Privacy Policy

Introduction

River ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use River, an AI-powered inbox that intelligently routes emails and messages to your preferred tools like Obsidian and Google Calendar.

Information We Collect

1. Account Information

When you create a River account, we collect:

• Email address
• Username (chosen by you for your River inbox)
• Phone number (optional, if you choose to use SMS features)
• Authentication credentials managed by Clerk

2. Messages and Content

River processes messages you send to your inbox:

• Email content sent to your River email address (username@notes.river.dev)
• SMS messages sent to your River phone number
• AI classification results (note, event, task, or mixed)
• Processing status and sync metadata

3. Technical Information

To provide our service, we store:

• Message processing status (pending, synced, failed)
• Timestamp and metadata for incoming messages
• OAuth session tokens (temporary, expires after 15 minutes)
• Username and phone number mappings in CouchDB

4. Integration Data

When you connect third-party services, we access data necessary to route your messages:

• Obsidian vault access (via plugin authorization) to sync notes
• Google Calendar API access to create events
• Notion workspace access (when enabled) to create pages

River does not store your messages permanently. Messages are processed, classified by AI, routed to the appropriate destination, and then deleted after successful delivery.

How We Use Your Information

We use your information to:

• Provide and maintain the River inbox service
• Process and route emails and SMS messages to your connected tools
• Classify message content using AI (note, event, task, or mixed)
• Enhance text formatting and create wiki-style links
• Authenticate your identity via Clerk
• Facilitate integrations with Obsidian, Google Calendar, and Notion
• Generate receipt emails showing what actions were taken
• Respond to support requests

Data Storage and Security

Message Processing

River processes messages temporarily:

• Messages are stored in CouchDB during processing
• After successful routing to your destination (Obsidian, Calendar, etc.), messages are deleted
• Each user has an isolated database (river_user_[userId])
• Data is encrypted at rest and in transit

Security Measures

• Authentication is handled by Clerk, an industry-standard auth provider
• All connections use HTTPS/TLS encryption
• User databases are isolated from each other
• CORS is configured to only allow requests from River domains
• OAuth sessions expire after 15 minutes
• API access tokens are securely generated and validated

Third-Party Services

River integrates with the following third-party services:

• Clerk: Authentication and user management
• Fly.io: Cloud hosting for CouchDB database and message processing API
• Cloudflare Pages: Web application hosting and CDN
• Obsidian: Note destination via plugin integration
• Google Calendar: Calendar event creation
• Notion: Optional page creation destination

Each third-party service has its own privacy policy. We recommend reviewing their policies:

• Clerk: https://clerk.com/legal/privacy
• Fly.io: https://fly.io/legal/privacy-policy/
• Cloudflare: https://www.cloudflare.com/privacypolicy/

Data Sharing

We do not sell your data. We only share your information in the following circumstances:

• With your consent: When you authorize integrations like Obsidian or Google Calendar
• For service provision: With infrastructure providers (Fly.io, Cloudflare) necessary to operate River
• Legal requirements: If required by law, regulation, or legal process
• To protect rights: To protect our rights, property, or safety and that of our users

Your Rights

You have the following rights regarding your data:

• Access: You can view your account information and settings through the River dashboard
• Delete: You can request complete account deletion, which will remove all your data
• Correct: You can update your username, phone number, and email preferences at any time
• Revoke access: You can disconnect third-party integrations (Obsidian, Calendar, Notion) from your settings
• Data portability: Your messages are automatically synced to your chosen destinations, giving you full control

Data Retention

• Messages are deleted after successful routing to your destination
• Account information (username, phone number) is retained until you delete your account
• OAuth sessions are automatically deleted after 15 minutes
• After account deletion, your data is permanently removed from our servers within 30 days

AI Processing

River uses AI to enhance your content:

• AI classification to categorize emails and messages (note, event, task)
• Content formatting and wiki-link creation
• Smart date parsing for calendar events
• Your content may be processed by AI services, but is not used to train AI models

Children's Privacy

River is not intended for users under the age of 13. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting a notice on our website or sending you an email. Your continued use of River after changes are posted constitutes acceptance of the updated policy.

Contact Us

If you have questions about this Privacy Policy or your data, please contact us:

• GitHub: https://github.com/dustinlyons/river/issues