## Overview Rivano AI ("Rivano", "we", "us") provides a self-hosted gateway and a hosted control plane for governing Model Context Protocol (MCP) and Agent-to-Agent (A2A) traffic. This Privacy Policy describes what information we collect, why we collect it, and the rights you have over it. It applies to rivano.ai, dashboard.rivano.ai, api.rivano.ai, and our hybrid + on-prem distributions. ## Information we collect **Account information.** When you sign up, we collect your email address, name, and (for paid tiers) billing details processed by our payment processor. We never store full payment-card numbers. **Usage information.** When you use the hosted control plane, we collect operational logs — request paths, response codes, latency, error traces — needed to operate the service. We do not log MCP tool arguments, A2A skill input bodies, or LLM prompt content in hosted mode unless you explicitly opt in to debug capture. **Hybrid and on-prem.** When you run Rivano in hybrid or on-prem mode, prompt and response content stays inside your network. We receive only the metadata listed above (operational logs, decisions, gateway heartbeats). **Cookies and analytics.** rivano.ai uses cookieless server-side traffic analytics. The dashboard at dashboard.rivano.ai sets a session cookie (`rivano_token`) on `.rivano.ai`. See our [Cookie Policy](/legal/cookies) for the full list. ## How we use information - To operate, secure, and improve the service. - To bill paying customers via our payment processor (Stripe). - To send transactional email (account events, billing, security notices) via our email processor (Resend). - To respond to support requests. - To detect abuse and enforce our [Terms](/legal/terms). We do not sell personal information. We do not use customer prompt or response content to train AI models. ## Sub-processors A current list of sub-processors lives at [/legal/sub-processors](/legal/sub-processors). We provide 30 days' notice on additions. ## International transfers Rivano's hosted infrastructure runs in the United States (Google Cloud `us-east1`). When you provide personal data from outside the United States, you consent to its transfer to and processing in the US. EU customers can request a Data Processing Agreement that includes Standard Contractual Clauses; see [/legal/dpa](/legal/dpa). ## Your rights Depending on your jurisdiction, you may have the right to: - Access the personal data we hold about you. - Request correction of inaccurate data. - Request deletion of your data ("right to be forgotten"). - Request portability of your data in a machine-readable format. - Object to or restrict certain processing. - Lodge a complaint with a supervisory authority. To exercise any of these rights, email **[email protected]** with the subject "DSR request". We respond within 30 days. ## Data retention - Account records: kept while your account is active, plus 90 days after closure. - Operational logs: 90 days. - Audit logs (Governance tier): 90 days. Audit logs (Enterprise tier): 7 years (or contractually agreed period). - Billing records: 7 years (US tax law). On account closure, we delete or anonymize personal data per the schedule above unless retention is required by law. ## Children Rivano is not directed to people under 16. We do not knowingly collect data from children. ## Changes When this Privacy Policy changes materially, we email registered users at least 30 days before the change takes effect. The change date appears at the top of this page. ## Contact **Privacy questions:** [email protected] **Data Protection Officer:** [email protected]