Legal

Privacy Policy

Last updated: February 15, 2026

1. What we collect

When you use Redapt, we collect information necessary to provide the service:

  • Account information — name, email address, and authentication details when you sign up or log in.
  • Uploaded content — images and asset files you upload to the platform, along with associated metadata (file names, slugs, variant keys).
  • Campaign configuration — routing rules, schedules, and campaign settings you create.
  • Usage data — request logs, delivery metrics, and feature usage patterns to maintain and improve the service.
  • Device and browser information — IP address, browser type, and operating system collected automatically through standard HTTP headers.

2. How we use your data

  • Service delivery — to store, process, and serve your image assets through our CDN edge network.
  • Campaign execution — to evaluate routing rules and deliver the correct image variant based on your configured schedule and conditions.
  • Account management — to authenticate your identity and manage your access.
  • Service improvement — to monitor performance, fix bugs, and improve features based on aggregate usage patterns.
  • Communication — to send you service-related notices, security alerts, and (with your consent) product updates.

3. Image delivery and end-user data

When your images are served through Redapt's CDN, we process standard HTTP request data from end users (the people viewing your images). This includes IP addresses, user-agent strings, and request headers. This data is used solely for routing decisions and delivery optimization.

We do not track end users across websites, build user profiles, or sell any data derived from image delivery requests. Request logs are retained for up to 30 days for operational purposes and then deleted.

4. Where your data lives

Your uploaded assets are stored in Cloudflare R2 object storage. Campaign rules are stored in Cloudflare Workers KV. Both services distribute data across Cloudflare's global edge network to ensure fast delivery. Your account data is stored in our primary database infrastructure.

5. Third-party services

We use the following third-party services to operate Redapt:

  • Cloudflare — CDN, edge compute, and storage infrastructure.
  • Kinde — authentication and identity management.
  • Tally — waitlist form collection (on the landing page only).

Each third-party provider has their own privacy policy governing how they process data.

6. Data retention

  • Account data — retained while your account is active. Deleted within 30 days of account closure.
  • Uploaded assets — retained while your account is active. You can delete individual assets at any time through the dashboard.
  • Delivery logs — retained for up to 30 days, then automatically purged.

7. Your rights

You can:

  • Access and export your data through the dashboard.
  • Delete your assets and campaigns at any time.
  • Request full account deletion by contacting us.
  • Opt out of non-essential communications.

8. Security

We use industry-standard measures to protect your data, including encrypted connections (TLS), access controls, and secure authentication. While no system is perfectly secure, we take reasonable steps to safeguard your information.

9. Changes to this policy

We may update this policy as Redapt evolves. We will notify you of material changes via email or an in-app notice. Continued use of the service after changes constitutes acceptance.

10. Contact

Questions about this policy? Reach us at privacy@redapt.app.