners with your explicit consent

6. Your Rights

You have the right to:

  • Access and review your personal information
  • Request correction of inaccurate data
  • Request deletion of your data
  • Object to or restrict processing
  • Data portability

7. International Data Transfers

Your information may be processed in countries other than your own. We ensure appropriate safeguards are in place for any international data transfers.

8. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on our website.

9. Cookies and Tracking Technologies

9.1 Types of Cookies

  • Essential Cookies: Required for basic site functionality and security
  • Performance Cookies: Help us analyze site usage and improve performance
  • Functional Cookies: Remember your preferences and settings
  • Marketing Cookies: Used for targeted advertising and campaign measurement (with consent)

You can manage cookie preferences through your browser settings or our cookie consent manager.

10. Data Processing Lawful Basis (GDPR)

  • Contract Performance: Processing necessary to perform our services
  • Legitimate Interest: Fraud prevention, security, and service improvement
  • Legal Obligation: Compliance with applicable laws and regulations
  • Consent: Marketing communications and non-essential cookies
  • Vital Interest: Protection of life, health, or safety in emergency situations

11. California Privacy Rights (CCPA/CPRA)

11.1 Your Rights

  • Right to know what personal information we collect and how it’s used
  • Right to delete personal information (subject to certain exceptions)
  • Right to correct inaccurate personal information
  • Right to opt-out of the sale of personal information (we do not sell data)
  • Right to limit use of sensitive personal information
  • Right to non-discrimination for exercising your privacy rights

11.2 How to Exercise Rights

To exercise your California privacy rights, contact us at privacy@scam.ai or through our customer portal. We will verify your identity and respond within the timeframes required by law.

12. Children’s Privacy

ScamAI is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children under 18. If we become aware that we have collected information from a child under 18, we will take steps to delete such information promptly.

13. Data Breach Notification

In the unlikely event of a data breach that poses a risk to your rights and freedoms, we will notify you and relevant authorities as required by applicable law. We maintain an incident response plan to quickly identify, contain, and remediate any security incidents.

14. Contact Us

14.1 General Inquiries

Reality Inc.

Email: privacy@scam.ai

Website: https://scam.ai

14.2 Data Protection Officer

For GDPR-related inquiries, you can contact our Data Protection Officer at: dpo@scam.ai

14.3 Supervisory Authority

If you believe we have not adequately addressed your privacy concerns, you have the right to lodge a complaint with your local data protection authority.