Trust & policies

Privacy Policy

How Rivya handles account data, prompts, chat history, billing records, uploads, and generated outputs.
Last updated: 2026/05/14

This page covers

Accounts and sign-inBilling, credits, and subscriptionsPrompts, uploads, and generated content

Have a question?

[email protected]

Questions about privacy, billing, or your account? Email our support team and we will do our best to help.

Overview

We believe people should not have to guess how their information is handled. This Privacy Policy explains, in clear terms, what Rivya collects, why we need it, how we use it, and the choices you have when you visit the website, create an account, contact us, or use Rivya for chat, image, video, and audio generation.

Information We Collect

Account, profile, and contact information

When you create an account, update your profile, or reach out to us, we may collect information such as:

  • name
  • email address
  • account identifiers and authentication records
  • third-party sign-in provider identifiers if you choose Google, GitHub, or Discord sign-in
  • email verification, password reset, or similar authentication workflow records
  • profile image or avatar URL if you upload one
  • messages you send to the Rivya team

Billing and transaction information

If you choose to purchase a subscription or credit pack, we may collect or receive:

  • customer, checkout, subscription, and invoice identifiers
  • plan, package, price, and billing period information
  • payment and subscription status
  • credit balance, credit transaction history, and related billing metadata

Payment card details are handled by Stripe and are not stored directly by Rivya.

Workspace, prompt, and history data

When you use Rivya, we may store information needed to run the product and keep your workspace connected, including:

  • prompts, instructions, and chat messages you submit
  • uploaded reference media, related file URLs, and upload metadata
  • generation parameters and workflow settings
  • model, tool, and workspace selections
  • output URLs, result metadata, and task status records
  • chat session history, message history, attachment URLs, and usage metadata
  • credit settlement and refund records connected to AI runs

Browser extension data

If you use Rivya Prompt Clipper, the extension may read the current page title, page URL, selected text, and meta description after you actively click the extension or its context-menu action.

Version 1 of the extension builds prompts locally in your browser. It does not upload selected text, page content, browsing history, or clipboard contents to Rivya servers by default. If you click Open in Rivya, your browser opens the matching Rivya page with visible UTM attribution so we can understand that the visit came from the extension.

Rivya receives prompt or page content from the extension only if you choose to copy it, paste it into Rivya, and submit it inside the Rivya product.

Technical and security information

We may automatically collect:

  • session records and related security metadata
  • IP address
  • browser, device, and user agent information
  • locale or language preference information, including cookie-based locale settings
  • log data used for security, fraud prevention, abuse detection, debugging, and service reliability

How We Use Information

We use information to:

  • create and manage your account
  • authenticate sign-in, verify email addresses, reset passwords, and protect account access
  • provide billing, credits, subscriptions, payment support, and customer portal access
  • process generation requests, chat requests, reference uploads, and requested outputs
  • maintain generation history, chat history, and workspace continuity
  • send service, authentication, billing, support, and newsletter-related communications
  • investigate abuse, fraud, platform misuse, suspicious activity, or technical failures
  • improve product quality, reliability, support operations, and user experience
  • respond to support, onboarding, partnership, and privacy requests

Service Providers and Processing

Like most modern software products, Rivya works with third-party providers to operate parts of the service, including:

  • Stripe for billing, checkout, subscriptions, and payment-related records
  • third-party AI infrastructure for AI generation, chat routing, media uploads, and related task processing
  • Resend for account emails, contact emails, and newsletter-related email delivery
  • S3-compatible storage providers for assets such as uploaded avatars and stored files
  • Google, GitHub, or Discord if you choose those sign-in methods
  • infrastructure, hosting, monitoring, or security vendors used to operate the service
  • optional analytics, captcha, affiliate, or support-widget providers if those features are enabled in a given deployment

Those providers may process relevant account data, prompts, uploads, outputs, metadata, or transaction information as needed to operate the service you ask us to provide. AI requests routed through third-party AI infrastructure may also involve upstream model or infrastructure providers selected for the workflow you use, but only as part of completing that workflow.

Prompts, Uploads, Chats, and Outputs

When you submit prompts, chat messages, or upload files, Rivya may process that content to provide the requested response or generation and to keep the related task, history, and billing records connected to your account.

Reference files used for AI generation are currently uploaded through Rivya endpoints to third-party AI infrastructure used for generation uploads. Avatar uploads are currently sent to S3-compatible storage configured for the service.

If you can avoid it, please do not submit sensitive personal data, confidential material, or protected information unless you have reviewed your own internal requirements and are comfortable with the operational risks of third-party processing.

Data Retention and Deletion

We try not to keep information longer than we need it. In practice, we retain information for as long as it serves a real operational, legal, or support purpose, including to:

  • operate your account
  • maintain billing, payment, and credit records
  • provide generation history, chat history, and customer support
  • meet legal, tax, accounting, security, and dispute-handling obligations

If you delete your account from Settings > Security, account-linked records in Rivya's primary database are generally removed on a cascading basis. In some cases, we may still retain limited records where necessary for billing, fraud prevention, abuse handling, legal obligations, provider-side processing, backups, or security logs.

We may also remove or anonymize information when it is no longer needed for these purposes.

Your Choices

Depending on your location and applicable law, you may have the ability to:

  • access or update account information
  • delete your account from the product settings
  • unsubscribe from marketing or newsletter communication
  • manage browser cookies and similar technologies

If you need help with a privacy-related request that is not available directly in the product, please contact us.

Security

We take security seriously and use reasonable administrative, technical, and organizational safeguards to protect information and reduce unauthorized access, misuse, disclosure, or loss. At the same time, no online system can guarantee absolute security.

Children

Rivya is not intended for children under the age required by applicable law to use the service independently. If you believe a child has provided personal information to Rivya without appropriate authorization, please contact us.

Changes to This Policy

We may update this Privacy Policy as Rivya evolves. When we make material changes, we will update the effective date on this page and may provide additional notice when appropriate.

Contact

If anything in this Privacy Policy feels unclear, please contact us. We will do our best to point you in the right direction.