Rivalytics.
Sign in

The Colophon · Privacy

Privacy policy.

A plain account of what Rivalytics collects, why, and what we never do with it. Last updated 2026-04-15.

This policy describes how Rivalytics (“we”, “us”, or “our”) collects, uses, and discloses information when you use the Rivalytics product (the “Service”). By using the Service you agree to the collection and use of information in accordance with this policy.

01

Information we collect

Account information. When you create an account we collect your name, email address, and authentication identifiers from providers you choose (Google, GitHub).

Workspace content. Companies you add to your watchlist, configuration you set, notes you create, and the competitive intelligence signals Rivalytics generates about those companies.

Usage data. We collect diagnostic and usage metrics (pages viewed, features used, request timing) to operate and improve the Service.

Public web data. To provide competitive intelligence, we collect publicly available information from third-party sources such as company websites, review platforms, public ad libraries, job listings, and SEO providers. We do not knowingly collect private or non-public information about third parties.

02

How we use information

  • To provide, maintain, and improve the Service.
  • To personalize your workspace and deliver competitor intelligence you asked for.
  • To send transactional emails (digests, alerts, weekly reports) based on your preferences.
  • To detect, prevent, and address abuse, fraud, and security issues.
  • To comply with legal obligations.
03

Subprocessors

We rely on a limited set of third-party providers to operate the Service:

  • Supabase— authentication and managed PostgreSQL.
  • Resend— transactional email delivery.
  • Anthropic— AI analysis of your tracked signals.
  • Apify, DataForSEO, Bright Data— public-web data collection.
  • Hetzner, Cloudflare— hosting and content delivery.

Each subprocessor receives only the data required to perform its specific function and is bound by its own security and privacy obligations.

04

Data retention

Workspace content is retained for as long as your account is active. If you delete your account we remove your workspace data within 30 days. Aggregated, non-identifying analytics may be retained longer for service-improvement purposes.

05

Your rights

You may request access to, correction of, export of, or deletion of your personal data at any time by emailing support@rivalytics.io. Residents of the EEA, UK, and California have additional rights under applicable law.

06

Security

We use industry-standard controls to protect your data, including TLS in transit, encrypted storage at rest, role-scoped database access, and least-privilege credentials for internal systems.

07

Children

Rivalytics is not directed to children under 16 and we do not knowingly collect data from them.

08

Changes to this policy

We may update this policy as the Service evolves. We will notify you of material changes by email or in-app notice. The “Last updated” date at the top of this page reflects the most recent version.

09

Contact

Questions about this policy? Email info@rivalytics.io or use our contact form.

This document is a good-faith summary of our current practices for the Rivalytics beta. It is not a substitute for legal advice. We will revise this policy under legal review before general availability.