Privacy Policy

Last updated: March 13, 2026

1. Introduction

Ravivo ("Service", "we", "us", "our") is a software-as-a-service platform that provides automated tools for aggregating, processing, and distributing art news content. We act exclusively as a technology provider and toolset operator — not as a content manager, publisher, or media outlet. This Privacy Policy explains how we collect, use, and protect information when you use our Service.

2. Information We Collect

2.1 Account Information

When you register, we collect your email address and password (stored as a cryptographic hash). If you join via invitation, we also store the inviting organization context.

2.2 OAuth and Integration Data

When you connect third-party platforms (Facebook, Instagram, Threads, X, WordPress, Telegram), we receive and store OAuth access tokens and platform-specific identifiers (Page IDs, user IDs, usernames). Tokens are encrypted at rest using AES-256. We do not store your third-party passwords.

2.3 Content Data

We process article content (titles, text, images, URLs) from RSS feeds and web pages that you configure as sources. This content originates from publicly available third-party websites. We do not claim ownership of this content.

2.4 Usage Data

We collect server logs including IP addresses, request timestamps, and user agent strings for security and operational purposes.

3. How We Use Information

  • Provide, maintain, and improve the Service
  • Authenticate your identity and manage access to your account
  • Publish content to connected platforms on your behalf and only upon your explicit approval
  • Process and transform content using AI models as configured by you
  • Send service-related notifications
  • Detect and prevent fraud, abuse, and security incidents

4. Third-Party Platforms

Our Service integrates with Meta (Facebook, Instagram, Threads), X (Twitter), WordPress, and Telegram. When you connect these platforms, their respective privacy policies also apply. We access only the permissions you explicitly grant. We do not sell, rent, or share your third-party tokens or data with anyone outside the Service. You can disconnect any platform at any time through Settings, which revokes our stored tokens.

5. Data Storage and Security

  • All data is stored on encrypted servers (DigitalOcean, EU/US)
  • OAuth tokens are encrypted at rest with AES-256
  • Passwords are hashed using bcrypt
  • All connections use TLS 1.2+
  • Access is restricted by role-based permissions (RBAC)

6. Data Retention

We retain your account data for as long as your account is active. Article content is retained according to your tenant configuration. Upon account deletion, we remove all personal data and revoke all stored tokens within 30 days.

7. Your Rights

You have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion of your data
  • Disconnect third-party integrations
  • Export your data
  • Withdraw consent at any time

8. Limitation of Liability for Content

Ravivo is a tool provider. We do not create, verify, or endorse the content processed through our Service. Content is sourced from third-party RSS feeds and websites configured by users. Users are solely responsible for ensuring they have the right to aggregate, process, and republish content from their configured sources. We are not liable for any copyright claims, content accuracy issues, or damages arising from the use of content processed through our tools.

9. Children

Our Service is not directed to individuals under 16. We do not knowingly collect data from children.

10. Changes to This Policy

We may update this policy from time to time. We will notify registered users of material changes via email.

11. Contact

For privacy-related inquiries, contact us at: privacy@ravivo.app