ReqSpecs.

Privacy Policy

Last updated: 11 March 2026

ReqSpecs ("we", "us", or "our") operates the ReqSpecs platform at reqspecs.io. This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use our services.

By accessing or using ReqSpecs, you agree to the collection and use of information in accordance with this policy. If you do not agree, please do not use the platform.

1. Information We Collect

1.1 Account Information

When you create an account, we collect:

  • Full name
  • Email address
  • Password (stored in hashed form)
  • Organisation or company name (if provided)

1.2 Billing Information

When you subscribe to a paid plan, payment processing is handled by Stripe. We do not store your full credit card number. Stripe may collect your card details, billing address, and transaction history in accordance with their own privacy policy.

1.3 Content You Provide

Any project data, requirements, user stories, or other content you create within the platform is stored to provide the service. This content remains yours — see our Terms of Use for details on intellectual property.

1.4 Usage Data

We automatically collect certain information when you use the platform, including:

  • Browser type and version
  • Pages visited and features used
  • Date and time of access
  • Referring URL
  • Device type and operating system

1.5 Cookies

We use essential cookies to maintain your session and authentication state. We may also use analytics cookies to understand how the platform is used. You can disable non-essential cookies in your browser settings.

2. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the ReqSpecs platform
  • Process transactions and send billing-related communications
  • Send service-related notifications (e.g. account verification, security alerts)
  • Respond to support requests and inquiries
  • Analyse usage patterns to improve features and performance
  • Detect, prevent, and address technical issues or abuse

We do not sell your personal information to third parties.

3. Third-Party Services

We use the following third-party services to operate the platform:

  • Cloud infrastructure providers — for database hosting, authentication, file storage, and application delivery.
  • AI service providers — for AI-powered requirements generation and refinement. Your project content is sent to our AI provider's API for processing. Our AI provider does not use API inputs to train their models.
  • Stripe — payment processing for subscriptions.

Each third-party service operates under its own privacy policy. We encourage you to review their policies for details on how they handle your data.

4. Data Retention

We retain your account information and project data for as long as your account is active. If you delete your account, we will remove your personal information and project data within 30 days, except where retention is required by law or for legitimate business purposes (e.g. billing records).

5. Data Security

We implement industry-standard security measures to protect your data, including encryption in transit and at rest, access control policies that ensure users can only access their own data, and secure authentication practices. However, no method of electronic transmission or storage is 100% secure, and we cannot guarantee absolute security.

6. Your Rights

You have the right to:

  • Access the personal information we hold about you
  • Request correction of inaccurate information
  • Request deletion of your account and associated data
  • Export your project data at any time
  • Withdraw consent for non-essential data processing

To exercise any of these rights, please contact us at info@reqspecs.io.

7. Australian Privacy Principles

We are committed to handling your personal information in accordance with the Australian Privacy Principles (APPs) contained in the Privacy Act 1988 (Cth). If you believe we have breached the APPs, you may lodge a complaint with us or with the Office of the Australian Information Commissioner (OAIC).

8. Children's Privacy

ReqSpecs is not intended for use by individuals under the age of 16. We do not knowingly collect personal information from children. If we become aware that a child has provided us with personal information, we will take steps to delete it.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date. Your continued use of the platform after changes constitutes acceptance of the revised policy.

10. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at:

Email: info@reqspecs.io
Website: reqspecs.io