REDIBack to Home

Privacy Policy

Last updated: March 12, 2026

1. Who We Are

REDI International (“REDI”, “we”, “us”) operates the REDI Digital Ecosystem at redi.business. We are a non-governmental organization empowering Roma entrepreneurs across the Western Balkans. Our registered contact email is office@redi-ngo.eu.

2. What Data We Collect

When you use our platform, we may collect the following information:

Account data: name, email address, phone number, preferred language, and profile information you provide during registration (including data from Google or Facebook if you choose social login).

Learning data: course enrollments, lesson progress, quiz scores, certificates earned, and bankability score components.

Business data: business plans, uploaded documents (registration papers, financial records), and marketplace listings you create.

Usage data: pages visited, features used, device type, and browser information collected automatically for analytics and error tracking.

3. How We Use Your Data

We use your data to:

Provide and personalize the REDI platform services, calculate your bankability score, match you with mentors, generate AI-powered business tools (business plans, logos, competitor analysis), issue verifiable certificates, facilitate loan applications with microfinance partners, and communicate with you about your progress and opportunities.

We also use anonymized, aggregated data to measure program impact and report to our donors and partners. Individual data is never shared in these reports.

4. Data Sharing

We do not sell your personal data. We share data only in these limited circumstances:

With your consent: when you apply for a loan through our platform, we share your bankability profile and relevant documents with the specific MFI partner you select.

Service providers: we use Supabase (database and authentication), Vercel (hosting), Anthropic (AI features), Sentry (error monitoring), and Resend (transactional email). These providers process data on our behalf under data processing agreements.

Legal requirements: we may disclose data if required by law or to protect the safety of our users.

5. Data Storage and Security

Your data is stored on servers in the European Union (Supabase cloud infrastructure). We protect your data with encryption in transit (TLS), Row-Level Security policies in our database, HMAC-signed certificates, and strict access controls. Only authorized REDI staff can access personal data.

6. Your Rights

You have the right to:

Access your data — view and download your profile, business plans, and documents at any time through the platform.

Correct your data — update your profile information directly in your account settings.

Delete your data — request deletion of your account and all associated data by emailing office@redi-ngo.eu or by visiting our data deletion page.

Port your data — request a machine-readable export of your data.

Object to processing — opt out of non-essential data processing at any time.

7. Cookies

We use essential cookies for authentication and session management. We use Google Analytics for anonymized usage statistics. You can disable analytics cookies in your browser settings without affecting platform functionality.

8. Third-Party Login

If you sign in with Google or Facebook, we receive your name, email, and profile picture from those services. We do not post to your social media accounts or access your contacts. You can revoke our access at any time through your Google or Facebook account settings.

9. Children

Our platform is designed for entrepreneurs aged 18 and above. We do not knowingly collect data from anyone under 18.

10. Changes to This Policy

We may update this policy from time to time. We will notify registered users by email of any material changes. The “last updated” date at the top of this page reflects the most recent revision.

11. Contact

For any privacy-related questions, contact us at office@redi-ngo.eu.