Privacy Policy
Last updated: July 2026
Who we are
Reggie is the workspace for public affairs, communications, founders and C-suite working in regulated industries. We are the data controller for the personal data described below. For data protection enquiries: privacy@reggie.app.
Data we hold about you (the account holder)
- Account: name, email, hashed password (or Google identifier), job title, company name, sector.
- Usage: the briefings, threads, pinned items, Ask questions, source clicks and feedback you create.
- Network: the contacts you add (name, role, public URLs, your notes) and the enrichment data we derive about them from public sources.
- Technical: IP address, browser/device, and session cookies used for authentication.
Data we hold about third parties (people you add as contacts)
When you add someone to your Reggie network, we may search public sources — gov.uk, parliament.uk, BBC, public LinkedIn pages, Wikipedia and similar — to build a structured career profile. We process this under legitimate interest (helping policy professionals understand the public record of public-facing people) and only retain information that is already publicly accessible.
We do not scrape private profiles, send connection requests, or pretend to be you.
If you are a third party and want to know what we hold, correct it, object to processing, or have it deleted, please use the privacy request form.
How long we keep data
- Account data: until you delete your account.
- Briefings, Ask threads: kept indefinitely by default — per-user retention controls are on the roadmap.
- Enriched contact data: until you forget the contact, or you delete your account.
- Deleted accounts: 30-day soft-delete window for recovery, then irreversibly purged.
- Audit & security logs (when enabled): 12 months.
Who we share data with
We share data only with the sub-processors listed on our Security page — managed Postgres/auth, our LLM gateway, Firecrawl for public web search, and Google for OAuth. We do not sell or rent personal data.
Your rights (UK & EU GDPR)
- Access a copy of your data
- Correct inaccurate data
- Have your data erased
- Object to processing based on legitimate interest
- Withdraw consent where processing is based on it
- Complain to your supervisory authority (ICO in the UK)
To exercise any of these, use the request form or email privacy@reggie.app.
International transfers
Our primary database is in the EU. Some sub-processors (LLM inference, Firecrawl) may process data in the US under appropriate safeguards (Standard Contractual Clauses). EU-only inference is on the roadmap.
Security
See our Security page for technical and organisational measures, sub-processor list, and current/planned controls.
Changes
We'll notify account holders by email for material changes. Minor updates will be reflected in the "Last updated" date above.