Reco Privacy Policy

Download

RECO PRIVACY POLICY

RECOLABS LTD.

1. Introduction

This Privacy Policy (the "Policy") forms an integral part of our Terms of Service and describes our practices regarding the collection, use and disclosure of the information we collect from and relating to you when you use our Website, our services, or the Reco Browser Guard Chrome extension. We take our obligations regarding your privacy and personal data seriously and have prepared this Policy in a manner that is clear and easy for you to understand.

Unless specifically stated otherwise in this Policy, all capitalized terms shall have the meaning ascribed to them in the Terms of Use.

This Policy applies to all our services, features and functionality offered to you, as well with respect to any electronic communications exchanged between you and the Website or otherwise provided by you to us.

We will not collect or use personal data for purposes other than those described in this Policy, our Terms of Use, and/or in any other legal instrument in effect between us. You can decline to submit personal data, in which case we may not be able to provide you with part or all of the services.

Unless stated otherwise in this Privacy Policy, we will not share, sell, auction off or give away your personal data to any third-party or other organization without first obtaining your prior written consent.

2. How and What Data We Collect

  1. Information you give us. You may give us information about you, including personal data, when you register and/or use our Websites or by corresponding with us by phone or e-mail. You may also provide such information when you subscribe to our Websites or services; when you report a problem with our Websites or services; and as a candidate applying via the site, by uploading your CV.

    The information you give us may include your name, address, e-mail address, phone number, company name, industry, website URL and other personal information.
  1. Information we collect about you. When you visit or use our Website, we may automatically receive and record information from your mobile device and browser, including your cookie information, your country, regional and language settings, device model, operating system, mobile carrier and software and hardware attributes.

    In addition, we may automatically collect and store the following information for statistical purposes ("Log Data"): technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform; information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our Websites (including date and time); page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs) and methods used to browse away from the Websites.
  1. Information we receive from other sources. We may receive information about you if you use any other websites we operate or the other services we provide, if any. We are also working closely with third parties (including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, lead generation agencies) and may receive information about you from them.
  1. Cookies. We use cookies on the Websites. We use them for the following main purposes:
    • to associate each of the pages that you visit on our Websites with each other and thereby allows us to present the correct information to you;
    • to keep you signed in to our Websites and ensures the content you are viewing is secure;
    • to maintain your personal preferences.
  1. Google Workspace API. The use of raw or derived user data received from Workspace APIs will adhere to the Google User Data Policy, including the Limited Use requirements.

3. Reco Browser Guard — Chrome Extension

Reco Browser Guard is an enterprise security tool deployed by an organization (the "Customer") to managed browsers. For data collected by the Extension, the Customer is the data controller and Reco is the data processor under the Customer's services agreement. End users with questions should contact their IT or security team.

What the Extension collects. The Extension collects authentication and session signals (login events, active sessions, account identifiers), SSO redirect events, AI prompt metadata (hashed — not the prompt text), device fingerprint data, and a list of installed browser extensions. This data is used solely to provide the Customer's security monitoring service.

What the Extension does not collect. The Extension does not collect page content, screenshots, cookie values, keystrokes outside login forms, AI prompt text or responses, or general browsing history.

Transmission. All data is transmitted securely over HTTPS to the Customer's Reco tenant. The Extension contacts no third-party services.

Limited Use. The use of information received from Google APIs will adhere to the Chrome Web Store User Data Policy, including the Limited Use requirements.

4. Why Do We Collect Personal Data?

Under the data protection laws applicable, we must have a legal basis to process your personal data. By using the Website, your consent to collect and process your personal data is provided.

The data we collect and process is used to the following purposes:

  • Provide our Website and services and guarantee their use and improvement;
  • Provide updates, technical troubleshooting, understanding and analyzing trends in connection with usage of the Website, and administering the Website and the services;
  • Make statistics on your use of the Website.
  • Communicate with you, notably when you contact us by any means whatsoever.

5. How We Share Personal Data

We do not sell or disseminate personal data to third parties for marketing purposes without your consent.

However, we may share in the future personal data with service providers for our operational purposes to enable the provisions of our services and with other service providers who provide crucial functions such as: customer support platforms, hosting service providers, payment processors, analytics partners, third party account providers, security and/or social media services.

We may also share personal data to comply with applicable laws and regulations or to respond to a lawful request for information we receive.

6. Data Retention

Recolabs may retain your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. We may retain your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and process your inquiries, respond to your requests and improve our Websites and/or services we provide.

7. Transfer of Data Outside Your Territory

We may store and process information in various locations throughout the globe, including through cloud services. The laws in those other countries may provide a lesser degree of data protection than the laws of your own country. You agree to the transfer of your information to such other countries for the purpose of the processing as described in this Policy, including through cloud services.

8. Information Security

We implement measures to reduce the risks of damage, loss of information and unauthorized access or use of information. These measures do not provide absolute information security. Therefore, it is not guaranteed, and you cannot expect, that the Service will be immune to information security risks.

9. Your Privacy Rights

You have certain rights in connection with your personal data and the manner by which we handle it. Some of these rights may be subject to certain exceptions or limitations in accordance with applicable law. The following is a non-exhaustive list of certain privacy rights you may exercise:

  • Right to access your information. At any time, you may contact the Company as provided below, and request to access the personal data we hold about you.
  • Correcting your information. We may need to ask you to provide certain information to make sure you are who you claim to be. If you find the information on your account is not accurate, complete or updated, please provide us with the necessary information in order to correct it.
  • Deleting or restricting access to your personal data. You may request to delete or restrict access to your personal data. We may postpone or deny your request if your personal data is in current use for providing services or for other legitimate purposes, in which case we will let you know if we are unable to do so and why.
  • Opt-out of cookies and other similar technologies. Your browser or device can allow you to opt-out of data collection through cookies or similar technologies. Please note that your experience using our website or the services might be degraded or certain functionalities may not work, if you opt-out to such collection.

If you have any concerns about the way we process your Personal Data, you are welcome to write to us at privacy@reco.ai. We will look into your request and make good faith efforts to resolve any concern you may have.

10. Changes to This Privacy Policy

This Policy may be amended at any time and from time to time, consistent with the requirements of applicable data protection laws. It is our policy to publish any changes and amendments to our Policy at our Website. Changes to this Policy shall become binding and effective when they are published at our Website.

11. Contact Us

If you have questions or concerns regarding this Privacy Policy, please contact us at: privacy@reco.ai

Last updated on May, 2026

Reco is the only platform that brings agent security, identity governance, and threat detection together in one place. The result: you move just as fast as AI.

Every day, your business deploys more agents, integrations, and non-human identities. Most of them operate invisibly. Reco makes them visible, maps what they can access, and tells you when they deviate from policy, before they become a liability.
Request a demo
Chat with us
Chat with us
Memberships
Accreditations
AICPA for RecoAICPA for RecoReco - ISO 27001Reco - ISO 27001Reco - ISO 27001
Platform
Posture ManagementApp Discovery & GovernanceIdentity & Access GovernanceThreat Detection & ResponseData Exposure ManagementShadow App DiscoveryGenerative AI DiscoveryAgentic AI SecurityReco AI AgentsAI Governance and SecuritySaaS App Factory™
Use Cases
Shadow SaaS DetectionSaaS Ticketing WorkflowUnsanctioned Apps ControlSaaS OffboardingCustom Policy StudioShadow AI DiscoveryIdentity Governance ComplianceAI-Powered SaaS Security Insights
Integrations By App
All Supported ApplicationsSalesforceMicrosoft 365Google WorkspaceServiceNowWorkday
ServiceNow
soon
SlackOktaVeevaSentinelOne
Resources
BlogLearnIT HubCustomer StoriesWebinarsCompareSSPM ReportCISO GuideFinancial GuideHealthcare GuideSalesforce GuideMicrosoft GuideAI Security GuideShadow AI GuideState of SaaS Security ReportThe State of Shadow AI ReportResource Center
Company
About Reco
Careers
Hiring
NewsroomBrand GuidelinesPartnersTrust CenterContact Us
Top Content
SaaS SecurityWhat is SSPMCISO Hub
Use Cases
Detect Shadow SaaSSaaS Ticketing WorkflowUnsanctioned Apps ControlSaaS OffboardingCustom Policy StudioShadow AI DiscoveryEnsure Identity Governance ComplianceAI Powered SaaS Security Insights
Memberships
Accreditations
AICPA for RecoAICPA for RecoReco - ISO 27001Reco - ISO 27001Reco - ISO 27001
TermsPrivacy
© 2026 Reco. All Rights Reserved.