021 Privacy Policy

Your data.
Your control.

How RIVEL Companies International LLC collects, uses, and protects your personal information. Written in plain language and compliant with GDPR, CCPA/CPRA, UK GDPR, and LFPDPPP.

Last updated May 19, 2026 Effective May 19, 2026

This Privacy Policy explains how RIVEL Companies International LLC ("RIVEL," "we," "us," "our") collects, uses, shares, and protects personal information when you use our websites, products, and services (collectively, the "Services"), including our web application and any related experiences, content, and features.

Contact: info@rivelcompanies.com

01Who we are (Data Controller)

The data controller for the Services is:

  • Legal name: RIVEL Companies International LLC
  • Entity type: Limited Liability Company (LLC)
  • Jurisdiction: State of Wyoming, United States of America
  • Date of formation: May 18, 2026
  • Principal office & mailing address: 5830 E 2nd St, Ste 7000 #35827, Casper, WY 82609, USA
  • Registered agent: Republic Registered Agent LLC, 5830 E 2nd St, Ste 7000, Casper, WY 82609, USA
  • Privacy contact: privacy@rivelcompanies.com (or info@rivelcompanies.com)

If you need to exercise your privacy rights or have questions about how we handle your data, please contact us at the addresses above.

02Scope

This Policy applies to:

  • our website(s) and landing pages,
  • the RIVEL web application,
  • any community, research, content, and communications we provide in connection with the Services.

It does not apply to third-party services you use independently (e.g., Stripe, Google, Apple, social networks). Those services have their own privacy policies.

03Information we collect

We collect information in four ways: (A) you provide it, (B) we collect it automatically, (C) we receive it from integrations you enable, and (D) payments (handled by Stripe).

A) Information you provide

  • Account & profile: name, email, username, password (stored using hashing), profile settings, preferences.
  • Content you create: notes, tasks, missions, OKRs, messages, journal entries, knowledge base entries, files you upload, and other content you submit within the Services.
  • Communications: messages and information you send to us (support, contact forms, feedback, survey responses).
  • Business information (if you engage with RIVEL services): company name, role, goals, and details you choose to share for delivery.

B) Information we collect automatically

  • Usage data: pages/screens visited, features used, clicks, session duration, actions taken in the Services.
  • Device & technical data: IP address, browser type, device type, OS, language, and approximate location derived from IP.
  • Log data: diagnostic data to maintain security and reliability.

C) Information from integrations you enable

If you connect third-party tools (e.g., calendar, email, CRM, web services), we may receive and process the data necessary to provide that integration as authorized by you. You can disconnect integrations at any time.

D) Payments (Stripe)

If you purchase paid Services, payments are processed by Stripe. We typically receive limited payment-related information such as billing details and payment status. We do not store full payment card numbers; they are handled by Stripe.

RIVEL may include features related to wellbeing and personal tracking (e.g., mood/energy/habits/reflections). This information can be sensitive depending on jurisdiction and context.

  • You choose whether to provide this information.
  • We treat wellbeing-style data as sensitive in practice and apply additional protections (see Security).
  • RIVEL is not a medical service or medical device and does not provide medical advice.

05How we use your information

We use personal information to:

  • Provide and operate the Services (create accounts, authenticate users, store your content, enable features).
  • Personalize and improve the experience (recommendations, templates, organization, and helpful guidance).
  • Power AI-assisted features (e.g., drafting, summarizing, suggesting next actions) based on the content and context you provide within the Services.
  • Maintain safety and security (fraud prevention, abuse detection, account protection).
  • Provide support and respond to inquiries.
  • Analytics and product improvement (understanding usage to improve performance and reliability).
  • Legal compliance (tax, accounting, enforcing terms, responding to lawful requests).
  • Communications (service updates and announcements; marketing communications only where permitted or with consent—unsubscribe anytime).

We do not sell your personal information.

06AI processing

RIVEL may provide AI-assisted features. Important notes:

  • Your control: AI outputs depend on what you choose to input and request.
  • No medical decisions: We do not use AI to provide medical diagnoses or treatment decisions.
  • No “solely automated” significant decisions: We do not use AI to make decisions producing legal or similarly significant effects about you without appropriate human involvement.

07How we share information

We share information only as needed:

A) Service providers (processors)

We rely on a small set of carefully selected third-party vendors to host and operate the Services. Each provider acts as a data processor on our behalf under a Data Processing Agreement (DPA) and processes personal data only on documented instructions:

  • Vercel Inc. — web hosting, edge runtime, and content delivery (USA).
  • Supabase, Inc. — PostgreSQL database, authentication, storage, and realtime services (USA, EU regions available).
  • Resend Inc. — transactional email delivery (USA).
  • Stripe, Inc. — payment processing and billing (USA / global).
  • Google LLC — Google Cloud infrastructure, analytics, and related services (USA / global).
  • Anthropic, PBC and OpenAI, OpenCo. LLC — large-language-model APIs powering Lysir AI features. We use providers with zero-data-retention agreements where available.
  • Meta Platforms, Inc. — advertising pixel and Conversions API for measurement of marketing campaigns.

The list of subprocessors may evolve. The current list is available on request. We require each provider to maintain confidentiality, implement appropriate security measures, and assist us with data-subject requests.

B) Payment processing

Stripe processes payments for paid Services.

C) Integrations you enable

We share information with third-party services only when you choose to connect them and only as required for that integration.

D) Legal and safety

We may disclose information if required by law or to protect rights, safety, and security (e.g., to respond to lawful requests, prevent fraud or abuse).

E) Business changes

If we undergo a business transition (e.g., incorporation, merger, acquisition, reorganization), information may be transferred as part of that process subject to appropriate protections.

08Data retention

We retain personal information only as long as necessary to:

  • provide the Services,
  • comply with legal obligations,
  • resolve disputes,
  • enforce agreements.

Typical approach:

  • Account data: retained while your account is active.
  • User content: retained until you delete it or request deletion, subject to legal requirements.
  • Backups: may persist for a limited period after deletion for security and disaster recovery.

09Security

We implement safeguards designed to protect personal information, such as:

  • access controls and least privilege principles,
  • encryption in transit and, where applicable, at rest,
  • monitoring for abuse and suspicious activity,
  • separation of environments and secure secrets management.

No system can be guaranteed 100% secure. If we become aware of a security incident affecting your data, we will notify you and regulators as required by applicable law.

10International data transfers

We are a US-incorporated company (Wyoming) and primarily process personal data in the United States and the European Union. Personal data may be transferred to and processed in jurisdictions outside your country of residence.

Where personal data is transferred from the European Economic Area, the United Kingdom, or Switzerland to a country that has not been recognized as providing an adequate level of data protection, we rely on appropriate safeguards including:

  • the European Commission's Standard Contractual Clauses (SCCs);
  • the UK International Data Transfer Addendum, where applicable;
  • supplementary technical and organisational measures (encryption in transit and at rest, access controls, audit logging).

For transfers from Mexico, we comply with the principles of the Ley Federal de Protección de Datos Personales en Posesión de los Particulares (LFPDPPP) and require equivalent contractual protections from recipients.

11Your privacy rights

Depending on where you live, applicable privacy law (including the EU/UK GDPR, the California CCPA/CPRA, and the Mexican LFPDPPP) gives you the following rights regarding your personal information:

  • Access your personal information
  • Correct inaccurate information
  • Delete personal information
  • Restrict or object to certain processing
  • Port your data (where applicable)
  • Withdraw consent (where processing is based on consent)
  • Opt out of certain uses in jurisdictions that provide those rights

To exercise any of these rights, email privacy@rivelcompanies.com with:

  • the email address associated with your account (if any),
  • the request you are making,
  • any relevant details to help us verify identity and locate the data.

We may need to verify your identity before fulfilling certain requests.

12Cookies and tracking technologies

We use cookies and similar technologies for:

  • essential site functionality,
  • preferences,
  • performance and analytics,
  • security.

You can control cookies via browser settings. Where required by law, we provide consent mechanisms for non-essential cookies.

13Children’s privacy

The Services are not intended for children under 13 (or under 16 where required by local law). We do not knowingly collect personal information from children. If you believe a child has provided information, contact info@rivelcompanies.com.

Our Services may include links to third-party sites. Their practices are governed by their own policies, and we are not responsible for them.

15Changes to this Privacy Policy

We may update this Policy from time to time. If changes are material, we will provide notice (e.g., in-app or email notice) and update the “Last updated” date.

16Contact

For questions or requests regarding this Privacy Policy:

  • Email: privacy@rivelcompanies.com
  • Mail: RIVEL Companies International LLC, 5830 E 2nd St, Ste 7000 #35827, Casper, WY 82609, USA

EU/EEA residents may also lodge a complaint with their local supervisory authority. UK residents may contact the Information Commissioner's Office (ICO). California residents may contact the California Privacy Protection Agency (CPPA). Mexican residents may contact INAI.

End of Privacy Policy · RIVEL Companies International LLC

↑ Back to top