Privacy Policy

Last updated: September 7, 2025

Screenwise is a subsidiary of Rafiki Inc. Rafiki, Inc. and its affiliates ("Rafiki", "we", "our" or "us") are committed to protecting the privacy and security of personal data entrusted to us.  This Privacy Policy explains what personal data we collect, how we use it, who we share it with, and the rights and choices available to data subjects in connection with our websites, products and services.

1. Scope & Key Definitions

Services – The Screenwise Voice AI analytics SaaS platform, apps, APIs, and related tools.

Platform – The web and mobile interfaces through which users access the Services.

Sites https://screenwise.ai and any sub‑domains, landing pages, marketing sites or emails we control.

Customer– A company or organization that has executed an agreement with Rafiki Inc/Screenwise for the Services.

Customer Data – Content our Customers upload or connect to the Services (e.g., call recordings, transcripts, CRM data).

Screenwise User Data – Account and usage data about individuals who access the Platform (e.g., reps, admins).

Prospect / Website Data – Data about visitors to our Sites, event attendees, marketing contacts, and sales prospects.

Personal Data – Any information relating to an identified or identifiable natural person.

2. Roles Under Data‑Protection Laws

Customer = Data Controller (or CCPA “Business”) for Customer Data.

Screenwise = Data Processor (or CCPA “Service Provider”) for Customer Data.

Screenwise is independent Data Controller for Screenwise User Data and Prospect / Website Data.

Screenwise processes Customer Data solely on documented Customer instructions, as set out in the Master Subscription Agreement or Terms of Service (collectively, the “Agreement”), any Data Processing Agreement (“DPA”) if executed, or other written instructions provided by the Customer. If no standalone DPA is in place, this Privacy Policy together with the Agreement constitute the legally binding data‑processing terms between the parties.

3. Data Collection & Processing

3.1 Customer Data (processed as Data Processor)

Screenwise processes Customer Data strictly per documented instructions, never for model‑training by default, and always under the terms of the Agreement (or a DPA, if one is in place).

What it includes – phone and video recordings, transcripts, emails, CRM objects, contact lists and any other content a Customer connects to Rafiki (“Customer Data”).  This may contain Personal Data about sales reps, prospects or anyone mentioned.

Who does what – the Customer is the Data Controller; Screenwise is the Data Processor. Any third‑party vendors we rely on are sub‑processors subject to GDPR‑equivalent terms.

Why we process it – to deliver, secure and improve the Services under four lawful bases:performance of contract (core functionality)legitimate interest (quality, reliability, security)legal obligation (tax, audit, compliance)explicit consent for optional biometric speaker recognition

Voiceprints – Screenwise generates a unique voice pattern per user to improve speaker identification.  Creation and use of biometric data requires the Customer to collect informed consent and comply with any one‑party / two‑party consent recording laws.

Customer responsibilities – decide whether, when and how to record or analyse communications, provide required notices, and collect any necessary consents.

No default AI training – Screenwise does not use Customer Data to train machine‑learning models unless the Customer signs a separate written opt‑in.

Safeguards & retention – Customer Data is protected by the controls in Section 9 and kept only for the term and purposes the Customer selects, then deleted or anonymized.

3.2  Screenwise User Data (processed as independent Controller)

  • What we collect –
    • Account identifiers (name, email, hashed password, role, team)
    • Profile details (title, phone, photo, any info the user or Customer adds)
    • Usage telemetry (IP address, device/OS, browser, activity logs, cookies, session recordings)
    • Support interactions (tickets, chat or call recordings, enablement sessions)
  • Purpose – to authenticate users, provide support, improve the Platform, secure the Service, and run internal analytics (see Section 5).
  • Role split – when this data is embedded inside Customer Data, Rafiki acts as a Processor; otherwise Rafiki is the independent Controller.
  • Opt‑outs & rights – Users can adjust marketing consents and request access or deletion at any time.

3.3  Prospect / Website Data (processed as independent Controller)

  • What we collect –
    • Site analytics (IP, device type, pages visited, referrers, cookies/pixels)
    • Marketing lead info (name, email, phone, company, job title, preferences)
    • Event details (registrations, attendance, feedback)
    • Interactions with Screenwise ads, newsletters or download pages
  • How we collect – directly from forms, cookies and pixels, social‑media platforms, third‑party event tools, and CRM integrations.
  • Why we process it – to run our website, understand visitor behaviour, improve marketing campaigns, nurture leads, host events and send relevant content—all under legitimate interest or consent (with opt‑out).  Prospect / Website Data (processed as independent Controller)
  • Site analytics (IP, device, pages viewed, cookies, referrers)
  • Marketing lead data (name, email, phone, company, job title)
  • Event registration details and interactions with Screenwise ads or emails

We collect data 

(i) directly from individuals; 

(ii) automatically via cookies, pixels and similar tech; and 

(iii) from third‑party integrators (e.g., CRM, calendar, conferencing tools) authorized by the Customer.

4.  Legal Bases for Processing (GDPR Art. 6)

Screenwise always relies on at least one lawful basis when processing Personal Data:

  • Performance of contract – operating the core Services you subscribe to, authenticating users, providing recordings and transcripts, and delivering support.
  • Legitimate interest – maintaining platform reliability and security, fixing bugs, analyzing usage to improve features, and administering billing where no signed contract exists. We conduct a balancing test to ensure these interests do not override data‑subject rights.
  • Legal obligation – meeting tax, accounting, audit, and law‑enforcement requirements, and preventing fraud.
  • Consent – placing optional analytics or marketing cookies on our Sites and sending Screenwise‑branded marketing emails only to website visitors or prospects who have deliberately opted‑in. We do not use Customer Data to market to a Customer’s end users, and meeting‑reminder emails that Screenwise sends on behalf of a Customer are treated as contractual service communications (they can be disabled in workspace settings). Consent is never required from Customer‑end users because Screenwise does not use Customer Data for its own promotions. Consent can be withdrawn at any time by emailing privacy@screenwise.ai. Consent may be withdrawn at any time by contacting privacy@screenwise.ai
  • Explicit consent (Art. 9 GDPR) – creation and use of biometric voiceprints for mandatory speaker‑recognition functionality in Screenwise and to improve transcription accuracy and analytics.

We apply data‑minimization and purpose‑limitation principles to every processing activity described in this Policy.

5. How We Use Personal Data

Screenwise uses the different categories of Personal Data described above for the purposes set out below.  We always rely on a valid legal basis (see Section 4), apply the principle of data minimization, and honor opt‑out or consent preferences at any time.

  • Delivering and operating the Services. We host meetings, transcribe audio, surface insights and make recordings available to authorised Customer users.  Without this processing the core product would not function.
  • Account management and customer support. Personal Data helps us authenticate users, reset passwords, resolve support tickets, and send essential service notices such as billing or security alerts.
  • Product maintenance and improvement. Usage telemetry and diagnostics allow us to understand feature performance, fix bugs, and develop new capabilities—always balancing our legitimate interest with data‑subject privacy.
  • Security, fraud‑prevention and compliance. We log access, monitor anomalies, run audits, and retain evidence required under tax, financial‑reporting or other laws.
  • Marketing and events. With a lawful basis (legitimate interest or consent, depending on region) we may send product updates, event invitations, or educational content.  Individuals can opt out of promotional messages at any time via the unsubscribe link or by emailing support@screenwise.ai.

No Default AI Training – Rafiki does not use Customer Data to train any internal or third‑party machine‑learning models unless the Customer has provided separate, written opt‑in consent.

 6. Data Sharing & Disclosure

Rafiki discloses Personal Data only when necessary and with appropriate safeguards in place:

  • Sub‑processors. We rely on a limited number of trusted service providers—such as cloud‑hosting platforms, speech‑to‑text engines, email‑delivery vendors and analytics tools—to power and improve our Services. Each sub‑processor is bound by a written agreement that requires confidentiality, robust security controls and GDPR‑equivalent protection. Please refer to our full list of sub-processors.
  • Customer users & administrators. Content uploaded to a Customer workspace—such as recordings or transcripts—can be accessed by that Customer’s authorized users and admins in accordance with the Customer’s chosen permission settings.
  • Legal or regulatory requirements. We may disclose Personal Data when required by law, subpoena or court order, or when we believe it is necessary to protect the rights, property or safety of Rafiki, our users or the public. Where legally permitted, we will give the affected Customer prior notice.
  • Business transfers. If Rafiki undergoes a merger, acquisition or other change of control, Personal Data may be transferred to the acquiring entity, subject to this Policy.
  • Aggregated or de‑identified information. We may share analytics or benchmarks derived from aggregated or de‑identified data that cannot reasonably be used to identify an individual.

Rafiki does not sell Personal Data and will never share it with third‑party advertisers in exchange for monetary consideration.

7. Data Location

Primary hosting region – United States.  All Customer Data and backups are stored by default in Rafiki’s U.S. cloud infrastructure.

Optional EU/UK data residency.  Enterprise Customers located in the EEA or United Kingdom may request that their Customer Data be stored and processed exclusively within an EU data‑centre (currently Frankfurt, Germany).  Data‑residency add‑ons must be agreed in writing before provisioning.

Cross‑border safeguards.  Whenever Personal Data is transferred from the EEA/UK/CH to the U.S. (for example, when an EU tenant elects U.S. hosting or when support staff in the U.S. access EU‑hosted data):Rafiki relies on the European Commission’s Standard Contractual Clauses (SCCs) and any UK Addendum as the primary transfer mechanism; andApplies supplementary technical and organisational measures (e.g., encryption at rest/in‑transit, strict access controls).

Sub‑processor locations.  Sub‑processors are limited to the same region selected by the Customer wherever feasible; any unavoidable extra‑regional processing is covered by SCCs and listed in Rafiki’s sub‑processor registry.

8. Data Retention & Deletion

Customer Data – retained only for the subscription term or as instructed in the DPA. Customers may delete recordings at any time; deleted items are purged from backups within 30 days.
Rafiki User / Prospect Data – kept as long as necessary for the purposes stated or as required by law. Periodic reviews ensure non‑essential data is anonymized or erased.

9. Cookies & Tracking Technologies

Our Sites use cookies and similar technologies for authentication, analytics and advertising. Users can manage cookie preferences in our cookie banner or browser settings.

10. Communications

We engage in service and promotional communications, through e-mail, phone, SMS and notifications.

Service Communications: We may contact you with important information regarding our Services. For example, we may send you notifications (through any of the means available to us) of changes or updates to our Services, billing issues, service changes, log-in attempts or password reset notices, etc. Our customers, and other users on the same customer account, may also send you notifications, messages and other updates regarding their or your use of the Services. Such notifications and messages may also be sent by them to their own customers (for example, invites, recordings or meeting summaries created through our Services). You can typically control your communications and notifications settings from your Rafiki User profile settings, or otherwise in accordance with the instructions included in the communications sent to you. Please note that you will not be able to opt-out of receiving certain service communications which are integral to your use (like password resets or billing notices).

Promotional Communications: We may also notify you about new features, additional offerings, events, special opportunities or any other information we think you will find valuable, as our customer, user or prospect. We may provide such notices through any of the contact means available to us (e.g. phone, mobile or e-mail), through the Services, Platform or Sites, or through our marketing campaigns on any other sites or platforms.

If you do not wish to receive such promotional communications, you may notify Rafiki at any time by sending an e-mail to: support@screenwise.ai, changing your communications preferences in your User Profile settings, or by following the “unsubscribe”, “stop”, “opt-out” or “change e-mail preferences” instructions contained in the promotional communications you receive.

11. Security Measures

Rafiki maintains industry‑standard technical and organizational measures, including:

  • TLS 1.2+ encryption in transit & AES‑256 at rest
  • Role‑based access controls and MFA for employee access
  • Network segmentation and firewalls
  • SOC 2 Type 1 certification; SOC 2 Type 2 audit in progress
  • Regular penetration tests and vulnerability scans
  • Business continuity & disaster‑recovery plans

12. Data Subject Rights

Individuals in the EU/EEA, UK and other regions may have rights to:

Requests should be sent to privacy@screenwise.ai. We will respond within 30 days.  Individuals may also lodge a complaint with their local data‑protection authority.

  • Access, correct or delete their Personal Data
  • Restrict or object to processing
  • Port data to another controller
  • Withdraw consent at any time
Individuals in the EU/EEA, UK and other regions may have rights to:Restrict or object to processingPort data to another controllerWithdraw consent at any timeRequests should be sent to privacy@screenwise.ai. We will respond within 30 days.  Individuals may also lodge a complaint with their local data‑protection authorit

13. Children's Privacy

Rafiki Services are not directed to children under 13. We do not knowingly collect Personal Data from children. If we learn that a child has provided us data, we will delete it.

14. Updates to the Privacy Policy

Rafiki, Inc. has the discretion to update this privacy policy at any time. When we do, we will revise the updated date at the bottom of this page. We encourage Users to frequently check this page for any changes to stay informed about how we are helping to protect the personal information we collect. You acknowledge and agree that it is your responsibility to review this privacy policy periodically and become aware of modifications.

15. Contact Us

Questions about this Policy or our privacy practices?
Email: privacy@screenwise.ai


© Copyright 2025  
All rights reserved.

Product
How it worksTemplates
Solutions
Corporate HRStartups & SMEsRecruiting AgenciesHealthcare ProvidersHospitality & RetailManufacturing & Warehouse
Company
About UsSafetyContact Us
Resources
BlogHelp Center
Privacy PolicyTerms and ConditionsRafiki logo