Our legal policies

Effective Date: December 9, 2025 | Last Updated: April 16, 2026

Welcome to Renatus

These terms explain how Renatus works and what we expect from each other. We've written them in plain English because we believe legal documents should be readable.

By using Renatus, you agree to these terms. If something doesn't make sense, email us at support@renatus.icu.

1. What Renatus Provides

Our Service:

Renatus is a business intelligence platform that provides AI-powered assessments and strategic analysis tools, including:

Market analysis reports
Leadership assessments
AI readiness evaluations
Strategic frameworks and insights

How It Works:

You provide information about your business, industry, or leadership style
Our AI analyzes your inputs and generates customized reports
You receive actionable insights to inform your decisions

What We Promise:

Professional-grade analysis using proven business frameworks
Fast delivery (most reports in under 5 minutes)
Privacy and security of your data
Transparent pricing with no hidden fees

What We Don't Promise:

Renatus provides information and insights, not professional advice
Our AI-generated reports are tools to inform your decisions, not substitutes for human judgment
We don't guarantee specific business outcomes based on using our platform
Market conditions change rapidly; insights reflect data available at time of generation

2. Your Renatus Account

Creating an Account:

You must provide accurate information when signing up
You're responsible for keeping your password secure
You must be at least 18 years old to use Renatus
One person per account (no sharing credentials)

Account Types:

Free Tier: Access to limited features and sample reports
Premium: Full access to all assessments and detailed reports
Enterprise: Custom solutions with additional features and support

Your Responsibilities:

Keep your login credentials confidential
Notify us immediately if your account is compromised
Don't use Renatus for anything illegal or harmful
Don't attempt to reverse engineer, hack, or abuse our platform

3. Using Renatus Responsibly

Permitted Uses:

Generate reports for your own business decisions
Share reports within your organization
Use insights to inform strategy and planning
Reference Renatus in presentations (with attribution)

Prohibited Uses:

Reselling or redistributing Renatus reports as your own service
Using Renatus to generate reports for competitors or clients without a proper license
Attempting to scrape, copy, or reverse engineer our technology
Uploading malicious files or attempting to compromise our systems
Using Renatus for illegal activities or to harm others

Content You Upload:

You retain ownership of any data or documents you upload
You grant Renatus permission to process your uploads to generate your reports
You're responsible for ensuring you have rights to any content you upload
We don't use your uploaded content to train AI models or share with third parties

4. Intellectual Property

What Renatus Owns:

The Renatus platform, technology, and software
Our proprietary frameworks, methodologies, and analytical processes
The Renatus brand, logo, and design elements
Our system prompts, algorithms, and business logic

What You Own:

The specific information and data you input
Your uploaded documents and files
Your business decisions based on our insights

Generated Reports:

You receive a license to use reports we generate for you
You can share reports within your organization
You cannot resell reports or claim them as your own work
Reports include our branding and attribution (don't remove it)

5. Payment Terms

Free Tier:

No credit card required
Access to limited features
Can upgrade to Premium anytime

Premium Subscriptions:

Billed monthly or annually
Automatic renewal unless you cancel
Prices displayed clearly before purchase
Cancel anytime (no refunds for current billing period)

Refunds:

We offer refunds within 7 days of purchase if you're not satisfied
Contact support@renatus.icu with your reason
Refunds processed to original payment method within 5-10 business days
No refunds for services already consumed (e.g., reports already generated)

6. Privacy & Data Security

How We Handle Your Data:

We encrypt your data in transit and at rest
We never sell your data to third parties
We use your data only to provide Renatus services
You can delete your data anytime

Third-Party Services:

We use trusted partners to provide our service:

Anthropic (Claude AI): Powers our analysis engine
Perplexity: Provides real-time market research
Stripe: Processes payments securely
Replit: Hosts all Renatus platform infrastructure in the United States

See our Privacy tab for complete details.

7. Service Availability

Uptime:

We strive for 99.9% uptime
Occasional maintenance windows (announced in advance)
No guarantees of uninterrupted service

Limitations:

API rate limits to prevent abuse
File upload size limits (10MB per file)
Monthly usage limits on Free tier

8. Disclaimers & Limitations

No Professional Advice:

Renatus provides information and analytical tools, not professional consulting, legal, financial, or business advice. Our reports are designed to inform your decisions, but you remain responsible for your business choices.

AI-Generated Content:

Our reports are generated using artificial intelligence and may contain errors or inaccuracies. While we strive for accuracy:

Always verify critical information independently
Market conditions change rapidly; data may become outdated
Our analysis is based on publicly available information and your inputs
We encourage critical thinking and validation of our insights
Renatus does not use AI to make automated decisions that produce legal, financial, employment, or other significant effects about you as an individual without human review

No Warranties:

Renatus is provided "as is" without warranties of any kind. We don't guarantee:

Specific business outcomes or results
Error-free or uninterrupted service
That our reports will meet your specific needs
Accuracy of third-party data sources

Limitation of Liability:

To the maximum extent permitted by law:

Our liability is limited to the amount you paid us in the past 12 months
We're not liable for indirect, incidental, or consequential damages
We're not liable for lost profits, data, or business opportunities
Some jurisdictions don't allow these limitations; they may not apply to you

9. Termination

You Can Leave Anytime:

Cancel your subscription from your account settings
Request data deletion by contacting support
No penalties or cancellation fees

We Can Terminate If:

You violate these terms
You abuse or misuse the platform
Your payment method fails repeatedly
Required by law

What Happens When Service Ends:

You lose access to your account and reports
We retain data for 30 days in case you want to return
After 30 days, your data is permanently deleted (unless legally required to retain)
No refunds for unused time on current billing period

10. Dispute Resolution

Talk to Us First:

If you have a problem, please contact support@renatus.icu. We'll do our best to resolve it quickly and fairly.

Governing Law and Jurisdiction:

These Terms are governed by and construed in accordance with the laws of Malaysia. Any disputes arising under or in connection with these Terms shall be subject to the non-exclusive jurisdiction of the courts of Malaysia.

Notwithstanding the above, nothing in these Terms limits or excludes the mandatory consumer protection rights applicable to you under the laws of your country of residence, including:

EU/EEA users: Your rights under the General Data Protection Regulation (GDPR) and applicable consumer protection laws
UK users: Your rights under the UK GDPR and Consumer Rights Act 2015
Australian users: Your rights under the Australian Privacy Act 1988 and Australian Consumer Law

11. General Terms

Entire Agreement:

These terms, along with our Privacy Policy and Acceptable Use Policy, constitute the entire agreement between you and Renatus.

Amendments:

We may update these terms from time to time
Material changes announced via email and on our platform
Continued use after changes means you accept the new terms
You can reject changes by canceling your account

12. Contact Us

Questions about these terms?
Email: support@renatus.icu
Website: www.renatus.icu

Report abuse or violations:
Email: abuse@renatus.icu

Privacy concerns:
Email: privacy@renatus.icu

By using Renatus, you acknowledge that you've read, understood, and agree to be bound by these Terms of Service.

Effective Date: December 9, 2025 | Last Updated: April 16, 2026

We Take Your Privacy Seriously

Renatus Ventures Sdn Bhd is registered in Malaysia (Reg. No. 201301005838) and is subject to Malaysia's Personal Data Protection Act 2010 (PDPA). This Privacy Notice satisfies the notice requirement under PDPA Section 7. For the purposes of the Malaysia PDPA, Renatus Ventures Sdn Bhd is the data user.

At Renatus, we believe privacy is a fundamental right. This policy explains what data we collect, why we collect it, how we use it, and your rights to control it.

We've written this in plain English because privacy policies should be understandable. If something isn't clear, email us at privacy@renatus.icu.

If you are giving feedback through a Renatus 360 program, the specific commitments we make to you as a respondent — including how anonymity is preserved — are set out on a dedicated page: How your responses are protected.

Quick Summary

What We Collect:

Email address and account information
Data you provide (industry, business info, uploads)
Usage data (how you interact with Renatus)
Payment information (processed securely by Stripe)

What We DON'T Do:

Sell your data to anyone
Use your data to train public AI models
Share your reports with third parties
Track you across the web

Your Rights:

Access your data anytime
Export your data in standard formats
Delete your data permanently
Opt out of marketing emails

Our Promise: We use your data only to provide Renatus services. Your business insights are yours, not ours.

1. Information We Collect

1.1 Information You Provide

Account Information:

Email address (required)
Name (optional but recommended)
Company name (optional)
Password (encrypted, we never see it)
Payment information (handled by Stripe, not stored by us)

Business Information:

When you use our assessments, you provide:

Industry and market information
Leadership style and preferences
Strategic challenges and goals
Regional focus and business context

Uploaded Files:

Documents you upload for analysis
Spreadsheets, PDFs, or text files
We process these to generate your reports
We encrypt and store them securely

1.2 Information We Collect Automatically

Usage Data:

Pages you visit on Renatus
Features you use most frequently
Time spent on the platform
Device type and browser

Technical Data:

IP address
Browser type and version
Operating system
Cookies and similar technologies

1.3 Information from Third Parties

OAuth Login (Google):

If you sign in with Google, we receive:

Your email address
Your name
Profile picture (if public)
We don't access your Google Drive, Gmail, or other Google services

2. How We Use Your Information

2.1 To Provide Renatus Services

Core Platform Functions:

Create and maintain your account
Generate market analysis reports
Process leadership assessments
Deliver AI-powered insights
Save your reports for future access

2.2 To Improve Our Service

Product Development:

Understand how users interact with Renatus
Identify bugs and fix issues
Develop new features
Improve AI accuracy

We Do This With Anonymized Data:

We aggregate usage patterns across all users
Individual actions are anonymized
Your specific reports and data remain private

2.3 To Communicate With You

Service Communications (Always Sent):

Welcome emails
Report completion notifications
Security alerts
Policy updates
Billing notices

Marketing Communications (Opt-In):

Product updates and new features
Tips for using Renatus effectively
Educational content about business intelligence
Special offers (rarely, we're not spammy)

You can opt out of marketing emails anytime - just click "unsubscribe" or email privacy@renatus.icu.

2A. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, Renatus processes your personal data on the following legal bases under GDPR Article 6:

Data / Activity	Legal Basis	Details
Account creation and management	Performance of a Contract (Art. 6(1)(b))	Processing is necessary to provide you access to the Renatus platform.
Generating reports and assessments	Performance of a Contract (Art. 6(1)(b))	Processing your inputs is necessary to deliver the service you requested.
Payment processing	Performance of a Contract (Art. 6(1)(b))	Processing billing information is necessary to complete your purchase.
Sending service communications	Performance of a Contract / Legal Obligation (Art. 6(1)(b) and Art. 6(1)(c))	Essential service communications required to maintain your account.
Platform analytics and improvement	Legitimate Interests (Art. 6(1)(f))	We have a legitimate interest in improving our services; this is done with anonymised, aggregated data.
Sending marketing emails	Consent (Art. 6(1)(a))	Only sent where you have opted in. You may withdraw consent at any time.
Compliance with legal obligations	Legal Obligation (Art. 6(1)(c))	Where required by applicable law (e.g. financial record-keeping).
Fraud prevention and platform security	Legitimate Interests (Art. 6(1)(f))	We have a legitimate interest in protecting our platform and users from abuse.

Where we rely on legitimate interests, you have the right to object to this processing. Please see Section 5 (Your Data Rights) for details.

2B. How Renatus Uses Artificial Intelligence

Renatus is an AI-powered platform. Here is how artificial intelligence is used and what that means for you:

Ren — AI Assistant:

When you interact with Ren, you are communicating with an artificial intelligence system powered by Anthropic's Claude. Ren is not a human. All responses are generated by AI.

AI-Generated Reports:

All reports, assessments, and strategic analyses produced by Renatus are generated using artificial intelligence. They are tools to inform your decisions, not substitutes for professional advice. You should verify outputs independently before acting on them.

No automated decisions about individuals:

Renatus does not use AI to make automated decisions that produce legal or similarly significant effects about you as an individual. All outputs are provided as information and analysis for you to review and act upon at your own discretion.

AI model used:

Renatus uses Anthropic's Claude AI model as its analysis engine. Anthropic is bound by a Data Processing Agreement covering GDPR-compliant data handling.

EU AI Act:

Renatus operates in compliance with the EU Artificial Intelligence Act (Regulation (EU) 2024/1689). Our AI systems are classified as minimal or limited risk under the Act's risk-based framework. We are committed to transparent, human-overseen AI use.

3. How We Share Your Information

Our Default: We Don't Share

Your business intelligence is your competitive advantage. We don't sell, rent, or share your data with third parties for their marketing purposes.

3.1 Essential Service Providers

We share limited data with trusted partners who help us provide Renatus:

Anthropic (Claude AI):

Purpose: Power our analysis engine
Data Shared: Your inputs and conversation with Ren
Protection: Enterprise agreement with data processing terms

Perplexity API:

Purpose: Real-time market research
Data Shared: Industry and region you're analyzing
Protection: No personal identifiers sent

Stripe:

Purpose: Payment processing
Data Shared: Email, payment amount
Protection: PCI DSS compliant

Replit (Infrastructure Hosting):

Purpose: Platform hosting and deployment — all Renatus services are deployed on Replit
Data Stored: All personal data processed by the Renatus platform
Location: United States (hosted on Google Cloud Platform data centres)
Protection: Replit Data Processing Agreement incorporating Standard Contractual Clauses for EEA/UK data transfers — replit.com/dpa
Privacy Policy: replit.com/privacy-policy

All service providers:

Sign data processing agreements
Use data only to provide services to us
Cannot use your data for their own purposes
Must maintain security standards

3.2 Legal Requirements

We may disclose information if required by law:

Valid court orders or subpoenas
Legal process we're obligated to follow
To protect our rights or property
In emergencies to prevent harm

4. How We Protect Your Information

4.1 Security Measures

Encryption:

Data encrypted in transit (TLS/HTTPS)
Data encrypted at rest (AES-256)
File uploads encrypted before storage
Passwords hashed (never stored in plaintext)

Access Controls:

Least-privilege access (employees see only what they need)
Multi-factor authentication for admin access
Regular access audits
Automatic session timeouts

4.2 Data Isolation

Your Data Is Yours:

Each user's data is isolated in our database
Row-level security prevents unauthorized access
Employees cannot access your data without cause and logging
Other users cannot see your reports

4A. Data Breach Notification

In the event of a personal data breach, Renatus will:

Notify the relevant supervisory authority within 72 hours of becoming aware of the breach, where it is likely to result in a risk to the rights and freedoms of individuals, as required by GDPR Article 33.
Notify affected individuals without undue delay where the breach is likely to result in a high risk to their rights and freedoms, as required by GDPR Article 34.
For Singapore residents: notify the PDPC and affected individuals within 3 calendar days of confirming a breach involving 500+ individuals or significant harm risk, as required by Singapore's PDPA.
For Australian residents: notify the OAIC and affected individuals for eligible data breaches under the Notifiable Data Breaches (NDB) scheme of the Privacy Act 1988.
For Canadian residents: notify the Privacy Commissioner and affected individuals about breaches causing a real risk of significant harm, as required by PIPEDA.
For Japanese residents: notify the PPC and affected individuals within 30 days of discovery, as required by Japan's APPI.
Notification to affected users will be made via the email address associated with your account and/or via a prominent notice on the Renatus platform.

If you believe your data has been compromised, please contact security@renatus.icu immediately.

5. Your Data Rights

Depending on your location, you may have the following rights over your personal data. To exercise any of these rights, email privacy@renatus.icu. We will respond within one calendar month.

Right	What it means	How to exercise
Right of Access (Art. 15)	Request a copy of all personal data we hold about you.	Email privacy@renatus.icu or use Account Settings.
Right to Rectification (Art. 16)	Ask us to correct inaccurate or incomplete data.	Account Settings or email support@renatus.icu.
Right to Erasure (Art. 17)	Request deletion of your personal data ('right to be forgotten'). Some data may be retained for legal compliance.	Account Settings > Delete Account, or email privacy@renatus.icu.
Right to Data Portability (Art. 20)	Receive your data in a structured, machine-readable format (PDF, CSV, JSON).	Email privacy@renatus.icu.
Right to Restrict Processing (Art. 18)	Ask us to pause processing of your data while a complaint is under investigation or accuracy is disputed.	Email privacy@renatus.icu with subject: Restrict Processing.
Right to Object (Art. 21)	Object to processing based on legitimate interests or for direct marketing. Where you object to marketing, we will stop immediately.	Email privacy@renatus.icu or click Unsubscribe in any marketing email.
Right to Withdraw Consent (Art. 7(3))	Where processing is based on consent (e.g. marketing), you may withdraw at any time without affecting prior processing.	Click Unsubscribe or email privacy@renatus.icu.
Right to Lodge a Complaint (Art. 77)	You have the right to lodge a complaint with your local data protection supervisory authority.	See Section 5A below for supervisory authority contacts.

5A. Supervisory Authorities

EU/EEA residents may contact their national supervisory authority. A full list is available at: edpb.europa.eu/about-edpb/board/members_en

UK residents may contact the Information Commissioner's Office (ICO): ico.org.uk | 0303 123 1113

Irish residents: Data Protection Commission: dataprotection.ie

Malaysian residents may contact the Personal Data Protection Commissioner: pdp.gov.my

5B. Additional Rights for California Residents (CCPA/CPRA)

If you are a California resident, you have the following additional rights under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA):

Right to Know: You may request details about the personal information we have collected about you, including the categories of data, sources, business purposes, and third parties with whom it has been shared.
Right to Delete: You may request deletion of your personal information, subject to certain exceptions.
Right to Correct: You may request correction of inaccurate personal information.
Right to Opt-Out of Sale or Sharing: We do not sell your personal information. We do not share your personal information for cross-context behavioural advertising. You may submit a request via privacy@renatus.icu or use the 'Do Not Sell or Share My Personal Information' link in our website footer.
Right to Limit Use of Sensitive Personal Information: We only use sensitive personal information as necessary to provide our services.
Right to Non-Discrimination: We will not deny you services, charge different prices, or provide a lower quality of service because you exercised your CCPA rights.

To exercise these rights, contact: privacy@renatus.icu. We will respond within 45 days (extendable by a further 45 days with notice).

5C. Additional Rights for Brazilian Users (LGPD)

If you are located in Brazil, you have additional rights under Brazil's Lei Geral de Proteção de Dados (LGPD):

Confirmation and Access: Confirm whether we process your personal data, and receive a copy.
Correction: Correct incomplete, inaccurate, or outdated data.
Anonymisation or Deletion: Request anonymisation, blocking, or deletion of unnecessary or non-compliant data.
Portability: Receive your data in a structured format for transfer to another service provider.
Information on Sharing: Receive information about third parties with whom we share your personal data.
Deletion of Consent-Based Data: Request deletion of data processed on the basis of your consent.
Revocation of Consent: Revoke consent at any time, free of charge.
Review of Automated Decisions: Request human review of automated decisions that affect your interests.

To exercise your LGPD rights, contact: privacy@renatus.icu. Our Data Protection Officer / Encarregado is Glenn Watman, contactable at privacy@renatus.icu.

5D. Southeast Asia (Singapore & Thailand)

If you are located in Singapore or Thailand, you have equivalent rights to those described in Section 5 under the Singapore Personal Data Protection Act (PDPA) and Thailand Personal Data Protection Act (PDPA) respectively. To exercise these rights, contact privacy@renatus.icu.

5E. Australian Residents

If you are located in Australia, your personal data is handled in accordance with the Privacy Act 1988 and the Australian Privacy Principles (APPs). To make a privacy complaint, contact privacy@renatus.icu. If unsatisfied, you may contact the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.

5F. Canadian Residents

Your personal data is handled in accordance with Canada's Personal Information Protection and Electronic Documents Act (PIPEDA). Privacy Officer: privacy@renatus.icu. To make a complaint, contact the Office of the Privacy Commissioner of Canada at priv.gc.ca.

5G. Indian Residents

Your personal data is processed in accordance with India's Digital Personal Data Protection Act 2023 (DPDPA). To exercise your rights or raise a concern, contact privacy@renatus.icu.

5H. Japanese Residents

Your personal data is processed in accordance with Japan's Act on the Protection of Personal Information (APPI). For privacy inquiries, contact privacy@renatus.icu.

5I. South Korean Residents

Your personal data is processed in accordance with South Korea's Personal Information Protection Act (PIPA). To exercise your rights, contact privacy@renatus.icu.

5J. Global Privacy Rights by Jurisdiction

Renatus respects the privacy rights of users in all jurisdictions. The table below summarises your rights by region. To exercise any right, contact privacy@renatus.icu. We respond within the timeframe required by your local law (in no case more than 30 days).

Your Location	Applicable Law	Your Rights	Supervisory Authority
EU / EEA	GDPR	Access, Rectification, Erasure, Portability, Restriction, Objection, Complaint	Your national DPA (edpb.europa.eu)
United Kingdom	UK GDPR	Same as EU GDPR	ICO — ico.org.uk
Malaysia	PDPA 2010	Access, Correction, Withdrawal of Consent	PDPC Malaysia — pdp.gov.my
California, USA	CCPA/CPRA	Know, Delete, Correct, Opt-Out of Sale/Sharing, Non-Discrimination	CPPA — cppa.ca.gov
Brazil	LGPD	Confirmation, Access, Correction, Anonymisation, Portability, Deletion, Info on Sharing, Revocation of Consent, Review of Automated Decisions	ANPD — gov.br/anpd
Singapore	PDPA 2012	Access, Correction, Withdrawal of Consent, Data Portability (where applicable)	PDPC — pdpc.gov.sg
Thailand	PDPA 2022	Access, Rectification, Erasure, Portability, Objection, Restriction, Withdrawal of Consent	PDPC Thailand — pdpc.or.th
Australia	Privacy Act 1988 (APPs)	Access, Correction, Complaint	OAIC — oaic.gov.au
Canada	PIPEDA	Access, Correction, Withdrawal of Consent, Complaint	OPC — priv.gc.ca
India	DPDPA 2023	Access, Correction, Erasure, Grievance Redressal, Nominee Rights	Data Protection Board (when constituted)
Japan	APPI 2022	Disclosure, Correction, Suspension of Use, Third-Party Provision Records	PPC — ppc.go.jp
South Korea	PIPA	Access, Correction, Deletion, Suspension of Processing	PIPC — pipc.go.kr
Indonesia	PDP Law 2022	Access, Correction, Deletion, Objection, Portability	National Data Protection Authority (when constituted)
All other regions	Applicable local law	We honour equivalent rights wherever legally required	Contact privacy@renatus.icu

6. Data Retention

6.1 How Long We Keep Your Data

Active Accounts:

Account data: As long as your account is active
Reports and assessments: As long as your account is active
Conversation history: As long as your account is active
Uploaded files: As long as your account is active or until you delete them

Deleted Accounts:

Active data deleted within 30 days
Backup systems purged within 90 days
Some records retained for legal compliance (tax, fraud prevention)

7. Cookies and Tracking

7.1 Cookies We Use

Essential Cookies (Always Active):

Session management (keep you logged in)
Security (prevent fraud)
Load balancing (ensure performance)

7.2 Third-Party Tracking

We Don't:

Use advertising cookies
Track you across other websites
Sell tracking data to data brokers
Share your behavior with advertisers

8. International Data Transfers

Renatus is headquartered in Malaysia and operates globally. Your data may be transferred to and processed in countries outside the European Economic Area (EEA), including Malaysia and the United States.

Where we transfer personal data outside the EEA, we ensure appropriate safeguards are in place as required by GDPR Chapter V. These safeguards include:

Standard Contractual Clauses (SCCs): For transfers to our service providers including Replit (US, infrastructure hosting), Anthropic (US), Stripe (US), and Perplexity (US), we rely on the European Commission's Standard Contractual Clauses (Commission Implementing Decision (EU) 2021/914).
Adequacy decisions: Where the European Commission has determined that a country offers adequate protection, we rely on that adequacy finding.
Data Processing Agreements: All third-party processors who handle EEA personal data are bound by Data Processing Agreements that impose GDPR-equivalent obligations.

Transfers of UK residents' personal data:

For transfers of UK residents' personal data to third countries, Renatus relies on:

UK International Data Transfer Agreements (IDTAs) where applicable; or
The UK Addendum to the European Commission's Standard Contractual Clauses (as approved by the ICO under S119A of the UK Data Protection Act 2018).

Transfers of Malaysian residents' personal data:

Where we transfer personal data originating in Malaysia to countries outside Malaysia, we ensure appropriate safeguards are in place as required by the Malaysia PDPA and its Cross Border Data Transfer Standards.

You may request a copy of the relevant safeguards by emailing privacy@renatus.icu.

9. Children's Privacy

Renatus is Not for Children:

You must be 18+ to use Renatus
We don't knowingly collect data from children under 18
If we learn a child has provided data, we'll delete it immediately

Parents: If you believe your child has used Renatus, contact privacy@renatus.icu immediately.

10. Changes to This Policy

We May Update This Policy:

As we add new features
To comply with new laws
To improve clarity

When We Make Changes:

We'll update the "Last Updated" date
Material changes: Email notification
You'll see a notice on the platform
Continued use = acceptance of changes

Contact Us

General Questions: support@renatus.icu
Privacy Concerns: privacy@renatus.icu
Security Issues: security@renatus.icu
Legal Matters: legal@renatus.icu

Data Protection Officer

Renatus Ventures Sdn Bhd has designated a Data Protection Officer (DPO) responsible for overseeing data protection strategy and compliance with applicable privacy laws, including the GDPR, UK GDPR, Malaysia PDPA, Brazil LGPD (Encarregado), and other applicable frameworks.

Data Protection Officer (DPO / Encarregado): Glenn Watman
Organisation: Renatus Ventures Sdn Bhd
Contact: privacy@renatus.icu

You may contact the DPO directly with any questions, concerns, or requests relating to your personal data or our compliance with applicable privacy laws.

Effective Date: April 15, 2026 | Last Updated: April 16, 2026

Cookie Policy

Cookies are small text files that a website stores on your device when you visit. They allow the website to remember your actions and preferences over time. This policy explains what cookies Renatus uses, why, and how you can control them.

1. Essential Cookies (Always Active)

These cookies are strictly necessary for the Renatus platform to function. They cannot be disabled without preventing core features from working.

session_token — Keeps you logged in during your session. Duration: Session (deleted on browser close).
csrf_token — Prevents cross-site request forgery attacks. Duration: Session.
consent_preferences — Remembers your cookie consent choices. Duration: 12 months.

2. Functional Cookies (Optional)

These cookies enable enhanced functionality and personalisation. If you disable them, some features may not work as intended. We only set these cookies with your consent.

ren_lang — Remembers your preferred language. Duration: 12 months.
ui_settings — Remembers your display preferences. Duration: 6 months.

3. Analytics Cookies (Optional)

If you consent, we may use analytics cookies to understand how users interact with Renatus. This helps us improve the platform. All analytics data is aggregated and anonymised — it is never used to identify you personally.

We do not currently use third-party analytics tools. If this changes, this policy will be updated and your consent will be requested.

4. Third-Party Cookies

Some third-party services integrated into Renatus may set their own cookies. These are governed by the privacy policies of those third parties:

Stripe — Payment processing. stripe.com/privacy
Google (OAuth) — Sign-in with Google. policies.google.com/privacy
Anthropic — AI analysis engine (server-side processing, no browser cookie). anthropic.com/privacy

5. Your Cookie Choices

5.1 Cookie Consent Banner

When you first visit Renatus, you will see a cookie consent banner. You can:

Accept all cookies — enables all categories above
Accept essential only — disables functional and analytics cookies
Customise — choose which non-essential categories to enable

Your preferences are saved for 12 months. You can change them at any time by clicking Cookie Settings in the footer of the Renatus website.

5.2 Browser Controls

You can also control cookies directly through your browser settings. Note that blocking all cookies may prevent Renatus from functioning correctly.

5.3 Opt-Out of Analytics

If you have consented to analytics cookies and wish to opt out, you can use the Cookie Settings panel in the Renatus footer.

6. Legacy Platform Data Migration

If you were a user of the previous Renatus platform, your account data has been migrated to this new platform. Your reports from the previous platform remain accessible at legacy.renatus.icu.

This migration was performed under the legal basis of Performance of a Contract (GDPR Art. 6(1)(b)) — your existing service relationship was carried over to ensure continuity of access. No additional data was collected during the migration beyond what was already held under your previous account.

If you wish to exercise any of your data rights regarding the migrated data, please email privacy@renatus.icu.

Contact

For questions about our use of cookies, contact:
privacy@renatus.icu
Renatus Ventures Sdn Bhd | Reg. No. 201301005838

Effective Date: December 9, 2025 | Last Updated: April 16, 2026

Our Commitment to Responsible Use

Renatus is built to help leaders make better decisions, faster. We trust our users to use the platform responsibly and ethically.

This Acceptable Use Policy explains what we consider appropriate and inappropriate use of Renatus. By using our platform, you agree to these guidelines.

Permitted Uses

Business Intelligence & Strategy

Generate market analysis reports for your business
Create leadership assessments for yourself or your team
Use AI readiness assessments to evaluate your organization
Reference Renatus insights in internal strategy documents
Share reports within your organization
Use insights to inform business decisions and planning

Commercial Use (With Proper License)

Consultants: Generate reports for clients (with Premium or Enterprise license)
Coaches: Use assessments as part of coaching engagements
Companies: Deploy across teams with appropriate licensing
Agencies: White-label with Enterprise agreement

Content Sharing

Share your generated reports with colleagues
Present Renatus insights in meetings (with attribution)
Include report excerpts in internal documents
Reference Renatus in investor or board presentations

Prohibited Uses

Platform Abuse

System Manipulation:

Attempt to reverse engineer Renatus technology
Scrape, spider, or crawl our platform
Use automated tools to access services without permission
Attempt to bypass rate limits or security measures
Probe, scan, or test vulnerabilities in our systems

Account Abuse:

Create multiple accounts to circumvent free tier limits
Share account credentials with others
Use bots or automated scripts to generate reports
Manipulate usage metrics or billing

Reselling Without License:

Resell Renatus reports as your own consulting service without proper licensing
White-label Renatus content without an Enterprise agreement
Compete directly with Renatus using our own technology

Harmful Activities

Illegal Use:

Use Renatus for any illegal purpose or to facilitate illegal activity
Violate any applicable laws or regulations
Infringe on intellectual property rights of others
Engage in fraud, money laundering, or other financial crimes

Harmful Content:

Upload malware, viruses, or malicious code
Attempt to gain unauthorized access to other users' data
Transmit spam, phishing attempts, or deceptive content
Distribute hate speech, harassment, or discriminatory content

Data Misuse

Privacy Violations:

Upload personal data of individuals without consent
Share sensitive data of others without authorization
Violate GDPR, CCPA, or other privacy regulations
Attempt to identify or track other Renatus users

Fair Use Guidelines

API & Usage Limits

Rate Limits:

Free Tier: 10 reports per month
Premium: Unlimited reports with fair use policy
Enterprise: Custom limits by agreement

Fair Use Definition:

"Fair use" means normal business usage for your legitimate needs. We reserve the right to define abuse as:

Generating hundreds of reports in a short time for resale
Using the platform primarily to train competing AI models
Systematic download of our entire database of insights

Content You Upload

Your Responsibilities:

Ensure you have rights to upload content
Don't upload copyrighted material without permission
Verify data accuracy to the best of your knowledge
Protect sensitive information appropriately

File Restrictions:

Maximum file size: 10MB per upload
Allowed formats: PDF, DOCX, TXT, CSV
No executable files (.exe, .sh, .bat)
No encrypted or password-protected files

Security & Privacy

Protecting the Platform:

Report security vulnerabilities responsibly (security@renatus.icu)
Don't exploit vulnerabilities you discover
Don't attempt unauthorized access to other accounts
Follow responsible disclosure practices

Protecting User Privacy:

Don't attempt to access other users' data
Don't reverse engineer user identification methods
Don't share login credentials
Report suspected account compromises immediately

Enforcement

Our Response to Violations

First Offense (Minor):

Warning via email
Temporary account suspension (24-48 hours)
Opportunity to correct behavior

Repeat or Serious Violations:

Account suspension (7-30 days)
Permanent account termination
Legal action if necessary
Report to law enforcement for illegal activity

Immediate Termination:

We reserve the right to immediately terminate accounts for:

Illegal activities
Security threats to our platform
Severe violations of this policy
Court orders or legal requirements

Appeals Process

If Your Account Is Suspended:

Email support@renatus.icu with subject "Account Suspension Appeal"
Explain the situation from your perspective
We'll review within 3 business days
Decision will be final unless new evidence emerges

Reporting Violations

How to Report:

Email: abuse@renatus.icu

Include:

Description of the violation
Account or content in question (if known)
Any relevant screenshots or evidence
Your contact information

We'll Respond:

Acknowledgment within 24 hours
Investigation initiated immediately
Action taken as appropriate
Follow-up on resolution (when possible)

Questions?

Not Sure If Something Is Allowed?

Email: support@renatus.icu
Subject: "Acceptable Use Question"

We're happy to clarify before you proceed. It's always better to ask than assume.

Our Commitment

We Promise:

Fair and consistent enforcement
Clear communication about violations
Opportunity to correct minor issues
Respect for your privacy while ensuring platform safety
Transparency in our policies and actions

We Expect:

Ethical use of our platform
Respect for other users
Cooperation with reasonable requests
Honest communication
Good faith in all interactions

Contact Us

General Questions: support@renatus.icu
Report Abuse: abuse@renatus.icu
Security Issues: security@renatus.icu
Legal Matters: legal@renatus.icu