RFix Privacy Policy

Effective date: May 23, 2026

This Privacy Policy explains how RFix Ltd. ("RFix," "we," "us," or "our") collects, uses, discloses, and protects information when you use RFix, including the desktop application, web demo, standalone API, SDKs, MCP servers and integrations, hosted launch flows, documentation, update services, support services, cloud services, AI-assisted features, and related software or materials (collectively, the "Services").

1. Information We Collect

The information we collect depends on how you use the Services.

RFix does not request precise geolocation through the current application. Some RF models and UI fields may let you enter coordinates, terrain paths, climatology parameters, or scenario locations; those values are treated as user-provided project data.

2. How We Use Information

We use information to:

3. AI and No Training Without Opt-In

RFix does not use customer prompts, project graphs, node parameters, IQ data, generated outputs, support bundles, or uploaded files to train AI models unless you explicitly opt in or separately agree in writing.

We may process AI feature data to provide the requested AI functionality, validate and repair responses, enforce quotas, detect abuse, secure the Services, troubleshoot issues, and comply with law. AI providers may process data on our behalf according to their service terms and data-processing commitments.

4. Information Sharing

We may share information with:

We do not sell your personal information. We do not share customer project graphs, prompts, support bundles, IQ data, or uploaded files for third-party advertising.

5. Third-Party Providers

The Services may use third-party providers and platforms, including Firebase and Google Analytics for authentication, analytics, Firestore, Remote Config, and account data; Google Cloud, Cloud Run, Cloud Storage, Vertex AI, and Gemini for cloud services and AI-assisted features; Cloudflare Workers and R2 for update, auth proxy, MCP, hosted launch, and project upload flows; Loggly for sanitized client logging; and email or SMTP providers for support and onboarding messages.

Third-party providers may process information under their own terms, privacy notices, and data-processing commitments. Links to relevant provider privacy information include:

6. Retention

We retain information for as long as needed to provide the Services, maintain accounts and licenses, comply with law, resolve disputes, enforce agreements, prevent abuse, and support legitimate business needs. Retention periods vary by data type.

Support bundles are intended for time-limited diagnostics and may be configured for approximately 30 days of retention. Account, license, billing, support, security, and audit records may be retained longer where needed for legal, operational, support, security, or compliance reasons. Local files and local diagnostics remain on your device unless you delete them or choose to transmit them.

7. Security

We use administrative, technical, and organizational safeguards designed to protect information. No security measure is perfect. You are responsible for protecting your account credentials, license files, API tokens, authentication tokens, local API ports, MCP configurations, generated artifacts, and local files.

8. International Processing

We and our providers may process information in Israel, the United States, the European Economic Area, and other countries where we or our providers operate. These countries may have privacy laws that differ from those in your jurisdiction.

9. Your Choices and Rights

Depending on your location and relationship with RFix, you may have rights to request access, correction, deletion, portability, restriction, objection, withdrawal of consent, or information about how your personal information is processed. You may also have the right to lodge a complaint with a privacy authority.

To make a privacy request, contact [email protected]. We may need to verify your identity and may retain certain information where permitted or required by law, including for security, fraud prevention, legal compliance, dispute resolution, and enforcement.

You can stop local collection by uninstalling the application and deleting local files. You can reduce cloud processing by avoiding optional online features such as AI assistance, hosted launch, remote MCP, feedback submission, and support bundle upload. Some authentication, licensing, update, and security processing may be required for online or licensed features.

10. GDPR, UK GDPR, and EEA/UK Legal Bases

Where the GDPR, UK GDPR, Israeli privacy law, or similar data-protection law applies, we process personal information under one or more legal bases depending on the context:

For business customers, RFix may act as an independent controller for account, license, billing, security, support, and product-operation data, and may act as a processor or service provider for customer project data when a written data-processing agreement or enterprise agreement says so.

11. California Privacy Disclosures

Where the California Consumer Privacy Act, as amended by the California Privacy Rights Act (CCPA/CPRA), applies, this section describes the categories of personal information we may collect, use, and disclose. We collect these categories from you, your organization, your device, your use of the Services, and the service providers or integrations you choose to use.

We may disclose these categories to service providers, contractors, your organization, legal or safety recipients, business-transfer recipients, or others at your direction as described in this Policy. We do not sell personal information, and we do not share personal information for cross-context behavioral advertising. We also do not knowingly sell or share personal information of consumers under 16.

California residents may have rights to know, access, correct, delete, obtain a portable copy of, limit certain uses of sensitive personal information, opt out of sale or sharing where applicable, and avoid discrimination for exercising privacy rights. To exercise rights, contact [email protected]. We may verify your request and may honor authorized-agent requests where legally required.

12. Communications

We may send transactional, account, support, security, license, update, onboarding, and administrative messages. Where marketing communications are used, you may opt out as required by applicable law. Transactional and security messages may still be sent when necessary for the Services.

13. Children

The Services are not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child has provided personal information to RFix, contact us at [email protected].

14. Changes to This Policy

We may update this Privacy Policy from time to time. The updated version will be posted on this page with a new effective date. Continued use of the Services after an update means the updated policy applies to your use of the Services.

15. Contact

Questions or privacy requests may be sent to [email protected].