Legal

Privacy Policy

Last updated: March 2026

1.Overview

GetMyRio ("we", "us", or "our") respects your privacy. This Privacy Policy explains what data we collect, how we use it, how we protect it, and your rights when you use the GetMyRio service.

2.Data We Collect

Account Data

  • Email address (provided at checkout)
  • Timezone and display name (provided during onboarding)
  • Stripe customer and subscription identifiers

Conversation Data

  • Messages you send to Rio and Rio’s responses
  • Personality configuration and preferences (SOUL.md)
  • Memory entries Rio creates based on your conversations (MEMORY.md)

Technical Data

  • Container health metrics (CPU, memory usage)
  • Error logs for troubleshooting
  • Usage metrics (messages sent, tokens used)

3.How We Use Your Data

  • To provide the Service: your conversations are processed by third-party LLM providers to generate responses
  • To personalise Rio: your preferences and memory are stored to make Rio more helpful over time
  • To maintain the Service: health metrics and logs help us monitor uptime and resolve issues
  • To communicate with you: we send transactional emails (welcome, billing) via our email provider
  • To back up your data: memory embeddings are synced to our database for disaster recovery

4.Third-Party Data Processors

  • LLM providers (OpenRouter / Moonshot): your prompts and conversation context are sent to generate AI responses
  • Stripe: payment processing. We never store your credit card details
  • Supabase: database hosting for account data and memory backups
  • Resend: transactional email delivery
  • OpenAI (embeddings only): memory content is converted to embeddings for semantic search

5.What We Do NOT Do

  • We do not sell your data to third parties
  • We do not use your data to train AI models
  • We do not share your conversations with other users
  • We do not serve advertisements
  • We do not track you across other websites

6.Data Storage and Security

  • Your AI assistant runs in a private, isolated container — your data is not shared with other users
  • All connections are encrypted via TLS (HTTPS)
  • Authentication uses bcrypt-hashed passwords and signed JWT tokens
  • API keys for third-party integrations you provide are encrypted at rest
  • Our infrastructure is hosted on a dedicated VPS with firewall restrictions

7.Data Retention

We follow a strict no-deletion policy. Your data is never permanently deleted \u2014 it is archived if you cancel your subscription. If you resubscribe, your assistant resumes with all previous data intact. You can request a full export at any time. If you require permanent deletion for legal reasons (e.g., GDPR right to erasure), contact us and we will comply within 30 days.

8.Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data (subject to legal requirements)
  • Export your data in a portable format
  • Object to processing of your data
  • Withdraw consent at any time

To exercise any of these rights, contact us at info@getmyrio.com.

9.Cookies

We use a single essential cookie (rio_token) for authentication. We do not use analytics cookies, tracking cookies, or third-party advertising cookies.

10.Children

The Service is not intended for users under the age of 18. We do not knowingly collect data from children.

11.Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or a notice on our website.

12.Contact

Questions? Contact us at info@getmyrio.com.