Privacy FAQ

Security, Privacy and GDPR FAQ

Have a question about our security, terms of service, privacy policy or GDPR compliance? Read on for answers:


Q: What is the GDPR?

The General Data Protection Regulation (GDPR) is a regulation designed to help citizens and residents of the European Union (EU) protect their personal data by specifying how such data may be collected, processed and stored. At Rali, we’re fully compliant with GDPR.

Q: Is Rali GDPR compliant?

A: Yes. Rali is fully compliant with the GDPR.

Q: Are our customers able to use Rali products and services without risking a breach of the GDPR?

A: Yes, from our end. Of course, if your customers are in a location where the GDPR applies, they need to make sure their business operation is compliant with the GDPR in its own right.

Q: What types of personal data does Rali collect?

A: When registering for Rali, you voluntarily give us information such as your name and email address. You can access and update this information at any time in your personal Account Settings.

In addition, when you use our services, you give us the consent to use the following data:

  • Email
  • IP address
  • Display Name
  • First Name and Last Name (optional, not processed)
  • Billing address (for Premium accounts)

Q: Why does Rali collect personal data?

A: The data we collect is required for us to provide you with our services and is used to improve Rali.

Q: How can I access and export my personal data?

A: To have your personal data exported, please contact our support team.

Q: How does Rali process data?

A: Rali is considered a Data Processor which means that Rali controls how your user data is processed and is responsible for the data to be processed within GDPR regulations. Although Rali owns the code, databases, and all rights to the Rali applications, you retain all rights to your data.

When it’s absolutely necessary, we use GDPR-compliant third party services and hosting partners such as Braintree and AWS. In these cases, we take the necessary safeguards to ensure that we are GDPR compliant when sending and receiving data from the third party.

Check out Rali’s privacy policies for more information.

Q: Do you provide a list of relevant third party services?

A: Yes. When necessary, we use the following GDPR-compliant third party services:

  • Amazon Web Services
  • Heroku
  • Google Analytics
  • Mailgun
  • Braintree
  • Firebase

Q: Do you process any Data outside the EU?

A: Yes, we do. We process data in USA using Amazon Web Services (AWS) and Heroku. We only collect as little data as possible.

Q: Do you ever sell any data?

A: No, we never sell data.

Q: Do you store any personal data once I’ve deleted my account?

A: Upon deleting your account, all your personal data will be removed from our production systems. 

Q: How is personal data protected?

A: We restrict staff access to personal data to a very small number of employees those who need access for specific reasons to improve Rali.

We regularly test, assess and evaluate the effectiveness of our processes and technology.

Since GDPR has various requirements, your compliance needs will depend on your precise circumstances. If you have specific questions or needs, please contact the support team.

Can’t find what you need? Our customer care team is here.