Privacy policy

We collect personal data that you voluntarily provide to us.

Account information. Your name, email address, and the OAuth provider (Google or Microsoft) you sign in with. We do not manage or store passwords. Sign-in is handled entirely by your identity provider.

Imported data. When you connect a mail or calendar account via OAuth, we read the headers, content, and metadata necessary to power your inbox, briefings, and follow-ups.

Automatic information. IP address, browser type, and basic usage logs, used to keep the service running and prevent abuse, not to profile you.

Payment information. If you subscribe, payments are processed by a PCI DSS Level 1 certified third-party payment processor. We never see or store card numbers.

We use what you give us to provide the service: organising your contacts, generating relationship briefings, surfacing follow-ups, and powering search across your network. That is the entire purpose. We use aggregate, de-identified usage patterns to fix bugs and prioritise what to build next.

We do not sell your data, share it with advertisers, or use the contents of your mail, calendar, or LinkedIn imports to train AI models. AI features are powered by third-party model providers under commercial API agreements that contractually prohibit using your inputs for model training.

Your data is stored on managed cloud infrastructure in the European Union (Paris region). Some processing, AI inference in particular, may transfer data to providers in other jurisdictions under standard contractual clauses or equivalent safeguards.

We only share information in three narrow circumstances:

• Service providers we depend on to run Rowuv (payment processing, cloud infrastructure, AI inference, transactional email) under data-processing agreements that limit them to acting on our instructions.
• Legal obligations, where we are compelled by valid legal process to disclose specific information.
• Business transfers, in the event of a merger, acquisition, or asset sale; successors inherit this same privacy policy.

You can access, export, correct, or delete the personal data we hold about you at any time. From Settings → Account you can disconnect any provider, export your data, or delete your account; deletion propagates within 30 days. If you are in the EU, UK, or California, you have additional rights under GDPR / UK GDPR / CCPA, including the right to object to processing and to lodge a complaint with your local data-protection authority.

To exercise any of these rights, email [email protected].

We use first-party cookies for authentication and session management. We do not use third-party advertising or cross-site tracking cookies.

Rowuv is not directed at people under 16. We do not knowingly collect data from children. If you believe a child has given us information, contact us and we will delete it.

We may update this policy as the product evolves. Material changes are announced in-app and the “last updated” date at the top of this page reflects the most recent revision.

Questions, requests, or complaints: [email protected].