RuslRusl

Privacy Policy

Last updated: June 8, 2026

This Privacy Policy explains how Rusl, Inc. ("Rusl", "we", "us", and "our") collects, uses, shares, and protects personal information when you access or use Rusl, including our websites, hosted services, APIs, CLI tools, MCP integrations, schema publishing and storage features, annotation systems, agent features, paid plans, marketplace or commercial features, and related products and services (collectively, the "Service").

This Privacy Policy works together with the Rusl Terms of Service. The Terms govern contractual rights in Content, including public schemas, private schemas, annotations, Usage Data, AI/ML use, public-content durability, agents, and platform operation. This Privacy Policy focuses on personal information.

If you use Rusl on behalf of an organization, your organization may also control or administer some information associated with your Account.

1. Summary

Rusl is a developer platform for public and private schemas, annotations, agents, and reusable data contracts. Because of that, Rusl processes several kinds of information:

  • Account information like name, email, login credentials, organization membership, and settings.
  • Public Content like public schemas, annotations, comments, names, metadata, profiles, and public activity.
  • Private Content like private schemas, annotations, organization materials, and related metadata.
  • Usage Data like API/CLI/MCP requests, logs, telemetry, storage, bandwidth, dependency graph activity, feature usage, validation outcomes, errors, abuse signals, and billing metrics.
  • Payment and commercial information if you buy paid services or participate in commercial features.
  • Communications like support, legal, security, privacy, and product messages.

At a high level:

  • Public Content is intended to be public and may be indexed, displayed, distributed, analyzed, and used to improve Rusl, including Rusl-related AI/ML features, as described in the Terms.
  • Private Content is controlled by the owning Account or organization. Rusl does not use the substantive contents of Private Content to train general AI/ML models by default unless the controlling Account opts into a feature, plan, or agreement that permits it.
  • Usage Data may be used to operate, secure, bill, analyze, and improve the Service.
  • Rusl may use third-party providers for hosting, payments, analytics, email, security, support, AI/ML features, infrastructure, and other business operations.

2. Information We Collect

2.1 Account Information

We may collect information you provide when creating or managing an Account, such as:

  • name;
  • email address;
  • username or Account Name;
  • organization name and membership;
  • authentication details;
  • profile information;
  • avatar, logo, or other account visuals;
  • settings and preferences;
  • billing contact information;
  • verification or administrative information; and
  • other information you choose to provide or that is reasonably necessary to create, secure, and operate your Account.

2.2 Content You Provide

Rusl may collect and process Content you submit, publish, store, annotate, propose, generate, or make available through the Service, including:

  • schemas;
  • schema versions;
  • bundles;
  • annotations;
  • proposals;
  • comments;
  • documentation;
  • examples;
  • metadata;
  • account profiles;
  • marketplace or commercial materials;
  • prompts, instructions, generated artifacts, or configuration submitted to Rusl features; and
  • other materials you provide through the Service.

Content may be public or private depending on your settings and product behavior.

2.3 Usage Data and Logs

We may collect Usage Data and technical information when you use Rusl, including:

  • IP address;
  • browser, device, and operating system information;
  • pages, screens, and features used;
  • API, CLI, MCP, agent, and integration requests;
  • request timestamps, routes, headers, response codes, errors, and latency;
  • storage, bandwidth, install, download, dependency, validation, and indexing activity;
  • authentication events;
  • billing metrics;
  • security, fraud, abuse, rate-limit, and reliability signals;
  • diagnostic logs;
  • approximate location derived from IP address; and
  • referral and campaign information.

2.4 Cookies and Similar Technologies

Rusl may use cookies, local storage, pixels, SDKs, and similar technologies to:

  • keep you signed in;
  • remember preferences;
  • secure the Service;
  • understand product usage;
  • measure performance;
  • improve features;
  • prevent abuse; and
  • support analytics or marketing.

Where required by law, Rusl will provide notices or controls for optional analytics or advertising cookies.

2.5 Payment and Transaction Information

If you purchase paid services or participate in commercial features, Rusl or its payment processors may collect:

  • billing name and contact details;
  • payment method details;
  • transaction history;
  • invoices;
  • tax information;
  • subscription, plan, usage, and renewal information;
  • payout or marketplace information, where applicable; and
  • fraud, risk, and compliance signals.

Rusl uses third-party payment processors and does not store full payment card numbers directly.

2.6 Communications

We may collect information when you contact Rusl, including:

  • support requests;
  • security reports;
  • legal notices;
  • privacy requests;
  • feedback;
  • survey responses;
  • sales or partnership communications;
  • bug reports; and
  • messages through email, forms, chat, issue trackers, or other channels.

2.7 Information From Third Parties

Rusl may receive information from third parties, such as:

  • authentication or identity providers;
  • Git providers;
  • payment processors;
  • analytics providers;
  • hosting and infrastructure providers;
  • security, fraud, and abuse-prevention providers;
  • AI/ML or model providers used by Rusl features;
  • MCP servers, tools, APIs, or integrations you connect;
  • marketplace or commercial partners;
  • public sources; and
  • other users or organizations that invite you, mention you, assign you, add you to teams, or interact with your Content.

2.8 Bot Detection and Abuse Prevention (Cloudflare Turnstile)

Rusl uses Cloudflare Turnstile, provided by Cloudflare, Inc., to protect the Service — including sign-up, sign-in, and other forms and endpoints — from bots, automated abuse, and fraudulent activity. We use Turnstile in invisible (non-interactive) mode, which generally runs in the background without requiring you to solve a challenge.

To distinguish humans from automated traffic, Turnstile processes client-side signals such as your IP address, TLS fingerprint, User-Agent header, and the Turnstile sitekey and its associated origin. Cloudflare processes this information solely to detect and block bots and states that it cannot directly identify individuals from these signals.

Cloudflare's processing of this information is governed by the Cloudflare Turnstile Privacy Addendum and the Cloudflare Privacy Policy.

3. Public Content

If you make Content public on Rusl, it may be visible to anyone and may be copied, indexed, cached, downloaded, forked, annotated, proposed against, ranked, displayed, distributed, searched, archived, referenced, and used by others according to the applicable license, access model, Terms, and product behavior.

Public Content may include personal information if you choose to include it. Do not publish personal information, secrets, credentials, confidential information, or regulated data unless you intend for it to be public and have the right to publish it.

Rusl may use Public Content and related Usage Data to operate, secure, analyze, improve, promote, and develop the Service, including Rusl-related search, discovery, recommendations, trust signals, compatibility analysis, annotation systems, agent assistance, and AI/ML features, as described in the Terms.

Public Content may persist after deletion, Account closure, rename, suspension, or transfer where necessary or useful for public-contract stability, licenses, dependency integrity, forks, caches, version history, legal compliance, security, dispute resolution, abuse prevention, or ecosystem trust.

4. Private Content

Private Content is controlled by the Account or organization that owns or administers it.

Rusl may process Private Content to:

  • provide the Service;
  • authenticate and authorize access;
  • store, retrieve, display, validate, and transmit private schemas and related materials;
  • support collaboration within authorized Accounts or organizations;
  • operate APIs, CLI tools, MCP integrations, agents, and connected features;
  • debug, maintain, and improve reliability for the authorized Account;
  • provide support when requested;
  • protect security and prevent abuse;
  • comply with law or legal process;
  • enforce the Terms; and
  • perform other processing authorized by the controlling Account or applicable Additional Terms.

Rusl will not use the substantive contents of Private Content to train general AI/ML models by default unless the controlling Account opts into a feature, plan, or agreement that permits that processing.

Rusl may use Usage Data related to Private Content to operate, secure, bill, analyze, and improve the Service, including aggregate, de-identified, statistical, performance, compatibility, dependency, validation, and abuse/security signals.

5. How We Use Information

Rusl may use information to:

  • provide, operate, maintain, and improve the Service;
  • create and manage Accounts;
  • authenticate users, agents, API clients, MCP clients, and integrations;
  • host, store, index, display, distribute, and process Content according to the Terms;
  • provide public schema, annotation, proposal, discovery, search, ranking, trust, and versioning features;
  • provide private schema and organization features;
  • process payments, subscriptions, invoices, taxes, usage, plans, and commercial transactions;
  • enforce rate limits, usage limits, and plan limits;
  • communicate with you about the Service;
  • respond to support, legal, privacy, security, and abuse requests;
  • detect, prevent, investigate, and respond to spam, abuse, fraud, security incidents, unauthorized access, scraping, attacks, policy violations, and illegal activity;
  • debug errors, analyze reliability, monitor performance, and improve infrastructure;
  • develop new products, features, analytics, recommendations, compatibility tools, agent assistance, and AI/ML features;
  • personalize or improve your experience;
  • comply with law, legal process, audits, accounting, tax, and regulatory obligations;
  • protect Rusl, users, third parties, and the public ecosystem; and
  • carry out other purposes described at collection or with your consent.

6. AI/ML and Automated Processing

Rusl may use AI/ML and automated systems to provide and improve the Service, including:

  • schema discovery;
  • search;
  • recommendations;
  • annotation quality and relevance;
  • compatibility analysis;
  • trust, ranking, abuse, and safety signals;
  • agent assistance;
  • code or schema generation features;
  • support and operations;
  • security, fraud, and abuse detection; and
  • product analytics.

Public Content may be used for Rusl-related AI/ML training, evaluation, analysis, and feature development as described in the Terms.

Private Content is not used to train general AI/ML models by default unless the controlling Account opts into a feature, plan, or agreement that permits it. Some optional features may require sending Private Content, prompts, outputs, or context to Rusl systems or third-party AI/model providers. Rusl will identify those behaviors where practical in product documentation, settings, prompts, or Additional Terms.

Automated systems may affect ranking, recommendations, trust labels, abuse detection, rate limits, security actions, and other product behavior. Rusl does not promise that automated systems will be error-free.

7. How We Share Information

Rusl may share information as described below.

7.1 With Other Users and the Public

Public Content, public profile information, public Account Names, public organization information, public metadata, public activity, rankings, annotations, proposals, comments, and other public Service activity may be visible to other users and the public.

Private Content is shared with users, agents, organizations, teams, integrations, and third parties according to your settings, permissions, connected services, organization controls, and product behavior.

7.2 With Service Providers

Rusl may share information with service providers that help operate the Service, such as:

  • hosting and infrastructure providers;
  • database, storage, logging, and monitoring providers;
  • email and notification providers;
  • analytics providers;
  • payment processors;
  • customer support tools;
  • security, fraud, and abuse-prevention providers;
  • AI/ML or model providers;
  • identity and authentication providers;
  • error tracking and performance tools;
  • tax, accounting, legal, compliance, and professional advisors; and
  • other vendors that process information on Rusl's behalf.

7.3 With Third-Party Integrations You Use

If you connect Rusl to third-party services, including Git providers, registries, MCP servers, MCP tools, APIs, AI/model providers, identity providers, cloud services, or other integrations, Rusl may share information with those services as needed to provide the integration.

Third-party services are governed by their own terms and privacy policies.

7.4 For Organizations

If your Account is part of an organization, organization owners or administrators may access or control information associated with your organization membership, permissions, organization-owned private schemas, organization activity, agents, service accounts, billing, and settings according to Rusl product behavior and organization controls. Organization owners or administrators do not control private schemas owned by your personal Account unless you transfer or share those schemas with the organization.

7.5 For Legal, Security, and Safety Reasons

Rusl may disclose information if Rusl believes disclosure is necessary or appropriate to:

  • comply with law, legal process, subpoenas, court orders, government requests, or regulatory obligations;
  • enforce the Terms or Additional Terms;
  • protect the rights, property, security, or safety of Rusl, users, third parties, or the public;
  • investigate, prevent, or respond to fraud, abuse, spam, security incidents, attacks, unauthorized access, policy violations, or illegal activity;
  • protect public ecosystem integrity; or
  • resolve disputes.

7.6 Business Transfers

Rusl may disclose or transfer information in connection with a merger, acquisition, financing, reorganization, sale of assets, bankruptcy, change of control, or similar transaction.

7.7 With Consent or Direction

Rusl may share information with your consent or at your direction.

8. Security

Rusl uses reasonable technical, administrative, and organizational measures designed to protect information. No method of transmission, storage, or processing is completely secure.

You are responsible for securing your Account, passwords, devices, API keys, tokens, credentials, agents, MCP clients, service accounts, and integrations. You should promptly notify Rusl at security@rusl.com if you believe your Account or credentials have been compromised.

Unless a Rusl feature is explicitly designed for that purpose, you should not submit secrets, private keys, passwords, access tokens, API keys, signing keys, credentials, regulated personal data, confidential third-party information, or other sensitive data to Rusl.

Rusl may scan, detect, restrict, hide, remove, quarantine, disable access to, or otherwise act on exposed secrets or sensitive data, but does not guarantee detection.

9. Data Retention

Rusl retains information for as long as reasonably necessary to:

  • provide the Service;
  • maintain Accounts;
  • preserve public schemas, versions, annotations, forks, caches, dependency graphs, public contracts, and ecosystem integrity;
  • comply with licenses and public-content expectations;
  • operate private schema and organization features;
  • provide billing, tax, accounting, audit, and legal records;
  • resolve disputes;
  • enforce the Terms;
  • prevent abuse, fraud, and security incidents;
  • comply with legal obligations; and
  • support legitimate business, operational, or technical needs.

Private Content is generally deletable by the controlling Account or organization, subject to backups, legal retention, security investigations, billing records, dispute resolution, abuse prevention, support, and technical limitations.

Public Content may persist as described in the Terms because downstream users may rely on public schemas, versions, annotations, dependency graphs, forks, licenses, caches, and public contracts.

Backups and logs may retain information for a limited period before deletion according to Rusl's operational practices.

10. Your Choices and Rights

Depending on your location and applicable law, you may have rights to access, correct, delete, export, object to, restrict, or opt out of certain processing of personal information.

You may be able to access, update, export, or delete some information directly through the Service. You can contact Rusl at company@rusl.com for privacy requests.

Rusl may need to verify your identity or authority before responding. If your information is controlled by an organization Account, Rusl may direct you to that organization or notify the organization administrator.

Some information may not be deletable if Rusl needs to retain it for legal, security, billing, abuse-prevention, public-content durability, license, dependency-integrity, or legitimate business reasons.

11. International Users

Rusl is operated from the United States and is intended to be provided from the United States. Rusl does not specifically target or direct the Service to any particular country outside the United States unless Rusl says otherwise.

If you access the Service from outside the United States, your information may be processed in the United States and other countries where Rusl or its service providers operate. Those countries may have data-protection laws different from those where you live. Rusl will comply with obligations that apply to Rusl as required by applicable law, but this Privacy Policy does not create commitments for jurisdictions that do not apply to Rusl.

12. Children

Rusl is not intended for children under 13. If you believe a child under 13 has provided personal information to Rusl, contact company@rusl.com.

Users under the age of majority where they live may use Rusl only with permission from a parent or legal guardian where required by law.

13. Marketing and Communications

Rusl may send service-related messages, such as account, security, billing, legal, product, and operational notices. You may not be able to opt out of some service-related messages while you use the Service.

Rusl may send marketing or product-update communications where permitted by law. You may opt out of marketing emails using the unsubscribe mechanism or by contacting company@rusl.com.

14. Do Not Track and Global Privacy Controls

Some browsers or devices offer "Do Not Track" or similar signals. There is not yet a uniform industry standard for responding to all such signals.

Rusl will honor legally required opt-out preference signals where applicable and once implemented.

15. Changes to This Privacy Policy

Rusl may update this Privacy Policy from time to time. If changes are material, Rusl will provide reasonable notice where practical, such as by posting the updated policy, sending email, providing in-product notice, or providing CLI/API notice.

The updated Privacy Policy will be effective on the date stated in the updated policy. Your continued use of the Service after the effective date means you acknowledge the updated policy.

16. Contact

Rusl, Inc.
2810 N Church St, STE 88379
Wilmington, Delaware 19802

For privacy, general, or legal questions: company@rusl.com

For vulnerability reports: security@rusl.com