Privacy Policy
Last updated: June 23, 2026
This Privacy Policy explains how siameur, Inc., a Delaware corporation (“InvestGPT,” “we,” “us,” or “our”), collects, uses, and discloses personal information when you use the InvestGPT website at rivonai.com and related services (the “Service”). The Service is intended for users in the United States. If you are a California resident, please see the “Your California Privacy Rights” section below.
1. Information We Collect
We collect the following categories of personal information, mapped to the categories defined under California law:
- Identifiers and account information: the email address and password you use to register, email-verification status, and a unique account identifier.
- Your inputs and conversations: the questions, prompts, and other content you submit, and the conversation history and outputs associated with your account.
- Commercial information: your subscription tier and status, credit balance and transaction history, and records of features you use.
- Internet and usage activity: log data, pages and features accessed, requests made, and similar analytics and diagnostic information.
- Device and connection data: IP address, browser type, device and operating-system information, and approximate location derived from IP address.
- Payment information: when you subscribe or buy credits, payment details are collected and processed directly by our payment processor, Stripe. We do not collect or store your full payment-card number; we may receive limited information such as card brand, the last four digits, expiration date, and transaction status.
- Communications: messages you send to our support or other inquiries.
- Inferences: inferences we may draw from the above to operate and improve the Service.
Please do not submit sensitive personal information (such as financial- account numbers, government identifiers, or health information) into the Service that is not necessary for your research questions.
2. Sources of Personal Information
- directly from you, when you register, communicate with us, or use the Service;
- automatically, through your use of the Service (logs, cookies, and similar technologies); and
- from our service providers, such as our payment processor (Stripe) and anti-abuse providers.
3. How We Use Your Information
- to provide, operate, secure, and maintain the Service and your account;
- to generate responses to your inputs and deliver the features you request;
- to process payments, subscriptions, and credits, and to detect and prevent fraud and abuse;
- to verify your email, authenticate you, and communicate with you about the Service;
- to analyze usage and to develop, improve, and troubleshoot the Service;
- to send you administrative and, where permitted, marketing communications (you can opt out of marketing); and
- to comply with law and enforce our Terms.
4. AI Processing of Your Inputs
To generate analysis and responses, your inputs are processed by third-party artificial-intelligence and large-language-model providers acting as our service providers. These providers are contractually limited to processing your inputs on our behalf to provide the Service and are prohibited from using your inputs to train or improve their own models and from selling or sharing them. We do not sell or share your inputs, and we do not use your inputs to train third-party models. Because of this, this processing is not a “sale” or “share” under California law.
5. How We Disclose Information
We disclose personal information only to the following categories of recipients, for the business purposes described above:
- Service providers, including AI/LLM providers (to generate responses), our payment processor (Stripe), email-delivery providers, hosting and infrastructure providers, analytics providers, and anti-abuse/bot-mitigation providers — each bound to use the information only to provide services to us;
- legal and safety recipients, when required by law, subpoena, or legal process, or to protect the rights, safety, or property of InvestGPT, our users, or others; and
- in a business transaction, such as a merger, acquisition, or sale of assets, subject to this Policy.
We do not sell your personal information, and we do not share it for cross-context behavioral advertising (as those terms are defined under California law).
6. Cookies, Analytics, and Tracking
We use cookies and similar technologies for essential functions (such as keeping you signed in) and for analytics to understand and improve usage. You can control cookies through your browser settings; disabling some cookies may affect functionality. Because we do not use personal information for cross-context behavioral advertising, we do not “sell” or “share” it and there is nothing to opt out of in that respect; we nonetheless honor recognized opt-out preference signals, such as the Global Privacy Control (GPC), where applicable.
Do Not Track
Some browsers send “Do Not Track” signals. Because there is no industry standard for responding to them, the Service does not currently respond to Do Not Track signals.
7. Payments and PCI
Subscription and credit payments are processed by Stripe, a PCI-DSS Level 1 certified payment processor. Your card details are provided directly to Stripe and are governed by Stripe’s privacy policy. We do not collect or store full payment-card numbers.
8. Data Retention
We retain personal information for as long as your account is active and as needed to provide the Service, and thereafter only as long as reasonably necessary to fulfill the purposes described in this Policy, comply with our legal obligations, resolve disputes, and enforce our agreements. Retention periods vary by data type and the reason we hold it; for example, account and transaction records are kept longer to meet financial and legal obligations, while diagnostic logs are kept for shorter periods. We do not retain personal information longer than reasonably necessary.
9. Data Security
We use reasonable administrative, technical, and organizational measures designed to protect personal information. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.
10. Your California Privacy Rights (CCPA/CPRA)
If you are a California resident, the California Consumer Privacy Act, as amended, gives you the following rights regarding your personal information:
- Right to know / access the categories and specific pieces of personal information we have collected, the sources, the business or commercial purposes, and the categories of third parties to whom it was disclosed;
- Right to delete personal information we have collected, subject to legal exceptions;
- Right to correct inaccurate personal information;
- Right to opt out of the sale or sharing of personal information — we do not sell or share personal information, so there is nothing to opt out of;
- Right to limit the use and disclosure of sensitive personal information — we do not use or disclose sensitive personal information beyond the purposes permitted by law; and
- Right to non-discrimination for exercising your privacy rights.
How to exercise your rights
You may submit a request by emailing privacy@rivonai.com or by contacting us through the support options in the Service. To protect your information, we will take steps to verify your identity before fulfilling a request, and we may decline a request where we cannot verify it or where an exception applies. You may use an authorized agent to submit a request on your behalf with proper authorization. We will not discriminate against you for exercising your rights.
11. California “Shine the Light”
California Civil Code §1798.83 permits California residents to request information about disclosures of personal information to third parties for those third parties’ direct marketing purposes. We do not disclose personal information to third parties for their own direct marketing, so no such disclosures occur.
12. Children’s Privacy
The Service is not directed to children, and you must be at least 18 to use it. We do not knowingly collect personal information from children under 13. If we learn that we have collected personal information from a child under 13, we will delete it. If you believe a child has provided us information, contact privacy@rivonai.com.
13. Marketing Communications
We may send you promotional emails about the Service. You can opt out at any time by following the unsubscribe link in those emails or by contacting us; we will honor opt-out requests as required by the CAN-SPAM Act. We may still send you non-promotional, transactional messages, such as account and security notices.
14. Users Outside the United States
The Service is intended for users in the United States and is operated from and hosted in facilities that may be located in the United States and other countries. If you access the Service from outside the United States, you understand that your information may be processed in the United States and other jurisdictions whose data-protection laws may differ from those of your location.
15. Changes to This Policy
We may update this Privacy Policy from time to time. We will post the updated version with a new “Last updated” date and, for material changes, provide additional notice as required by law. We review this Policy at least once every twelve (12) months. Your continued use of the Service after changes take effect constitutes acceptance.
16. Contact Us
For privacy questions or to exercise your rights, contact:
siameur, Inc.
c/o Legalinc Corporate Services Inc.
131 Continental Dr, Suite 305
Newark, DE 19713, USA
privacy@rivonai.com