Privacy Policy

Last updated: 11 July 2026

This policy explains what Rayzia ("we") collects when you use Rayzia, why, and your rights. The short version: your designs stay on your device and reach our servers only when you save them to the cloud; we collect the minimum needed to run accounts, cloud sync, and billing; we don't sell data or run ad tracking.

1. What we collect

2. Why (legal bases)

3. Who processes data for us

ProcessorPurposeWhere
CloudflareHosting, storage of cloud documents, security, analyticsGlobal edge network
PaddlePayments, tax, invoices (merchant of record)UK / US
ResendTransactional email (sign-in links)US / EU
GoogleSign-in, only when you choose "Continue with Google"Global

4. Retention

5. Your rights

You can access and export your documents at any time from your account, and delete individual files or your whole account. Under GDPR, Thailand's PDPA, and similar laws you may also request access, correction, deletion, or portability of your personal data, and you may lodge a complaint with your supervisory authority. Write to [email protected] — we respond within 30 days.

6. Cookies

We set one first-party cookie (rz_sess) to keep you signed in. No third-party advertising or tracking cookies. That's why there's no cookie banner.

7. Security

All traffic is encrypted (TLS). Sign-in links are single-use, short-lived, and stored only as hashes. Shared documents are served in a way that prevents them from running code on our domain. Access to production data is limited to what operating the Service requires.

8. Children

The Service is not directed at children under 13 (or the higher age your country requires for consent). Don't create an account if you're under that age.

9. Changes & contact

We'll announce material changes to this policy by email or in-product. Questions or requests: [email protected].