Privacy Policy

We collect information you provide directly, information generated by your use of the Service, and information from integrated third-party platforms you choose to connect.

• Account & workspace data. Name, email, organization, and authentication identifiers from WorkOS AuthKit when you sign in.
• Integration metadata. Slack workspace and channel IDs, GitHub installation IDs and repository references, Jira site URLs, Linear team IDs, and any webhook secrets required to verify events from those platforms.
• Trigger payloads. The message, issue, or webhook body that initiates a task — e.g., a Slack mention, a Linear comment, a GitHub issue — plus the thread context Ryven needs to reply in the same place.
• Task execution data. Repository clone metadata, sandbox logs, Claude Code transcripts, diffs, and the pull requests Ryven creates. Logs are retained so you can audit what the agent did.
• Credentials. Your own Anthropic API key (BYOK), GitHub App installation tokens, and other integration secrets. These are encrypted at rest with AES-256-GCM before being written to our database. We never return decrypted keys through the API.
• Billing data. Card details are collected and stored directly by Stripe; Ryven stores only the Stripe customer ID, subscription state, and invoice references needed to administer your plan.
• Product analytics. Aggregated, privacy-respecting page and event analytics via self-hosted Umami on t.ryven.dev. No cross-site tracking or advertising cookies.

• Authenticate you and your teammates into the workspace.
• Run the agent: clone the target repository into an ephemeral Docker sandbox, execute Claude Code using your Anthropic key, open pull requests, watch CI, and post updates back to the originating thread.
• Operate the Service — store task history, stream logs, meter active seats for billing, and send transactional emails about your account.
• Detect abuse, diagnose errors, and improve reliability.
• Comply with legal obligations and enforce our Terms.

We do not sell personal data. We do not use customer content or trigger payloads to train machine-learning models.

Ryven is bring-your-own-key for the core agent. When a task runs, prompts and generated code are sent from our server directly to Anthropic’s API under your key. Anthropic’s handling of that traffic is governed by Anthropic’s Privacy Policy. A small intent-classification step uses Ryven’s own Haiku key and is subject to the same policy on Anthropic’s side.

Each task runs in an isolated Docker container created on demand and destroyed when the task ends. Repository contents are cloned into the sandbox, not into long-term storage. Sandbox filesystem state is discarded at the end of the run. We retain the task’s structured log — commands, diffs, PR URLs, and Claude transcripts — so you can review what the agent did.

We share information only with the providers needed to run the Service:

• Anthropic — model inference via the Claude API (your BYOK plus our Haiku key for intent classification).
• Google Cloud (GCP) — Cloud Run hosting, Secret Manager, logging, and scheduled jobs.
• Neon — managed Postgres database.
• WorkOS — authentication (AuthKit) and organization management.
• Stripe — payment processing and subscription billing.
• Slack, GitHub, Jira, Linear — trigger sources and PR targets that you explicitly connect.
• Intercom — customer support (only when you start a conversation).

We may also disclose information if required by law or to protect the rights, safety, or property of Ryven, our users, or the public.

Account, workspace, and task records are retained for as long as your workspace is active. You can request deletion at any time. When a workspace is deleted, we remove workspace data within 30 days, except where we are required to retain records (e.g., invoices) for legal or accounting purposes. Sandbox disks are discarded at the end of each task run; only the structured task log survives.

We encrypt data in transit with TLS and encrypt sensitive credentials at rest with AES-256-GCM keys derived from a server-side session secret via HKDF. Access to production systems is limited to the engineers who need it. No system is perfectly secure — if you believe you have found a vulnerability, please email [email protected].

Depending on where you live, you may have the right to access, correct, export, or delete personal information we hold about you, and to object to or restrict certain processing. To exercise any of these rights, email [email protected]. We will respond within the time required by applicable law.

Ryven is operated from the United States. If you access the Service from outside the U.S., your information will be transferred to, stored, and processed in the U.S. and other countries where our sub-processors operate.

The Service is not directed to children under 16, and we do not knowingly collect personal information from them.

We may update this Privacy Policy from time to time. Material changes will be announced by email or in-app notice. Continued use of the Service after the effective date constitutes acceptance of the updated policy.

Questions or requests? Email [email protected] or visit our support page.