Privacy Policy
Last updated: June 14, 2026
1. Who we are
Ryvion ("we", "us") operates ryvion.ai and OrderProof, a service that turns purchase orders merchants receive from their buyers into checked draft orders, each sealed with a signed receipt. We are based in Newfoundland and Labrador, Canada, and we handle personal information in accordance with Canada's federal privacy law (PIPEDA) and applicable provincial law.
Privacy questions and requests: hello@ryvion.ai.
2. Two roles, two kinds of data
Account data — we are responsible for it. When you create an account or contact us, we collect information such as your name, work email, organisation name, and billing details. We decide how this data is used, as described in this policy.
Customer content — we process it for the merchant. Purchase orders that merchants submit to OrderProof can contain personal information about theirbuyers (names, work emails, account numbers). For that data we act as a service provider on the merchant's instructions: the merchant decides why it is collected; we process it only to provide the service. If you are a buyer whose details appear in a merchant's purchase order, the merchant is your first point of contact; we will help them fulfil any privacy request.
3. What we collect
- Account data: name, email, organisation, password (stored as a hash), API keys (stored as a hash — we cannot read your key back).
- Customer content: the purchase-order documents you submit, your catalog, price lists, inventory levels, and the resolution decisions you make.
- Billing data: Shopify-installed OrderProof subscriptions are approved and billed by Shopify; direct or non-Shopify services may use payment processors such as Stripe. We do not store full card numbers.
- Technical data: logs needed to operate and secure the service (timestamps, request metadata, IP addresses), and error reports.
We do not collect more than the service needs, and the public marketing site does not use advertising trackers.
4. How we use information
- To provide the service: extract, match, validate, and execute orders you submit, and seal receipts for them.
- To operate accounts, billing, security, and support.
- To communicate with you about the service.
- To comply with legal obligations.
Automated processing. Order documents are read by automated extraction, including machine-learning models running on infrastructure we operate. We do not use your documents or data to train machine-learning models, and we do not sell personal information. Where extraction confidence is low, the service asks a human — your reviewer — to decide.
Receipts. Receipts are designed for sharing with auditors and counterparties without exposing your data: they contain cryptographic hashes and order references, not document contents.
5. Where data lives, and who helps us run the service
The service is hosted in Canada (Toronto region). We use a small number of service providers to run it:
- Fly.io — application hosting and managed databases.
- Stripe — payment processing for direct or non-Shopify services.
- Sentry — error monitoring for the web application.
- Shopify — app billing for Shopify-installed plans and connected-store API access when you connect your own store; draft orders are created in your store at your direction.
These providers process data only to provide their service to us. Some may process limited data outside Canada (for example, payment or error data in the United States); where they do, contractual safeguards apply.
6. Retention
- Account data: kept while your account is active, then deleted or anonymised within a reasonable period.
- Customer content: kept while your tenancy is active so your resolution history keeps working for you; deleted from active systems after termination, except minimal records we must keep by law.
- Receipts: retained as long as the order record they prove is retained — that is their purpose. They contain hashes, not document contents.
- Logs and error reports: kept for a short operational window, then deleted.
7. Security
- Data is encrypted in transit (TLS).
- Passwords and API keys are stored as one-way hashes.
- Receipts are tamper-evident: changing any sealed fact breaks the signature.
- Access to production systems is limited to those who operate the service.
No system is perfectly secure. If a breach affects your personal information and creates a real risk of significant harm, we will notify you and the Privacy Commissioner as PIPEDA requires.
8. Your rights
You may ask us to access, correct, or delete your personal information, and you may withdraw consent where processing is based on it (this may limit what the service can do for you). Write to hello@ryvion.ai — we respond within the timelines PIPEDA sets. If you are not satisfied, you may complain to the Office of the Privacy Commissioner of Canada.
9. Cookies and similar technologies
The web application stores a sign-in token in your browser's local storage so you stay signed in; it is not used to track you across other sites. The marketing site does not use advertising cookies.
10. Children
The service is for businesses and is not directed to children. We do not knowingly collect children's personal information.
11. Changes to this policy
If we change this policy materially, we will post the new version here and update the date above, and — for significant changes — tell account holders directly.