Legal · Privacy
Your data,
your business
We collect only what we need, protect it seriously, and never sell it. Here is exactly how we handle your information.
Last updated
March 21, 2026
Questions?
Email connect@rivonixtech.com
We collect only what we need, protect it seriously, and never sell it. Here is exactly how we handle your information.
Last updated
March 21, 2026
Questions?
Email connect@rivonixtech.com
This policy explains what data we collect, why, and how we protect it. We have written it to be readable, not just legal.
Account information
When you create an account, we collect your name, email address, and password (hashed). We may also collect your company name and role to personalise your experience.
Connected integration data
When you connect Stripe, Google Analytics 4, or other integrations, we fetch and store aggregated metrics (revenue, subscriber counts, traffic sessions) in your private workspace. We store only the data needed to generate decisions — raw transaction records are never stored in bulk.
Usage data
We collect standard server logs (IP address, browser type, pages visited, timestamps) and in-product events (features used, decisions viewed, AI queries made). This data is used to improve the product and is never sold.
Payment information
Billing is handled by Stripe or Razorpay depending on your region and the active payment gateway. We store your subscription status and plan tier. We never see or store your full card number, UPI ID, or other sensitive payment credentials.
To deliver the service
Your connected integration data is used exclusively to generate AI-powered decisions and insights for your account. It is never used to train shared models, benchmarked against other accounts, or shared with third parties.
To improve the product
Aggregated, anonymised usage patterns help us improve decision quality, UI, and reliability. No personally identifiable information is included in this analysis.
To communicate with you
We send transactional emails (receipts, password resets, security alerts) and, with your consent, product updates and tips. You can unsubscribe from marketing emails at any time.
To comply with law
We may disclose data when required by applicable law, regulation, or valid legal process. We will attempt to notify you unless prohibited from doing so.
We do not sell your data
We do not sell, rent, or trade your personal information or business data to any third party, ever.
Sub-processors
We use a small number of trusted sub-processors to operate the service: Stripe (billing), Razorpay (billing), Vercel (hosting), Neon (database), OpenAI / Anthropic (AI inference). All sub-processors are contractually bound to keep your data confidential and process it only on our behalf.
AI inference
When you use the AI chat or decision engine, your data context is sent to our AI provider (Anthropic) to generate a response. This is done over an encrypted connection. We have a Data Processing Agreement in place. Your data is not used to train third-party models.
Encryption
All data is encrypted in transit (TLS 1.2+) and at rest (AES-256). Integration access tokens (e.g. Stripe secret keys entered via API key mode) are encrypted at rest using envelope encryption before storage.
Access controls
Access to production systems is restricted to authorised personnel on a need-to-know basis. We use multi-factor authentication for all administrative access.
Incident response
In the event of a data breach affecting your personal data, we will notify you and relevant authorities within 72 hours as required by applicable law.
Access and portability
You can request a copy of all personal data we hold about you at any time by emailing connect@rivonixtech.com.
Correction
You can update your account information directly in Settings → Account. For other corrections, contact us.
Deletion
You can delete your account from Settings → Account → Delete account. This permanently removes all your data, connected integrations, and decisions within 30 days. Some data may be retained for legal or financial compliance obligations.
Objection and restriction (GDPR)
EU/UK users have the right to object to or restrict processing of their personal data. Contact connect@rivonixtech.com to exercise these rights. We respond to all requests within 30 days.
Do Not Track
We respect browser Do Not Track signals where technically feasible. We do not use cross-site tracking for advertising.
Active accounts
We retain your data for as long as your account is active or as needed to provide the service.
Deleted accounts
After account deletion, personal data is removed within 30 days. Anonymised aggregate data and financial records required by law may be retained for up to 7 years.
Privacy questions
For any privacy-related questions or to exercise your rights, email connect@rivonixtech.com. We aim to respond within 5 business days.
Supervisory authority
If you are in the EU/UK and believe we are processing your data unlawfully, you have the right to lodge a complaint with your local data protection authority.
Changes to this policy
We may update this policy as the product evolves. We will email you and post a notice in-app at least 14 days before material changes take effect. The date at the top of this page always reflects the latest revision.
Questions? Contact us or read our Terms of Service.
Start operating with intention
A calm founder platform designed to help you understand the business faster, make sharper decisions, and move with confidence.