Effective May 28, 2026. Last updated May 28, 2026. We may revise this policy; the current version always lives at this URL. A small number of items are marked [[CONFIRM WITH COUNSEL]] — those reflect ongoing legal review and will be finalized in a posted update.
1. Who We Are and How to Contact Us
ReBillion (“ReBillion,” “we,” “us,” or “our“) is an AI platform that provides AI transaction tools and human assistance to U.S. brokerages, document-custodian (“DC”) companies, real estate brokers, agents, and transaction coordinators. We help them manage transactions and communicate with their own clients, agents, and counterparties. ReBillion is operated by Garvik AI Pvt. Ltd., an India-registered company that operates the ReBillion product.
Registered office: Bengaluru, Karnataka, India.
General contact: support@rebillion.ai
Privacy inquiries: privacy@rebillion.ai
Legal inquiries: legal@rebillion.ai
SMS / opt-out support: privacy@rebillion.ai
You can also reach us by phone at +1 (to be assigned).
If you need this policy in an accessible format, email privacy@rebillion.ai.
2. Scope of This Policy and Our Role
This policy explains how we collect, use, share, and protect personal information across:
- The marketing website at rebillion.ai (landing pages, the blog at rebillion.ai/blog, and any subdomains we operate);
- The customer dashboard at dashboard.rebillion.ai;
- Related tools, APIs, browser extensions, and integrations;
- Email, SMS, MMS, and voice calls that we send to our own Customers about their accounts (billing, onboarding, support, security, transaction deadlines, and — with separate consent — our own marketing);
- Calls and texts ReBillion staff (or AI-assisted systems) send on behalf of a Customer to the Customer’s clients, agents, or counterparties for transactional purposes, when the Customer has provided the number for that purpose;
- The platform features that let Customers connect their own phone numbers and have the platform answer or place texts and calls on the Customer’s behalf;
- Sales and demo interactions, including form submissions and recorded discovery calls;
- Customer support channels (chat, email, phone).
The policy applies whether you are a Customer (a brokerage, DC company, broker, agent, or transaction coordinator who has signed up for ReBillion), an end user (a party to a real estate transaction whose information is processed through the platform by a Customer), a lead or prospect, or a visitor to our marketing pages.
What ReBillion is. We provide AI transaction tools and human assistance. Depending on the use case, ReBillion is either (a) the sender or caller — for our own direct messages to Customers, and for transactional outreach we make on a Customer’s behalf when the Customer has connected a number for that purpose; or (b) the platform — when the Customer uses platform features directly under the Customer’s own number and brand, in which case the Customer is the sender or caller for TCPA, DNC, CAN-SPAM, and state telemarketing purposes. Section 5 walks through each scenario.
Controller vs. processor. When a brokerage uploads a transaction document to ReBillion, that document usually contains personal information about people who are not ReBillion Customers: buyers, sellers, co-signers, attorneys, escrow officers, lenders. For that information the Customer is the controller (or “business” under CCPA) and ReBillion acts as a processor (or “service provider”) under the Master Services Agreement and Data Processing Addendum. End users who want to exercise rights against their own brokerage should contact the brokerage; we will assist the brokerage in responding.
3. Information We Collect
3.1 Information you give us directly
- Account information: name, work email, phone number, brokerage/team/DC-company name, role (agent / TC / broker / DC operator / admin), state of licensure, license number (optional), profile photo.
- Billing information: company name, billing address, payment-card last 4 and brand (the full card number stays with our PCI-compliant payment processor — see Section 7), tax ID where applicable.
- Communications with us: support tickets, demo-call recordings (where you consent), survey responses, feedback.
- Marketing-form submissions: name, work email, phone number, brokerage size, current tools, free-text fields.
3.2 Information you upload or that flows through the service
- Real estate transaction documents: purchase agreements, listing agreements, disclosures, addenda, side letters, escrow instructions, and attachments. These may contain personal information about parties to the transaction, including full names, mailing addresses, phone numbers, email addresses, dates of birth, Social Security numbers, financial account information, mortgage information, and other sensitive identifiers.
- Transaction metadata: counterparty information, dates, milestones, deadlines, contingencies, addresses of subject properties.
- Customer messaging and call content: the texts and call audio that the Customer’s connected number sends and receives through the platform, including content the AI generates on the Customer’s behalf; and the texts and call audio that ReBillion (staff or AI-assisted systems) sends on a Customer’s behalf for transactional purposes.
- Contact data synced from integrations: contacts from Google Drive, Dotloop, SkySlope, BrokerMint, OTC, Follow Up Boss, and other platforms you connect.
Sensitive personal information. Transaction documents often contain “sensitive personal information” under state law (SSNs, financial-account information, government identifiers, sometimes precise geolocation). We process this information only as needed to deliver the service. We do not use it for cross-context behavioral advertising, and we do not sell or share it. Where state law gives you a right to limit the use of sensitive personal information, we honor that right. See Section 10. We collect only what is reasonably necessary for the purposes described in this policy.
3.3 Information we collect automatically
- Device and log data: IP address, browser type, OS, device identifiers, referrer URL, pages visited, time on page, clickstream, crash logs.
- Cookies, pixels, and similar technologies: see Section 6.
- Product telemetry: which features you use, how often, and what errors occur. We use this to improve the product.
3.4 Information from third parties
- Identity / business-verification services: to verify brokerage details, license status, and (where Customer-side A2P 10DLC registration runs through us) tax-ID information for the Customer’s brand registration.
- Enrichment / lead-data providers: for sales and marketing operations.
- Public sources: MLS feeds where licensed, public records, social profiles you’ve made public.
- Authentication providers: if you sign in with Google or Microsoft, we receive the basic profile fields you authorize.
4. How We Use the Information
We use personal information to:
- Run the service — ingest, parse, analyze, store, and route transaction documents; build timelines; check state-specific compliance items; sync to your other tools.
- Run AI analysis — extract structured fields, summarize documents, draft communications for the Customer to review, surface deadlines, and flag compliance issues. AI processing is described in Section 11 below and in our Terms.
- Operate accounts and billing.
- Provide support and human assistance — respond to tickets, triage bugs, run training, and provide the human-in-the-loop assistance that some plans include (a ReBillion team member handling transaction tasks alongside the AI).
- Communicate with our Customers about their account and transactions — service messages, security and billing notices, transaction-deadline reminders, product updates, and (with separate consent where required) our own marketing.
- Reach the Customer’s transaction parties on the Customer’s behalf — where the Customer has provided phone numbers and asked us to handle communications about a transaction (see Section 5.2).
- Operate the platform’s customer messaging features under Section 5.
- Secure the service — detect and prevent abuse, fraud, unauthorized access, and violations of our Terms.
- Improve and develop the service — including aggregated and de-identified analytics. We do not train ReBillion-owned AI models on Customer Data, and we contractually require our third-party model providers not to train their models on Customer Data — see Section 11.
- Comply with law — respond to lawful requests, enforce our Terms, and pursue or defend legal claims.
Fair housing. The platform is used by licensed real estate professionals. The Customer is responsible for the content the AI generates and sends on the Customer’s behalf, including for compliance with the federal Fair Housing Act and any state or local fair-housing rule. We provide tooling and disclaimers, but the legal duty sits with the Customer.
Lawful bases (where applicable)
Where a privacy law requires a lawful basis (e.g., GDPR, or India’s DPDPA where applicable), our bases are:
- Performance of a contract — to provide the service you signed up for.
- Legitimate interests — to secure, improve, and grow the service, where not overridden by your rights.
- Consent — for our own marketing SMS and certain marketing emails, cookies that require consent, and optional AI features that involve processing beyond what is strictly necessary.
- Legal obligation — to retain records, respond to regulators, and similar.
5. How Phone Numbers Are Used — by Us and by Our Customers
ReBillion’s messaging and calling are predominantly non-marketing, utility communications tied to real estate transactions. Most calls and texts we make or send are about a specific deal — a closing date, a missing signature, a document that needs to move. The TCPA, the FTC’s Telemarketing Sales Rule (16 C.F.R. § 310), the federal Do Not Call rules, and CAN-SPAM apply differently — and less restrictively — to transactional/informational calls than to telemarketing. We treat that distinction seriously and don’t try to dress marketing up as utility.
This section walks through the three scenarios we operate in today, plus our handling of opt-outs and our forward-looking position on AI-voice and mass messaging.
5.1 Direct, non-marketing communications from ReBillion to our own Customers
If you sign up for ReBillion and give us your phone number, we may use that number to send you account-related communications:
- Transactional / service communications. Onboarding steps, security alerts, billing notices, transaction-deadline reminders you’ve enabled, support replies, scheduling, and similar account-related items. These are non-marketing and are sent on the basis of your having provided the number for that purpose at signup, with clear disclosure. They do not require separate marketing consent.
- Who sends them. ReBillion is the sender or caller. The communication may be composed or placed by a ReBillion staff member, or by an AI-assisted system that drafts the message for staff review, or by an automated system for purely operational notifications (billing, security).
- Inbound contact from you. When you call or text ReBillion staff for support, scheduling, or transaction questions, that communication is also transactional. We may record support calls where you consent, and we retain the content for support quality and recordkeeping.
For our own marketing texts or calls to Customers, the consent rules in Section 5.3 apply.
5.2 Outreach on behalf of a Customer to their clients, agents, or counterparties (predominantly for a transaction)
A core part of the service is that a Customer connects a phone number through the platform — their own number, their client’s number, an agent’s number, a counterparty’s number — and asks ReBillion to handle communications about a transaction. This happens in two ways:
- (a) ReBillion reaches out on the Customer’s behalf. A ReBillion team member, or an AI-assisted system, places calls or sends texts to the Customer’s clients, agents, or counterparties for transactional/utility purposes. Typical examples: “Your closing disclosure is ready,” “The seller signed the addendum,” “We need the wire details by end of day,” “Inspection is rescheduled to Thursday.” These are not telemarketing. They are about the transaction the recipient is already a party to. They are not subject to the TCPA’s prior-express-written-consent requirement for marketing autodialed, pre-recorded, or AI-voice calls, because they are not marketing.
- (b) The Customer (or the Customer’s contacts) use platform features directly. The Customer connects their number to the platform and the AI answers or places texts and calls under the Customer’s own number and brand. Recipients see the Customer’s name and number, not ours. For TCPA, DNC, CAN-SPAM, and state telemarketing purposes in this mode, the Customer is the sender or caller; ReBillion is the platform provider. See Section 5 of the Terms.
In either path:
- The Customer represents and warrants that each recipient is a party to the transaction the communication is about, and that the Customer has the relationship (broker–client, agent–counterparty, TC–party) that justifies the contact.
- ReBillion does not use Customer-on-behalf outreach for marketing on the Customer’s behalf unless the Customer has obtained marketing consent from the recipient and provided that consent to us.
- Where ReBillion staff or AI-assisted systems handle the outreach (path (a)), we still respect the recipient’s request to stop being contacted. A “stop calling about this” from the recipient is honored across the transaction and logged on the Customer’s account.
5.3 ReBillion’s own marketing — limited and DNC-compliant
From time to time ReBillion reaches out to brokerages, DC companies, real estate professionals, and prior or current prospects to market our services. People also reach out to us — some because they need the service (transactional), some in response to our marketing. We handle our own marketing as follows:
- Marketing voice calls. For any marketing voice calls, ReBillion scrubs against the federal Do Not Call Registry and applicable state DNC lists, and places calls within federal calling-window rules (8:00 a.m. to 9:00 p.m. recipient local time, stricter where state law applies). Where ReBillion relies on the Existing Business Relationship (EBR) safe harbor under 16 C.F.R. § 310 (FTC Telemarketing Sales Rule) for DNC purposes, that applies. The EBR is a DNC safe harbor only; it does not substitute for the prior-express-written-consent that the TCPA requires for marketing autodialed, pre-recorded, or AI-voice calls.
- Marketing SMS. For any marketing SMS specifically, ReBillion obtains prior express consent at the point of capture — a separate, unticked opt-in checkbox with clear and conspicuous disclosure adjacent to the box, identifying ReBillion as the seller and authorizing the use of automated systems where applicable. Consent is not a condition of purchase. We do not treat continued use of the product, or a passive reference to this policy, as marketing-SMS consent.
- Marketing email. Marketing email follows CAN-SPAM: accurate sender and subject lines, a clear opt-out in every message, and prompt processing of opt-outs.
5.4 STOP / HELP and how to opt out
You may opt out of our communications (whether direct marketing under Section 5.3, or on-behalf-of-Customer outreach under Section 5.2 to the extent we control it) at any time:
- Reply STOP, UNSUBSCRIBE, CANCEL, END, or QUIT to any SMS;
- Email privacy@rebillion.ai with “STOP” in the subject;
- Tell a ReBillion staff member on a call (a verbal “remove me” request is honored as an opt-out for voice calls);
- Submit a request through our privacy contact channels.
Consistent with FCC rules effective April 11, 2025, we honor opt-out requests received through any reasonable method and process them within ten (10) business days (we aim for real-time). When you opt out of marketing we apply the opt-out broadly across our marketing communications unless you tell us to narrow it. We may send a single confirmation message acknowledging your opt-out as permitted under 47 C.F.R. § 64.1200. Reply HELP for our company name, this policy URL, and a support contact.
Opting out of marketing does not stop transactional account messages tied to your account (password resets, billing notices, transaction-deadline reminders you’ve enabled, or messages on behalf of a Customer about a transaction you are a party to). If you are a recipient of on-behalf-of-Customer outreach under Section 5.2 and want to stop receiving communications about a specific transaction, tell the calling/texting party or email us at privacy@rebillion.ai and we will log that preference. To close a ReBillion account entirely, email support@rebillion.ai.
5.5 Future capabilities — AI-generated voice and mass messaging
ReBillion does not currently use AI-generated or AI-cloned voice technology to place outbound calls, and does not engage in mass marketing SMS campaigns. If we introduce either capability we will:
- (a) update this policy at least 30 days in advance, with a clear description of the new capability and how it will be used;
- (b) obtain renewed consent from any recipient where renewed consent is required (in particular, the TCPA-grade prior-express-written-consent required for marketing calls using AI-generated or pre-recorded voice); and
- (c) ensure compliance with the FCC’s February 8, 2024 Declaratory Ruling (FCC 24-17) confirming that calls using AI-generated voice are subject to the TCPA’s restrictions on artificial or pre-recorded voice, and with A2P 10DLC carrier policy and The Campaign Registry for any mass SMS we introduce.
This forward-looking position is not a promise to launch either capability; it tells you how we’ll handle them if and when we do.
5.6 What we don’t share
We do not sell or share recipient phone numbers, opt-in data, or consent records with third parties for their own marketing purposes. We share that data only with our service providers (e.g., the carrier and the SMS/voice provider) strictly to deliver and operate the messaging service. See Section 7.
6. Cookies, Analytics, and Tracking
We use cookies and similar technologies to operate the site, remember your preferences, measure traffic, and improve features. Categories:
- Strictly necessary (session, security, load balancing).
- Functional (preferences, language).
- Analytics (e.g., Google Analytics 4 and similar tools).
- Advertising / marketing (e.g., LinkedIn Insight Tag, Meta Pixel, Google Ads conversion). Marketing pages only — never the Customer dashboard.
Cookie banner. On the marketing pages we display a cookie consent banner at first visit with granular controls. You can manage choices at any time via the “Cookie Preferences” link in the marketing-site footer. The Customer dashboard does not load advertising trackers.
Your choices. You can also disable cookies in your browser. We treat Global Privacy Control (GPC) signals as a valid opt-out of “sale” and “sharing” under state law, whether or not you are logged in.
7. Sharing with Service Providers and Sub-Processors
We share personal information with service providers (“sub-processors”) who help us deliver the service, under written contracts that restrict their use of the data and require appropriate security. Notable sub-processor categories:
- SMS and outbound voice provider for the platform’s messaging features and for on-behalf-of-Customer outreach.
- Payment processor for billing and subscription management.
- Cloud-hosting provider for infrastructure, storage, and compute.
- AI model providers for large-language-model inference.
- Email service provider for our own transactional and marketing email.
- Analytics providers.
- Customer-support tools.
The current named sub-processor list lives at https://rebillion.ai/legal/sub-processors. We give reasonable advance notice of material changes to Customers under enterprise agreements.
We do not sell personal information for money. We do not “share” personal information for cross-context behavioral advertising as those terms are defined under CCPA/CPRA. In the 12 months preceding the effective date above, we have not sold or shared personal information for cross-context behavioral advertising.
We may also disclose information:
- To affiliates (entities under common control with us) for the purposes described in this policy;
- In connection with a merger, acquisition, financing, or sale of assets, subject to confidentiality;
- To comply with law, respond to lawful requests from public authorities (including for national-security or law-enforcement purposes), or to enforce our Terms;
- With your consent in any other case.
8. Data Retention
We keep personal information for as long as needed to provide the service and for the periods required by law or by contract with the Customer, plus a reasonable buffer for legal, accounting, and audit purposes.
| Category | Retention |
|---|---|
| Active account data | For the life of the account |
| Closed-account data | 90 days from closure, then deletion (subject to legal hold) |
| Transaction documents | Per the Customer’s contractual term; default 7 years to align with broker recordkeeping rules |
| Marketing leads (unconverted) | 24 months from last interaction |
| SMS / voice consent records | At least 5 years from last contact, in line with TCPA defense practice |
| Billing / tax records | As required by tax law (typically 7 years) |
| Security logs | 12 months hot, plus a cold-storage tail for incident investigation |
After the applicable period we delete or de-identify the data. A Customer may request earlier deletion of closed-account data subject to legal hold and contractual obligations.
9. Security
We protect personal information with administrative, technical, and physical safeguards appropriate to the sensitivity of the data, including:
- Encryption in transit (TLS 1.2+) and at rest (AES-256);
- Role-based access controls and least-privilege provisioning;
- Multi-factor authentication for staff and an MFA option for Customers;
- Audit logging of access to Customer Data;
- Network segmentation and secrets management;
- Regular vulnerability scanning and annual third-party penetration testing;
- Background checks on staff with access to production data;
- An incident-response plan with timelines aligned to state breach-notification laws.
Formal third-party security attestations (e.g., SOC 2) are [[CONFIRM WITH COUNSEL]].
If we determine that a security incident has affected Customer Data, we will notify the affected Customer without undue delay and in no event later than 72 hours after determination, consistent with our Data Processing Addendum.
No system is perfectly secure. If you suspect a security issue, email privacy@rebillion.ai.
10. Your Privacy Rights
10.1 Rights available to everyone
Subject to verification, you can ask us to:
- Access the personal information we hold about you;
- Correct inaccurate information;
- Delete information, subject to the standard exceptions in your state’s law (security, free-speech, internal lawful uses, completion of the transaction, compliance, and similar);
- Portability — receive your data in a structured, commonly used, machine-readable format (e.g., JSON or CSV);
- Withdraw consent at any time where consent is the basis (this does not affect prior processing).
10.2 U.S. state-specific rights
Many U.S. states grant privacy rights. The rights below apply if you reside in a covered state and the law’s thresholds apply to us. As of the effective date of this policy that may include residents of California, Colorado, Connecticut, Delaware, Florida (limited applicability), Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, Nevada (health-data sale opt-out under SB 220 / SB 370), New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, Virginia, and Washington (My Health My Data Act, partial). The list grows.
| Right | Available in (non-exhaustive) |
|---|---|
| Access / Know | All covered states |
| Delete | All covered states |
| Correct | CA, CO, CT, DE, MD, MN, MT, NH, NJ, OR, TN, TX, VA, and others |
| Portability | All covered states |
| Opt-out of sale / share | CA, CO, CT, DE, MT, NH, NJ, OR, TX, UT, VA, and others — we do not sell or share for cross-context behavioral advertising, but the right is available |
| Limit use of sensitive personal info | CA, CT, CO, OR, MD, and others |
| Opt-out of targeted advertising | CO, CT, DE, MT, NH, NJ, OR, TN, TX, VA, and others |
| Opt-out of profiling with legal or similarly significant effect | CO, CT, DE, MT, NH, NJ, OR, TX, VA, and others |
| Appeal a denied request | CO, CT, DE, FL, IA, MT, NH, NJ, OR, TN, TX, VA |
California (CCPA/CPRA) — additional disclosures. The CCPA’s earlier exemptions for B2B contact information and employee/HR data have expired. If you are a California resident — including as an employee, contractor, job applicant, agent, broker, transaction party, or B2B contact whose information passes through ReBillion — you have full CCPA/CPRA rights against us where we are the “business.” Where we act as a “service provider” to one of our Customers (for example, processing transaction documents on behalf of a brokerage), direct rights requests to that brokerage; we will assist them in fulfilling your request.
“Do Not Sell or Share My Personal Information.” We do not sell or share personal information for cross-context behavioral advertising. In the last 12 months we have not sold or shared personal information for cross-context behavioral advertising. The marketing-site footer carries a “Your Privacy Choices” link that opens our preference center and lets you confirm or change the related settings.
“Limit the Use of My Sensitive Personal Information.” The marketing-site footer carries a “Limit the Use of My Sensitive Personal Information” link. We do not use sensitive personal information beyond the purposes the CCPA permits without your consent, but the right is available and the link is provided.
Shine the Light (Cal. Civil Code § 1798.83). California residents who have an established business relationship with us may request information about the categories of personal information we have disclosed to third parties for those third parties’ direct-marketing purposes in the preceding calendar year, and the names and addresses of those third parties. We do not disclose personal information to third parties for their direct-marketing purposes; you may request confirmation by emailing privacy@rebillion.ai.
We do not run financial-incentive programs tied to personal-information collection, and we do not offer different prices or quality based on whether you exercise privacy rights.
10.3 How to exercise your rights
Submit a request:
- By webform at https://rebillion.ai/legal/privacy-request [[to be created]];
- By email to privacy@rebillion.ai;
- By mail to the address in Section 1.
We run a verifiable-consumer-request process: we will ask for the minimum information needed to confirm your identity and the relationship that gives you the right you are exercising. You may designate an authorized agent to act on your behalf; the agent should submit signed written authorization (or proof of a valid power of attorney), and we may ask you to verify your identity directly.
We will respond within the time your state’s law requires — generally 45 days, extendable by another 45 days where reasonably necessary, with notice.
If we deny your request, you may appeal by replying to our denial within the period your state’s law requires (typically 45 days). We will respond to appeals within 60 days.
10.4 GDPR / UK GDPR — limited applicability
ReBillion’s product and customer base are U.S.-focused. We do not actively market to or solicit data subjects in the EU/UK. If you are an EU/UK resident and have nonetheless given us personal information, GDPR rights apply where the law applies. Specific EU/UK applicability and the designation of an Article 27 representative are [[CONFIRM WITH COUNSEL]].
10.5 India (DPDPA)
Where personal data is processed by Garvik AI Pvt. Ltd. in India, India’s Digital Personal Data Protection Act, 2023 applies. The designated DPDPA officer and grievance-redress contact are [[CONFIRM WITH COUNSEL]].
11. AI Processing and Training
The platform uses third-party large-language-model providers (e.g., OpenAI, Anthropic) for inference. We have configured the following posture:
- No training of ReBillion models on Customer Data. We do not train any AI model we own or develop on Customer Data.
- No training by third-party providers on Customer Data. We do not transmit Customer Data to third-party model providers for the third party’s training. We rely on the providers’ zero-retention enterprise terms where in effect, which limit the provider’s use of the data to the immediate inference request.
- Inference-time use only. Third-party providers may process Customer Data at inference time solely to return a response for the immediate request.
- Customer-side AI features. The AI generates communications drafts and other content for the Customer’s review. Outputs may be inaccurate, incomplete, or fabricated. The Customer is responsible for reviewing Output before relying on it or sending it on the Customer’s behalf.
- Human-in-the-loop. Some plans include human assistance from ReBillion staff working alongside the AI. Where staff handle content on a Customer’s behalf, the same confidentiality and use restrictions apply as to AI processing.
12. Children’s Privacy
The service is built for real estate professionals — adults acting in a business capacity. It is not directed to children under 13. We do not knowingly collect personal information from children under 13. If we learn we have, we delete it. For California residents and others whose state laws require it, we do not knowingly sell or share the personal information of consumers we know to be under 16 without affirmative opt-in.
13. International Data Transfers
We process data primarily in the United States and India. Where personal information crosses borders, we rely on appropriate safeguards (e.g., Standard Contractual Clauses where required) and apply this policy consistently. India is not on the EU adequacy list; for any EU-origin data that reaches India, we rely on SCCs and an accompanying transfer-impact assessment.
14. Changes to This Policy
We may update this policy from time to time. For material changes we will notify you (by email or in-app banner) and update the “Last Updated” date above. Material changes that affect SMS or voice-call consent will be communicated, and we will obtain renewed consent where required. Continued use after the effective date counts as acceptance.
15. How to Contact Us
- General privacy questions: privacy@rebillion.ai
- Data-subject rights requests: webform at https://rebillion.ai/legal/privacy-request [[to be created]], or privacy@rebillion.ai
- Security issues: privacy@rebillion.ai
- Legal inquiries: legal@rebillion.ai
- General support: support@rebillion.ai
- Mailing address: Bengaluru, Karnataka, India