Privacy Policy

Introduction

This privacy policy explains how Ruvia ("we", "us", or "our") collects, uses, and protects your information when you use our email automation service. This policy is hosted on our verified domain and will be updated as our practices evolve.

Information We Collect

  • Email address and basic profile information (via Clerk authentication)
  • Gmail account access and email data when you connect your account
  • Usage data related to your configured workflows (e.g., threads, drafts, automated responses)
  • Payment information (processed by Stripe; we do not store full card details)

Google User Data

When you connect your Gmail account, we access and process the minimum data necessary to provide the service:

  • Basic profile information (email address, name)
  • Email message metadata (sender, recipient, subject, timestamps, message/thread IDs)
  • Email message content (body text and, when applicable, attachments) required to generate or send replies and execute workflows
  • Drafts and threads as needed for automation workflows

Storage of inbound messages. To power workflow history, context for reply generation, and troubleshooting, Ruvia stores inbound email bodies (and, if required by a user action or workflow, attachment content) in our database. Data is encrypted at rest and access is restricted to authorized services and personnel with a legitimate need (role-based access).

We use Google user data solely to provide, maintain, and improve the functionality of Ruvia for the requesting user. We do not sell Google user data to third parties, and we transfer it only as necessary to provide the functionality of the app.

Prohibited Use of Google User Data

We do not use Google user data to develop, improve, or train generalized artificial intelligence (AI) or machine learning (ML) models. Any AI processing performed by Ruvia (including via service providers such as OpenAI) is applied on a per-request basis solely to provide functionality directly to the requesting user. Google user data is not retained or reused to train generalized systems.

How We Use Your Information

  • To provide and maintain our email automation service and user-configured workflows
  • To process your payments and manage your subscription
  • To communicate with you about your account and service updates
  • To improve service quality (e.g., reliability, latency, and user experience); not to train generalized AI/ML models on Google user data

How We Share Google User Data

Google user data is never shared for advertising or marketing purposes. Limited processing may occur with trusted providers strictly to deliver the requested functionality:

  • OpenAI – Used to generate suggested replies for the requesting user. Gmail content processed by OpenAI is not used to train generalized AI/ML models.

The following vendors do not receive Google user data:

  • Clerk – Authentication only (no Gmail content)
  • Stripe – Billing only (no Gmail content)

Third-Party Services

We use the following services to operate Ruvia:

  • Clerk – User authentication
  • Stripe – Payment processing
  • Google Gmail API – Email integration
  • OpenAI – Per-request AI generation for suggested replies

Data Security

We implement industry-standard security measures to protect your data, including:

  • Encryption of data in transit and at rest
  • Strict role-based access controls and authentication
  • Regular security reviews and updates
  • Administrative, technical, and organizational safeguards appropriate to the data we process

Data Retention & Deletion

We retain user data only for as long as necessary to deliver and maintain our service. This includes storage of inbound email bodies and, where applicable, attachment content to support workflow execution, reply context, auditability, and troubleshooting. Certain metadata (such as account identifiers, workflow configuration, message IDs, and usage records) may be stored in our database to ensure correct functionality and automation. Users may revoke access or request deletion of their data at any time by contacting us. When access is revoked, all associated user data is permanently removed from our systems within 30 days.

Withdrawing Gmail Access

You can revoke Ruvia’s access to your Google account at any time from your Google Account permissions settings. After revocation, we complete deletion of associated user data within the retention window described above.

Your Rights

Depending on your location, you may have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion of your data
  • Export your data
  • Withdraw Gmail access consent

Contact Us

If you have questions about this privacy policy or your data, please contact us at ruvia.mail@gmail.com.

Updates to This Policy

We may update this privacy policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the effective date below.

Last updated: 9/13/2025