Privacy Policy

Last updated: March 1, 2026

1. Information We Collect

We collect information in the following ways:

  • Account information: Name, email address, and organization details when you create an account.
  • ERP data: Transaction records, invoices, purchase orders, shipment data, and related business data synced from your Oracle NetSuite instance through our Databricks pipeline.
  • Usage data: How you interact with the Service, including pages visited, features used, and queries made.
  • Device information: Browser type, operating system, and IP address.

2. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and maintain the Service.
  • Process and display your ERP data through visualizations, analytics, and automated rule detection.
  • Power the AI assistant to answer queries against your live data.
  • Send service-related notifications and updates.
  • Monitor and improve the performance and reliability of the Service.
  • Respond to your requests and support inquiries.

3. Data Sharing

We do not sell your personal information or ERP data. We may share data with:

  • Service providers: Third-party vendors who assist in operating the Service, including cloud infrastructure and data pipeline providers, subject to confidentiality obligations.
  • Legal requirements: When required by law, regulation, or legal process.
  • Business transfers: In connection with a merger, acquisition, or sale of assets, your data may be transferred as part of the transaction.

4. Cookies

We use essential cookies to maintain your session and authentication. We may also use analytics cookies to understand how the Service is used. You can control cookie preferences through your browser settings.

5. Data Retention

We retain your account information for as long as your account is active. ERP data is retained for the duration of your subscription and deleted within 90 days of account termination, unless a longer retention period is required by law. You may request earlier deletion by contacting us.

6. Data Security

We implement industry-standard security measures to protect your data, including encryption in transit and at rest, access controls, and regular security assessments. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.

7. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal information we hold about you.
  • Request correction of inaccurate information.
  • Request deletion of your personal information.
  • Object to or restrict certain processing of your data.
  • Request a portable copy of your data.

To exercise these rights, contact us at privacy@theriver.dev.

8. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page with a revised date. Your continued use of the Service after changes constitutes acceptance of the updated policy.

9. Contact

If you have questions about this Privacy Policy, please contact us at privacy@theriver.dev.