Privacy Policy

Effective date: January 1, 2026 Last updated: January 1, 2026

This Privacy Policy explains how Red Queen Logic, LLC (“RQL,” “we,” “us,” or “our”) collects, uses, and protects information in connection with Regent (the “Service”), including the personal artificial-intelligence appliance installed in your home, the web application, the mobile applications, and our website at https://redqueenlogic.com (collectively, the “Service”).

We have designed Regent around a simple principle: your personal data lives on your device, not on our servers. This policy describes what that means in practice, the limited information we do collect to operate the Service, and your rights with respect to that information.

Plain-language summary. Regent is a personal AI system that runs on a server-class computer installed in your home. The substantive content you share with Regent — your conversations, files, email, calendar, contacts, health and financial information, and the embeddings and indexes derived from them — is stored on your device in encrypted form and is not transmitted to RQL. We collect only a narrow set of operational signals needed to keep the Service running, plus account information you provide directly (such as your email address for billing and support). We have engineered the Service so that we have no ambient or remote administrative access to your device.

1. Scope

This Privacy Policy applies to:

  • the Regent appliance (the on-premise server you purchase or lease and install in your home);

  • the Regent web and mobile applications, which are clients for the appliance;

  • our website at https://redqueenlogic.com; and

  • our customer support and account-management interactions with you.

It does not apply to third-party services you choose to connect to Regent (for example, your Microsoft 365, Google, or social-media accounts). Those services are governed by their own privacy policies. Section 7 below explains how Regent interacts with them.

2. Information you store on your device

Regent is designed so that the substantive content of your interactions with it — and any third-party data you authorize it to retrieve on your behalf — is stored locally on your appliance. This includes, depending on how you configure and use the Service:

  • conversations, prompts, and the responses generated by the Service;

  • files you upload or that the Service generates;

  • email, calendar, and contact data retrieved from connected third-party accounts;

  • health, financial, legal, and other personal information you choose to share with the Service; and

  • the vector embeddings, indexes, chat history, and audit logs the Service maintains to function (collectively, “On-Device Data”).

We do not have access to your On-Device Data. On-Device Data is stored within an encrypted volume on your appliance, protected by a key derived from your passphrase and sealed to your appliance’s trusted-platform module (TPM). We do not hold a copy of your passphrase, we do not hold a recovery key, and we have no remote administrative path that allows us to read this volume. If you lose your passphrase and your appliance’s recovery material, On-Device Data may be permanently unrecoverable.

You are the controller of your On-Device Data. You decide what to put in it, what to delete, what to export, and which third-party services to connect.

3. Information we do collect

We collect a limited set of information directly, both to run the Service and to support you. These categories are described below.

3.1 Account information

When you register for the Service, purchase an appliance, or contact us, we collect the information you provide, including:

  • your name;

  • your email address;

  • your billing address and payment information (processed by our payment processor; we do not store full payment-card numbers); and

  • the serial number or device identifier of your appliance.

We use this information to administer your account, fulfill orders, communicate with you about the Service, and provide customer support.

3.2 Operational telemetry from your appliance

Your appliance sends us a narrow set of operational signals so that we can keep the Service running and meet our security and reliability obligations. By default, these signals are limited to:

  • a periodic heartbeat indicating that your appliance is online;

  • the installed software version and the outcome of software-update installations (success, failure, rollback);

  • coarse health metrics (e.g., disk-space pressure, thermal events) sufficient to flag a failing device;

  • aggregate counts of error classes (e.g., “inference-engine errors: 3”) without the underlying content; and

  • canary-cohort failure indicators we use to detect bad releases before they ship broadly.

These signals are designed not to contain On-Device Data or other regulated content. We refer to them in this policy as “Operational Telemetry.”

3.3 Opt-in diagnostic information

If you ask us for help diagnosing a problem, you may choose to share additional information with us:

  • Redacted diagnostic logs. Your appliance maintains a “redacted support log” that records metadata about system events (timestamps, component names, error classes, durations, coarse task categories from a fixed taxonomy) with content fields scrubbed by an on-device classifier before the log is written. You can choose to export and send us this log, per export, with explicit consent. Each export is recorded in your appliance’s local audit log.

  • Support sessions. You may initiate a time-limited support session in which an RQL support representative can run a fixed catalog of read-only diagnostic commands against your appliance. You can optionally and revocably enable view-only screen sharing during a support session. You may end the session at any time. The session has a hard time limit and auto-terminates when you stop interacting. Support representatives cannot take remote control of your appliance, cannot read the contents of your encrypted data volume, cannot install software, and cannot disable the audit logs that record their activity. A session recording, if you enabled screen sharing, is stored only on your appliance and is not sent to us.

We do not collect any of this information unless you initiate it.

3.4 Website information

When you visit our website at https://redqueenlogic.com, we and our service providers may collect standard server log data (IP address, browser type, referring page, pages visited) and may use a limited number of cookies and similar technologies for site functionality and analytics. Our cookie banner and cookie settings, where applicable, describe these in more detail and allow you to manage your choices.

3.5 Information from third parties

We may receive information from:

  • payment processors (transaction status, fraud signals);

  • shipping carriers (delivery status of your appliance);

  • our authentication providers (for sign-in to your account); and

  • service providers we use to deliver email, support ticketing, and similar functions.

We do not buy personal information from data brokers, and we do not enrich your account with information from third-party advertising or marketing data sources.

4. How we use information

We use the information described in Section 3 to:

  • provide, maintain, secure, and improve the Service;

  • deliver software updates and security patches to your appliance;

  • detect and respond to security incidents, fraud, and abuse;

  • respond to your support requests and to questions you send us;

  • send you transactional communications (order confirmations, billing notices, security advisories, material changes to this policy, and similar) and, where permitted and with appropriate choice, occasional product communications;

  • comply with our legal obligations and enforce our agreements; and

  • conduct internal analytics, planning, and product development on the basis of Operational Telemetry and other information that does not include On-Device Data.

We do not use On-Device Data to train our or any third party’s machine-learning models. We do not have access to On-Device Data and therefore could not do so.

We do not sell your personal information, and we do not “share” your personal information for cross-context behavioral advertising, as those terms are defined under the California Consumer Privacy Act (“CCPA”) as amended by the California Privacy Rights Act (“CPRA”).

5. How we store and protect information

5.1 On-Device Data

On-Device Data is stored on your appliance in an encrypted volume using full-volume encryption (LUKS2). The volume’s key is wrapped with a key derived from your passphrase and sealed by your appliance’s TPM, which means a tampered boot chain refuses to unseal the key and a stolen disk cannot be read on another machine. Step-up authentication is required to unlock the volume for a session, and the volume auto-relocks after a configurable idle period.

Outbound transmission of On-Device Data to any external service is gated by an on-device security review and an explicit user approval step before any data leaves your appliance. The components of the appliance that perform transmission to external services hold no persistent copy of your data and have no path to query the encrypted volume.

5.2 Information we hold

Information we collect under Section 3 (account information, Operational Telemetry, opt-in diagnostic data, website data, and information received from third parties) is stored on infrastructure we operate or that is operated for us by reputable service providers under contractual confidentiality and security obligations. We use encryption in transit (TLS) for all such data and encryption at rest for our production data stores. We maintain administrative, technical, and physical safeguards intended to protect this information consistent with industry practice.

5.3 Security posture

We have designed the Service to align with the requirements of the HIPAA Security Rule as a baseline security posture across all data categories handled on your appliance, even where Regent is not formally a HIPAA-covered entity or business associate. We also maintain practices intended to align with SOC 2 Common Criteria for the vendor-operated components of the Service (update pipeline, support tooling, cloud infrastructure). These commitments describe the design of the Service. No security program is perfect, and we cannot and do not guarantee that the Service will be uncompromised, error-free, or available without interruption.

6. Retention

  • On-Device Data: retained on your appliance under your control, for as long as you choose. You can delete individual items or wipe the appliance at any time using the provided controls.

  • Account information: retained for the duration of your relationship with us and for a reasonable period afterward to support tax, accounting, dispute-resolution, and legal-defense needs.

  • Operational Telemetry: retained for the period required to operate, secure, and improve the Service, typically no longer than 24 months in identifiable form.

  • Opt-in diagnostic information: retained only as long as needed to address the support matter and then deleted from our systems on a regular schedule, typically within 90 days.

  • Website logs and analytics: retained for short operational periods, typically no longer than 13 months.

  • Audit logs of our own systems: retained as required by applicable law and our internal security and compliance program.

We may retain information for longer where required to comply with legal obligations, resolve disputes, or enforce agreements.

7. Third-party services you connect to Regent

Regent can be configured to connect to third-party services on your behalf, including:

  • email, calendar, and contact providers (such as Microsoft 365 and Google Workspace);

  • file-storage providers;

  • communication and social-media services; and

  • other application programming interfaces (APIs) you choose to authorize.

When you authorize a connection, your appliance — not RQL — performs the authentication (typically via OAuth) and stores the resulting credentials in an isolated, encrypted credential store on your appliance. Data retrieved from the third-party service is delivered directly to your appliance and stored within your On-Device Data. RQL does not receive a copy of the data, does not see the OAuth tokens, and does not store the third-party credentials on our infrastructure.

When you ask Regent to send data to a third-party service (for example, to send an email or post a message), the proposed payload is reviewed on your appliance — including a content classification and risk summary — and presented to you for explicit approval before transmission. Approved payloads are routed by stateless transmission components on the appliance to the destination service. These components are not used to compose new content and do not retain payload contents after transmission.

You may revoke a third-party connection at any time through the Regent settings or directly through the third-party service’s controls.

8. Disclosures of information

We disclose information only in the following circumstances:

  • Service providers. We share account, billing, telemetry, and support information with vendors who help us run the Service (payment processing, shipping, email delivery, customer-support tooling, cloud infrastructure, security monitoring). These providers are contractually limited to using the information to provide services to us.

  • Legal process and safety. We may disclose information when we believe in good faith that disclosure is required by law, court order, or other legal process; when necessary to protect the rights, property, or safety of RQL, our users, or others; or to investigate suspected violations of our terms.

  • Corporate transactions. If we are involved in a merger, acquisition, financing, reorganization, or sale of assets, information may be transferred as part of that transaction, subject to standard confidentiality protections and (where required) notice to you.

  • With your direction. We disclose information when you direct us to do so or expressly consent.

We do not sell personal information, and we do not share personal information for cross-context behavioral advertising.

9. Your rights

9.1 Controls available to all users

Through the Regent interface, you can:

  • view, export, and delete On-Device Data;

  • review and revoke third-party connections;

  • review your appliance’s local audit log;

  • start and end remote support sessions and review the record of any sessions that occurred;

  • adjust telemetry and diagnostic-log preferences within the limits described in Section 3; and

  • decommission your appliance, which destroys the on-device encryption keys.

You can also exercise the following rights with respect to information we hold (as opposed to On-Device Data, which you control directly):

  • Access: request a copy of personal information we hold about you.

  • Correction: request that we correct inaccurate information.

  • Deletion: request that we delete personal information we hold about you, subject to legal retention obligations.

  • Opt out of marketing: unsubscribe from non-transactional emails using the link in the message or by contacting us.

To submit a request, contact us using the details in Section 13.

9.2 California residents (CCPA / CPRA)

If you are a California resident, you have the following rights under the CCPA, as amended by the CPRA, with respect to personal information we hold:

  • the right to know what personal information we collect, the sources from which we collect it, the purposes for which it is used, and the categories of third parties with whom it is shared;

  • the right to access and obtain a copy of personal information we hold about you;

  • the right to correct inaccurate personal information;

  • the right to request deletion of personal information, subject to legal exceptions;

  • the right to opt out of the sale or sharing of personal information (we do not sell or share personal information, as those terms are defined under the CCPA/CPRA);

  • the right to limit the use and disclosure of sensitive personal information beyond what is necessary to provide the Service (we use sensitive personal information only for purposes permitted by the CCPA without an additional limitation right being triggered, but you may submit a limitation request and we will honor it to the extent applicable); and

  • the right not to be subjected to discrimination for exercising any of these rights.

You may submit a request by emailing info@redqueenlogic.com. We will verify your request using information we already hold (for example, your account email). You may designate an authorized agent to submit a request on your behalf; we will request reasonable proof of the agent’s authority and may require you to verify your own identity directly.

9.3 Other state privacy rights

If you reside in a U.S. state that has enacted a comprehensive consumer-privacy statute (including Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Montana, and others), you may have rights similar to those described above. Contact us at info@redqueenlogic.com to exercise applicable rights.

10. Children

The Service is not directed to children under the age of 18 and is not intended for use by anyone under 18. We do not knowingly collect personal information from individuals under 18. If you believe a minor has provided us with personal information, please contact us at info@redqueenlogic.com and we will take steps to delete it.

11. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. When we make a material change, we will update the “Last updated” date at the top of the policy and provide notice through the Service or by email before the change takes effect. Your continued use of the Service after a change takes effect constitutes acceptance of the updated policy.

12. Notice of security incidents

If we determine that an incident affecting information we hold about you triggers an obligation to notify you under applicable law (or where we otherwise determine notice is appropriate), we will notify you in accordance with that obligation, including through the in-product security-advisory channel, by email, or by other reasonable means.

13. Contact us

Questions about this Privacy Policy, requests to exercise your rights, or other privacy-related inquiries should be directed to:

Red Queen Logic, LLC
Attention: Privacy
34306 DonnaVista Pl, Eustis, FL 32736
Email: info@redqueenlogic.com

This Privacy Policy describes the design and operation of Regent as of the effective date above. It is provided for informational purposes and is not a substitute for legal advice. If a specific term in this policy conflicts with a separate written agreement between you and RQL, the separate written agreement controls to the extent of the conflict.

© Red Queen Logic, LLC. All rights reserved.

Terms of Service ›