Privacy Policy

Welcome to Rilev ("we," "us," or "our"). We believe that true mental clarity requires total honesty, and total honesty requires absolute privacy.

Rilev is a self-awareness and personal development platform built on an anonymous account system. We do not require your name or email address to use the core Service. Your account is identified by a unique, non-identifying Access Key-based credential.

This Privacy Policy explains what data we collect, how we use it, how we share it, and your choices.

A. Anonymous Account Data

We provide the Service using an anonymous account system. We do not require your name or email address to use the core Service. Your account is identified by a unique, non-identifying Access Key-based credential.

B. Assessment & Report Data

When you complete assessments, your raw questionnaire responses are processed primarily on your device. We receive and store derived outputs needed to provide the Service (for example, scale scores, subscale scores, normalized scores, confidence signals, reports, and derived insights). We do not use item-level responses as the ordinary server-side assessment record. Derived outputs are stored under your anonymous account identifier.

C. Account Recovery Data (if enabled)

If you enable account recovery, we collect and store the recovery factors you provide (for example, security question/answer or authenticator/app-based verification) in a protected form to help you regain access to your anonymous account.

D. Device & Usage Data

We collect limited technical and usage information needed to operate, secure, and improve the Service (for example, device/app version, basic event telemetry such as feature usage, and performance/crash data).

E. Cookies / Local Storage (Web)

We use cookies or local storage to support core functions (for example, session management) and to store referral or promotional code state when applicable.

Assessment Session Backup: While you are actively completing an assessment session, your in-progress answers are temporarily saved to your browser's IndexedDB storage as a resumability backup. This allows you to resume where you left off if your browser closes or the page reloads mid-session. This temporary data:

• Contains only numeric questionnaire responses (e.g., scale ID + integer answer value) — no names, emails, or directly identifying information
• Is stored only on your device and is never transmitted to our servers as raw response data
• Is automatically cleared when you complete the session, or when you explicitly exit without saving

F. Apple Health / HealthKit Data (Optional)

If you choose to connect Apple Health/HealthKit, we collect only the categories you explicitly authorize. You can turn these permissions off at any time in your device settings (iOS Settings / Apple Health). We use this data only to provide and improve the Service features you request (for example, wellness tracking and trend insights). We do not use HealthKit data for advertising, marketing, or data brokerage, and we do not sell HealthKit data.

G. IP Addresses & Infrastructure Logging

Our application code does not store IP addresses as user profile data or analytics identifiers. However, our hosting, CDN, database, and cloud infrastructure providers, including Vercel and Google Cloud/Firebase, may automatically process IP addresses, request timestamps, user-agent information, and similar technical metadata for security, abuse prevention, debugging, rate limiting, and network operations. These logs are controlled by those infrastructure providers under their own policies and contracts and are outside of Rilev's application-level control.

Rilev does not access these infrastructure logs to identify individual users. We do not link IP addresses to your anonymous account, assessment data, or any other user-facing information. These infrastructure logs cannot be used to re-identify you through Rilev because we have no mechanism to correlate an IP address with an anonymous account credential.

We use the data we collect to:

• Provide the Service and generate your reports and exports;
• Maintain account access and account recovery;
• Protect the security and integrity of the Service (e.g., preventing abuse and fraud);
• Improve and develop the Service, including improving report quality and developing new features.

We may create and use de-identified and/or aggregated data derived from your use of the Service (including assessment responses, scale scores, derived metrics, and—if you enable them—device/telemetry signals). We use this data to:

• Improve and quality-test our scoring, interpretation, and report generation;
• Build population benchmarks and normalization curves;
• Evaluate reliability, calibration, and drift over time;
• Develop and improve statistical models and internal analytics.

We take steps designed to ensure de-identified/aggregated data does not reasonably identify you. However, no de-identification method can guarantee zero re-identification risk in every circumstance.

We share data only as needed to operate the Service, such as with:

• Service Providers

  Hosting, database, monitoring, analytics, and customer support tools that process data on our behalf under contractual protections.

• Payment Processors

  Payments are processed by third-party processors (e.g., Stripe, Apple, or platform partners). We do not store full payment card numbers. We may receive limited transaction metadata (such as payment status, timestamp, and product purchased) to provide access and handle fraud/chargebacks. We are designed to minimize linkage between payment records and assessment content.

• Legal / Safety

  If required to comply with law, enforce our terms, or protect users and the Service.

With Clinicians (If You Choose)

If you choose to share your results with a therapist, Rilev still does not know your identity. You are moving from an anonymous environment to a confidential health environment managed by your chosen professional:

• You initiate the share manually from within your account.
• You will be asked to confirm which results to share and with whom.
• Your identity remains unknown to Rilev — the professional's knowledge of your identity is governed by their own privacy practices and healthcare laws (e.g., HIPAA, PIPEDA).
• We do not have a "backdoor" to send your data to any third party without your explicit authorization.

ChatGPT / AI App Connections

If you choose to connect Rilev to ChatGPT, Rilev creates a limited, revocable OAuth authorization that allows ChatGPT to request read-only Rilev context for up to 30 days. This connection is optional and must be approved by you on Rilev.com.

• ChatGPT does not receive your Rilev Access Key.
• Rilev shares only de-identified self-understanding context: the canonical 69-outcome structure, derived outcome and scale numbers, labels, and safe non-diagnostic explanations.
• Item-level responses are not stored by Rilev and cannot be retrieved through this connection.
• Rilev anonymous individual accounts do not ask for or store name, email, phone, address, date of birth, or other real-world identity details, so there is no identity information for ChatGPT to receive from Rilev.
• Psychological, medical, diagnosis, and treatment records are not created or stored by the app and are not available through this connection.
• The v1 ChatGPT connection is read-only and cannot update your Rilev profile, administer assessments, collect answers, share reports, change billing, or perform write actions.
• You can revoke access anytime from Connected AI Apps.
• After 30 days, the connection expires unless you reconnect on Rilev.com.

Active Accounts: Your account data and reports are retained for as long as your account remains active, unless you delete it or request deletion (where applicable).

De-identified/Aggregated Data: De-identified/aggregated data may be retained longer because it is used to improve the Service and does not directly identify you.

Deletion: To delete your data:

• In-App Deletion: Log in with your account credentials and use the "Delete My Data" feature. This action is immediate and irreversible.
• Via Report Code: Your results include a Report Reference Code (e.g., #8X92-LP). If you've lost access to the app but saved this code, email us at privacy@Rilev.com with the code and we will delete the associated data.

Legal & Safety Record Retention

When you delete your account, the following anonymized records are retained for legal and safety compliance:

• Consent records — proof that you agreed to terms before participating
• Assessment audit trail — verification that the assessment workflow executed correctly
• Crisis safety logs (if any were generated) — proof that safety protocols were followed when crisis indicators were detected

Provider and Infrastructure Retention

Service providers may retain limited operational logs, security logs, payment records, support messages, email delivery records, subscription records, or backup copies according to their own retention schedules and legal obligations. We minimize what is sent to providers and avoid using direct identifiers in the individual experience unless you choose to provide them or they are required for a requested feature.

You may withdraw consent or request deletion of your data at any time, subject to legal and operational limitations. If you withdraw consent or delete your account, we will stop collecting and using your personal information for the withdrawn purposes, and we will inform you of any consequences (for example, inability to provide the Service or recover your account).

HealthKit Permissions

You can revoke HealthKit permissions at any time in iOS Settings / Apple Health, and the Service will stop accessing HealthKit data. Your Apple HealthKit and Google Fit data will NEVER be used for marketing, advertising, or sold to data brokers under any circumstances.

U.S. State Privacy Rights (CCPA/CPRA)

Do Not Sell or Share My Personal Information: Rilev does not sell, share, or rent your personal information to third parties for monetary or other valuable consideration. We do not use your data for cross-context behavioral advertising.

If you are a California resident, you have the right to:

• Know what personal information we collect and how it is used
• Delete your personal information (subject to legal retention exemptions)
• Opt-out of any sale or sharing of personal information (we do not sell or share, so no opt-out is necessary)
• Non-discrimination for exercising your privacy rights

To exercise these rights, use the "Delete My Data" feature in-app or contact privacy@rilev.com.

EU/UK Residents (GDPR)

Our lawful basis for processing is contract performance (delivering your assessment). You have the right to access, rectify, erase, restrict processing, data portability, and object — all exercisable via your account credentials or by contacting privacy@rilev.com.

We employ industry-standard security measures to protect your data:

• Encryption: All data is encrypted in transit (TLS 1.3) and at rest (AES-256).
• Access Control: Data is accessible only through your anonymous account credential.
• Anonymous Architecture: Your identity and your health data exist in separate, link-minimized systems.
• Hosting and Processing Locations: The Service uses cloud and infrastructure providers including Vercel and Google Cloud/Firebase. Core database data may be configured for Canadian infrastructure where available, while hosting, security, support, payments, email, app-store, and AI providers may process limited data in Canada, the United States, or other countries where they operate.

Inside the Assessment Application, Rilev does not:

• Log your IP address — IPs are transiently hashed in memory for rate limiting and immediately discarded.
• Fingerprint your device — we do not collect screen resolution, installed fonts, canvas hashes, or any other browser fingerprinting signals.
• Run ad networks or tracking pixels — no Meta Pixel, TikTok Pixel, Google Ads tag, or similar retargeting scripts.
• Use third-party analytics — no Google Analytics, Mixpanel, Amplitude, or behavioral tracking inside the app.

• Public Website: We use only first-party analytics (self-hosted counters stored in our own database) to understand which pages visitors see. No third-party analytics scripts, cookies, or tracking pixels are loaded on any page.
• Assessment Application (Private App): Once you enter the assessment, all analytics are disabled. No behavioral tracking, no retargeting pixels, no third-party scripts that could associate your identity with your mental health data.

Referral & Discount Attribution

If you arrive via a referral link or use a discount code, we may use cookies or similar technologies to attribute the referral (e.g., to apply special pricing and to calculate partner commissions). This attribution does not require us to collect your name or email.

We use the following third-party services:

These services operate independently and have their own privacy practices. In the individual experience, our architecture is designed so we do not provide direct identity details together with assessment content unless you choose a feature that requires that disclosure.

Rilev is intended for users 18 years of age or older. We do not knowingly collect data from anyone under 18. If you are under 18, please do not use this service. If we learn that we have inadvertently collected data from a minor, we will delete it promptly.

Rilev is operated from Canada and uses service providers that may process data in Canada, the United States, and other countries where they operate. This may include hosting, infrastructure, security, payments, email, app-store subscriptions, support, and AI providers. When data is processed outside your province or country, it may be subject to the laws of that jurisdiction.

We use contractual, technical, and organizational safeguards intended to protect information consistent with this Privacy Policy. Our architecture also helps keep identity decoupled from assessment data in the individual experience.

If we become aware of a security incident involving personal information under our control, we will assess the nature and sensitivity of the information, the probability of misuse, and whether there is a real risk of significant harm. Where legally required, we will notify affected users, regulators, privacy commissioners, service providers, or other parties.

Because individual Rilev accounts are designed to be anonymous and may not include contact information, notices may be provided through in-app messages, website notices, or other available channels unless we have a direct contact method for the affected person.

We may update this privacy policy from time to time. If we make significant changes that affect your privacy rights, we will post a prominent notice on our homepage.