Privacy Policy

Last updated: 1/11/2026

1. Introduction

Ryzeflo ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our web application and services.

By using Ryzeflo, you consent to the data practices described in this policy. If you do not agree with the practices described, please do not use our services.

2. Information We Collect

2.1 Information You Provide

  • Account Information: When you create an account, we collect your email address, name (if provided), and profile picture (if using OAuth).
  • Task Data: Tasks, notes, categories, due dates, and other content you create within the application.
  • Settings: Your preferences, theme settings, and notification preferences.

2.2 Automatically Collected Information

  • Usage Data: Information about how you interact with our application (features used, time spent, etc.).
  • Device Information: Browser type, operating system, device identifiers, and IP address.
  • Location Data: Country-level location data (used for geo-targeted features like shopping links).

2.3 Third-Party Services

  • Authentication: When you sign in with Google, we receive your email, name, and profile picture from Google's OAuth service.
  • AI Processing: Task content is sent to OpenRouter AI (using free models like Llama 3.3 70B) for AI-powered features (categorization, enrichment, sub-step generation).

3. How We Use Your Information

  • To provide, maintain, and improve our services
  • To process and respond to your requests
  • To enable AI-powered features (task breakdown, categorization, enrichment)
  • To send you notifications (if enabled) about task reminders and due dates
  • To detect, prevent, and address technical issues
  • To comply with legal obligations

4. Data Storage and Security

4.1 Local Storage

When using Ryzeflo without an account, your data is stored locally in your browser's LocalStorage. This data never leaves your device unless you choose to create an account and sync it.

4.2 Cloud Storage

When you create an account, your data is stored securely in Supabase (a PostgreSQL database) with the following protections:

  • Row-Level Security (RLS) policies ensure you can only access your own data
  • Data is encrypted in transit (HTTPS) and at rest
  • Regular security audits and updates

4.3 Security Measures

We implement industry-standard security measures to protect your data, including encryption, secure authentication, and access controls. However, no method of transmission over the Internet is 100% secure.

5. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:

  • Service Providers: We use third-party services (Supabase for database, Google for AI processing) that process your data on our behalf under strict confidentiality agreements.
  • Legal Requirements: We may disclose information if required by law or to protect our rights and safety.
  • Business Transfers: In the event of a merger, acquisition, or sale, your data may be transferred to the new entity.

6. AI Processing and Third-Party Services

To provide AI-powered features, we send your task content to OpenRouter AI (using free models like Llama 3.3 70B). This data is:

  • Processed transiently (not stored by Google for training purposes)
  • Subject to Google's Privacy Policy for API usage
  • Used solely for the purpose of providing AI features (categorization, enrichment, sub-step generation)

We also use Supabase for authentication and data storage. Your data is subject to Supabase's security practices and privacy policies.

7. Your Rights and Choices

Depending on your location, you may have the following rights:

  • Access: Request a copy of your personal data
  • Correction: Update or correct inaccurate information
  • Deletion: Request deletion of your account and data
  • Portability: Export your data in a machine-readable format
  • Opt-Out: Disable notifications or delete your account at any time

To exercise these rights, contact us or use the account deletion feature in Settings.

8. Cookies and Tracking Technologies

Ryzeflo uses minimal cookies and tracking technologies:

  • Session Cookies: Required for authentication and maintaining your session
  • LocalStorage: Used to store your preferences and tasks (when not using cloud sync)
  • No Third-Party Tracking: We do not use advertising cookies or third-party tracking scripts

9. Children's Privacy

Ryzeflo is not intended for children under 13 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your data in accordance with this Privacy Policy.

11. Data Retention

We retain your data for as long as your account is active or as needed to provide services. If you delete your account, we will delete your data within 30 days, except where we are required to retain it for legal purposes.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. Your continued use of Ryzeflo after changes become effective constitutes acceptance of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at:

Email: privacy@ryzeflo.com
(Note: Update with your actual contact information)