At Riventa.Dev, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

1. Information We Collect

1.1 Information You Provide

We collect information that you provide directly to us, including:

• Account Information: When you create an account, we collect your name, email address, and password.
• Profile Information: You may choose to provide additional information such as a profile photo, company name, and job title.
• Payment Information: If you purchase a paid plan, we collect billing information including credit card details (processed securely through our payment processor).
• Communications: When you contact us, we collect the information you provide in your messages.

1.2 Information Collected Automatically

When you use Riventa.Dev, we automatically collect certain information:

• Usage Data: We collect information about how you interact with our service, including features used, pages visited, and actions taken.
• Device Information: We collect information about the device you use to access our service, including IP address, browser type, and operating system.
• Cookies: We use cookies and similar technologies to maintain your session and improve your experience.

1.3 Information from Third Parties

• GitHub: When you connect your GitHub account, we collect information from GitHub including your repositories, pull requests, and code changes necessary to provide our code review service.
• OAuth Providers: If you sign in using a third-party authentication service, we receive basic profile information from that provider.

2. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve our code review service
• Process transactions and send related information
• Send technical notices, updates, and security alerts
• Respond to your comments, questions, and customer service requests
• Communicate with you about products, services, and events
• Monitor and analyze trends, usage, and activities
• Detect, prevent, and address technical issues and fraudulent activity
• Personalize and improve your experience

3. Data Security

We implement appropriate technical and organizational measures to protect your personal information:

• Encryption: We use industry-standard SSL/TLS encryption for data in transit and encryption at rest for sensitive data.
• Access Controls: We restrict access to personal information to employees and contractors who need it to perform their jobs.
• Regular Audits: We regularly review our security practices and conduct security assessments.
• Secure Infrastructure: Our infrastructure is hosted on secure, enterprise-grade cloud providers.

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.

4. Third-Party Services

We use the following third-party services:

• GitHub: For repository access and code review functionality
• Anthropic: For AI-powered code analysis (your code is processed but never used for model training)
• Payment Processors: For billing and payment processing (we do not store credit card information)
• Analytics: For understanding how our service is used (we use privacy-focused analytics)

These third parties have their own privacy policies. We encourage you to review their privacy practices.

5. Your Rights

You have the following rights regarding your personal information:

• Access: You can request a copy of the personal information we hold about you.
• Correction: You can update or correct your personal information at any time through your account settings.
• Deletion: You can request that we delete your personal information, subject to certain legal exceptions.
• Portability: You can request a copy of your data in a machine-readable format.
• Objection: You can object to certain processing of your personal information.
• Opt-out: You can opt out of marketing communications at any time.

To exercise these rights, please contact us at privacy@riventa.com.br.

6. Data Retention

We retain your personal information for as long as necessary to provide our services and fulfill the purposes outlined in this Privacy Policy. When you delete your account, we will delete your personal information within 30 days, except where we are required to retain it for legal or regulatory purposes.

7. International Data Transfers

Your information may be transferred to and processed in countries other than your own. These countries may have data protection laws that are different from the laws of your country. We ensure that such transfers are made in accordance with applicable data protection laws.

8. Children's Privacy

Our service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. We encourage you to review this Privacy Policy periodically for any changes.

10. Contact Us

If you have any questions about this Privacy Policy, please contact us:

• Email: privacy@riventa.com.br
• Support: support@riventa.com.br
• Address: Riventa Technologies Ltd., São Paulo, SP, Brazil

11. GDPR Compliance (for EU Users)

If you are located in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR):

• The right to be informed about how your data is used
• The right to access your personal data
• The right to rectification of inaccurate data
• The right to erasure ("right to be forgotten")
• The right to restrict processing
• The right to data portability
• The right to object to processing
• Rights related to automated decision making and profiling

Our lawful basis for processing your data includes: consent, contractual necessity, legal obligation, and legitimate interests.

12. LGPD Compliance (for Brazilian Users)

If you are located in Brazil, you have rights under the Lei Geral de Proteção de Dados (LGPD), including:

• Confirmation of the existence of processing
• Access to your data
• Correction of incomplete, inaccurate, or outdated data
• Anonymization, blocking, or deletion of unnecessary or excessive data
• Portability of data to another service provider
• Deletion of data processed with your consent
• Information about public and private entities with which we share data
• Information about the possibility of not providing consent and the consequences
• Revocation of consent