Privacy Policy
سياسة الخصوصية
Effective date: 17 May 2026 · Last updated: 17 May 2026 ·
Applies to: rakam-ai.netlify.app
Rakam is an AI-powered accounting agent built for UAE SMEs. We take your financial data seriously.
This policy explains what we collect, how we use it, and your rights under UAE law.
1. Who We Are
Rakam ("we", "us", "our") is an AI accounting platform operated for UAE small and medium businesses.
Contact: hello@rakam.ai
2. What Data We Collect
We collect only what is necessary to provide the service:
- Account data — email address, business name, password (encrypted)
- Financial data — invoices, receipts, transaction amounts, VAT figures you upload
- Usage data — when you sign in, which features you use
- Device data — browser type, IP address (for security only)
We do not collect payment card numbers, bank account details, or UAE ID numbers.
3. How We Use Your Data
- To read and extract invoice data using AI
- To calculate UAE VAT and generate reports
- To save your transaction history securely
- To send account-related emails (confirmation, password reset)
- To improve the accuracy of our AI extraction
We do not sell your data. We do not use your financial data for advertising.
4. Where Your Data Is Stored
Your data is stored on Supabase infrastructure hosted on AWS in the
Mumbai (ap-south-1) region — the closest available to the UAE.
Invoice images are processed by Anthropic's Claude AI and are not stored
by Anthropic beyond the processing request.
5. Data Retention Policy
We retain your data for as long as your account is active, plus:
- Transaction records — 7 years (required by UAE Federal Tax Authority)
- Account data — deleted within 30 days of account deletion request
- Invoice images — not stored; processed in real-time only
- Backup snapshots — retained for 30 days, then permanently deleted
UAE Federal Decree-Law No. 8 of 2017 (VAT Law) requires businesses to retain tax records
for a minimum of 5 years. Rakam retains transaction data for 7 years to ensure full compliance.
6. Your Rights (UAE PDPL)
Under the UAE Personal Data Protection Law (Federal Decree-Law No. 45 of 2021), you have the right to:
- Access — request a copy of all data we hold about you
- Correct — update inaccurate personal data
- Delete — request deletion of your account and all associated data
- Export — download your transaction data as CSV at any time
- Withdraw consent — stop using the service at any time
To exercise any of these rights, email us at hello@rakam.ai
7. Cookies
We use only essential cookies required for authentication (keeping you signed in).
We do not use tracking cookies, advertising cookies, or third-party analytics.
8. Third-Party Services
- Supabase — database and authentication (supabase.com/privacy)
- Anthropic Claude — AI invoice reading (anthropic.com/privacy)
- Netlify — web hosting (netlify.com/privacy)
9. Security
We protect your data using:
- Row Level Security — each user can only access their own data
- JWT authentication — every request is verified
- Encrypted connections — HTTPS everywhere
- Daily encrypted backups
- API keys stored in secure server vaults, never in client code
10. Changes to This Policy
We will notify you by email if we make material changes to this policy.
Continued use of Rakam after changes means you accept the updated policy.
© 2026 Rakam · رقم — AI Accounting Agent for UAE SMEs