Skip to content

Last updated: June 9, 2026.

1. Who we are

Rillor ("we," "us," "our") is a Delaware C-Corporation that operates rillor.com and provides a forward-market platform for AI GPU system contracts. We are the data controller for the personal information described in this policy. You can reach us about privacy at privacy@rillor.com or about anything else at contact@rillor.com.

2. Information you give us

We collect information you provide directly when you contact us, request access to the platform, subscribe to our newsletter, or apply to become a partner. This includes your name, email address, company affiliation, role, and any message you choose to send us.

3. Information we collect automatically (first-party analytics)

We run our own analytics on our own infrastructure rather than handing your activity to a third-party advertising network. When you use the Site we collect, on a first-party basis: your IP address, an approximate location derived from that IP address (country, region, and city), your device and browser type, the pages you view, clicks and the elements you interact with, scroll depth, time spent on a page, the referring URL, and any UTM or campaign parameters in the link you arrived from. We use this to understand how the Site is used, to measure interest from prospective partners, to keep the platform secure, and to improve it.

Our legal basis for this essential, first-party analytics is our legitimate interest in operating, securing, and improving the Site. Where consent is required (see Section 6), we ask for it before any non-essential processing.

4. Cookies and similar identifiers

We set a small number of first-party cookies. We do not use third-party advertising cookies.

  • rl_vid. A randomly generated visitor identifier that lets us recognize a returning browser. Retained for roughly twelve months.
  • rl_sid. A randomly generated session identifier that groups activity within a single visit. Expires after thirty minutes of inactivity.
  • rl_consent. Records your consent choice so we can honor it on later visits.

These identifiers are pseudonymous on their own. They are not your name or email, though they can be associated with you if you also identify yourself to us or through the enhanced identification described in Section 7.

5. How we use information

We use the information you provide to respond to your inquiry, evaluate partner applications, send the newsletter you have opted into, send transactional emails related to your account or application, secure our platform against abuse, and improve the site. We send marketing communications only after explicit opt-in, and you can withdraw consent at any time. We use first-party analytics for the purposes described in Section 3.

6. Consent and Global Privacy Control

If you visit from the EU, the UK, or the EEA, we ask you to opt in before we carry out any non-essential processing, including non-essential analytics and the features described in Sections 7 and 8. We honor the Global Privacy Control (GPC) signal: if your browser sends GPC, we treat it as a valid request to opt out of the sale or sharing of personal information and as a do-not-track preference for non-essential processing.

7. Enhanced visitor identification (United States only)

For business-to-business sales, we may use third-party business-identification and enrichment providers to associate a visit with the company it likely originates from and, where available, a relevant business contact at that company. This is a business-context process: it is intended to tell us which organizations are evaluating Rillor, not to build a profile of you as a consumer.

This processing applies only to visitors in the United States. To do it, we share a pseudonymous identifier and limited technical signals (such as IP address and the pages viewed) with these providers, and they return business-context information to us. Because this can constitute "sharing" of personal information under California law, you have the right to opt out, and we honor the Global Privacy Control signal as such an opt-out. You may also opt out at any time by emailing privacy@rillor.com. We do not sell your personal information for money.

8. Session replay (United States, with consent)

For product and user-experience diagnostics, we may record a pseudonymized playback of how pages were used during a visit, such as cursor movement, clicks, and scrolling. Where this feature is enabled, it applies only to visitors in the United States and only where consent has been granted. We mask form fields and keystrokes so that what you type, including anything you enter into a form, is not captured. Replays are kept for a short period (see Section 9) and used only to diagnose and improve the Site.

9. Retention

We retain personal information only as long as needed for the purposes described above, after which we delete or anonymize it. Analytics events are retained for approximately thirteen months. Session replays are retained for approximately thirty days. Identified-visitor records are retained as long as needed for sales follow-up and relationship management. Newsletter records persist until you unsubscribe; partner applications persist for as long as needed to evaluate or service them.

10. Sharing

We do not sell your personal information for money. We share information in the following limited ways: with the service providers we use to operate the platform, including our email provider (AWS SES) and our hosting infrastructure, which process information solely on our behalf under contractual restrictions; and, as described in Section 7, with business-identification and enrichment providers, which under California law may be treated as "sharing" of personal information. You can opt out of that sharing as described in Sections 6 and 7. We may also disclose information where required by law or to protect our rights, users, or the public.

11. Legal bases (for users in the EU and UK)

Where the GDPR applies, we process personal data under one of: your consent (newsletter subscription, and any non-essential processing including the features in Sections 7 and 8), the performance of a contract (responding to partner applications), our legitimate interests (essential first-party analytics and securing our platform), or a legal obligation.

12. California notice (CCPA/CPRA)

This section, together with the rest of this policy, serves as our notice at collection for California residents. We collect the categories of personal information described in Sections 2, 3, and 4, for the purposes described in Section 5, and we retain it for the periods described in Section 9. As described in Sections 7 and 10, we may share personal information with business-identification providers, which can constitute "sharing" under the CCPA as amended by the CPRA. We do not sell personal information for money, and we do not knowingly share or sell the personal information of anyone under sixteen. California residents have the right to know, access, correct, and delete their personal information, the right to opt out of the sale or sharing of personal information, and the right not to be discriminated against for exercising these rights. To exercise the right to opt out, send GPC from your browser, or email privacy@rillor.com.

13. Your rights

Depending on your jurisdiction, you may have rights to access, correct, delete, or port your personal information, to object to or restrict certain processing, and to opt out of the sale or sharing of personal information. Email privacy@rillor.com to exercise these rights, and we will respond as required by applicable law.

14. Security

We use industry-standard practices to protect personal information, including encryption in transit, encrypted storage of secrets, and access controls. No method of transmission or storage is perfectly secure, however.

15. International transfers

We operate in the United States. If you contact us or use the Site from another country, your information will be transferred to and processed in the United States.

16. Children

Rillor is a business-to-business platform that is not directed at children under sixteen, and we do not knowingly collect, sell, or share personal information from them.

17. Changes

We may update this policy from time to time. The "last updated" date above will reflect any change.

18. Contact

Questions about this policy or our handling of personal information: privacy@rillor.com.