Privacy Policy

1. Introduction

Your privacy is critical. Rilavek ("we", "us") is designed to be a pass-through service. Our core architecture prioritizes not storing your file data. This Privacy Policy explains what information we collect and how we use it.

2. Zero-Knowledge Architecture

When you use Rilavek to transfer files between sources and destinations:

• We do not store your files. Files are streamed in memory (RAM) and are discarded immediately after transmission to your target destination.
• We do not view, analyze, or mine the contents of your files.
• The only exception is if you explicitly request a debug log for a support ticket, in which case metadata may be temporarily visible to us, but not file content.

3. Information We Collect

We collect the minimum amount of information necessary to operate the Service:

• Account Information: If you create an account, we collect your email address and authentication credentials (hashed).
• Configuration Data: We store the configuration of your "Pipes" (e.g., Source Type, Destination Type, endpoint URLs) to facilitate the service. We encourage the use of environment variables or secrets management for sensitive keys.
• Usage Logs: We collect metadata logs (e.g., "File A transferred to Destination B", timestamps, file sizes, success/failure status) to provide you with transfer history and for billing purposes.
• Payment Information: We use third-party payment processors (e.g., Paddle). We do not store your full credit card information.
• Website Analytics: We use Umami, a privacy-focused analytics tool, to understand website usage. It does not use cookies and does not collect personal data.

4. How We Use Your Information

We use the collected information only to:

• Provide, operate, and maintain the Service.
• Process transactions and billing.
• Monitor and analyze usage and trends to improve Service performance.
• Detect, prevent, and address technical issues or abuse.

5. Data Retention

We retain metadata logs for a limited period to allow you to view your transfer history. You may delete your account at any time, which will remove your configuration data and personal information from our active databases.

6. Third-Party Services

We may employ third-party companies and individuals to facilitate our Service (e.g., hosting providers like AWS, payment processors). These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

7. Security

We value your trust in providing us your Personal Information, thus we are striving to use commercially acceptable means of protecting it. But remember that no method of transmission over the internet, or method of electronic storage is 100% secure and reliable, and we cannot guarantee its absolute security.

8. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page. You are advised to review this Privacy Policy periodically for any changes.