Privacy Policy

Rivalert - Competitor Monitoring Platform

Effective Date: November 27, 2025

Last Updated: January 4, 2026

Privacy Summary

This Privacy Policy describes how Rivalert collects, uses, and protects your information. Here are the key points:

  • We do not sell your personal information
  • Your data is stored securely on AWS infrastructure (US)
  • You can delete your data at any time
Compliant with:GDPRCCPA

1. Information We Collect

We collect different categories of information depending on how you interact with our Service:

1.1 Account Information

When you create an account, we collect:

  • Email Address: Used for authentication and communications
  • Password: Securely hashed and stored
  • Account Preferences: Your notification settings and preferences

1.2 Usage Information

When you use our Service, we automatically collect:

  • The competitors you choose to track
  • Your alert configurations and preferences
  • How you use your monthly credit allocation
  • Which features you use and how often

1.3 Competitor Data

When monitoring competitors, we collect publicly available information:

  • Product listings and prices
  • Product availability and stock status
  • Collection and category information
  • Publicly displayed store metadata

This data is sourced from publicly accessible pages and stored in association with your account.

1.4 Payment Information

Payment processing is handled by our payment processor. We do not store your credit card information. We receive:

  • Subscription status and plan information
  • Transaction history and billing dates
  • Billing email address

1.5 Technical Information

We automatically collect certain technical information:

  • Browser type and version
  • Device type and operating system
  • Referral source

2. How We Use Your Information

We use the collected information for the following purposes:

  • Service Provision: To provide, maintain, and improve our competitor monitoring services
  • Account Management: To create and manage user accounts, authenticate users, and provide support
  • Alerts and Notifications: To send you alerts when competitor changes match your configured rules
  • Payment Processing: To process transactions and manage subscriptions
  • Communications: To send service updates, security alerts, and support messages
  • Analytics: To understand usage patterns and improve our Service
  • Legal Compliance: To comply with legal obligations and enforce our terms

3. Analytics, Cookies, and Tracking

We use analytics tools to understand how our Service is used and to improve our marketing efforts:

3.1 Google Analytics

We use Google Analytics 4 to understand how visitors interact with our website. Google Analytics collects:

  • Pages visited and time spent on pages
  • Device and browser information
  • Geographic location (country/city level)
  • Referral sources (how you found us)
  • Interactions with site features

We have enabled IP anonymization in Google Analytics. You can opt out of Google Analytics by using the Google Analytics Opt-out Browser Add-on.

3.2 Google Ads

We use Google Ads conversion tracking to measure the effectiveness of our advertising campaigns. This helps us understand which ads lead to sign-ups and purchases. Google Ads may use cookies to:

  • Track conversions from ad clicks
  • Enable remarketing to show relevant ads
  • Measure ad performance

3.3 Reddit Pixel

We use the Reddit Pixel to measure the effectiveness of our advertising campaigns on Reddit. The Reddit Pixel helps us understand which ads lead to sign-ups and purchases. Reddit may use cookies and similar technologies to:

  • Track conversions from Reddit ad clicks and views
  • Measure ad performance and attribution
  • Enable remarketing to show relevant ads on Reddit
  • Collect device and browser information

The Reddit Pixel only activates if you have consented to marketing cookies. You can learn more about Reddit's privacy practices in the Reddit Privacy Policy. You can also opt out of Reddit interest-based advertising through your Reddit privacy settings.

3.4 Plausible Analytics

We use Plausible Analytics as a privacy-first, cookieless analytics tool. Unlike traditional analytics services, Plausible:

  • Does not use cookies or local storage
  • Does not collect personal data or IP addresses
  • Does not track users across websites
  • Provides only aggregate statistics (page views, referral sources, device types)

Because Plausible is designed to be privacy-compliant by default, it operates without requiring cookie consent under GDPR and ePrivacy regulations. You can learn more about Plausible's privacy practices in the Plausible Data Policy.

3.5 Cookie Consent

When you first visit our website, you will see a cookie consent banner that allows you to:

  • Accept all cookies
  • Reject non-essential cookies
  • Customize your preferences for analytics and marketing cookies

You can change your cookie preferences at any time by clicking the "Cookie Settings" link in the footer of our website.

3.6 Types of Cookies We Use

Essential Cookies (Required)

These cookies are necessary for the website to function. They include authentication cookies to keep you logged in and session cookies for security.

Analytics Cookies (Optional)

Help us understand how visitors use our website by collecting anonymous usage data. These require your consent.

Marketing Cookies (Optional)

Used to track visitors across websites to display relevant advertisements. These require your consent.

4. Data Storage and Security

We implement appropriate technical and organizational measures to protect your information.

4.1 Infrastructure Security

  • Cloud Infrastructure: Hosted on Amazon Web Services with industry-standard security
  • Authentication: Secure password hashing and encrypted sessions
  • Encryption: All data transmissions secured with TLS 1.2 or higher
  • Database: Data stored in encrypted database tables
  • Access Controls: Strict access limitations to production systems

4.2 Payment Security

Payment processing is handled by our payment processor:

  • We never receive or store credit card numbers
  • All payment processing is PCI-DSS compliant
  • Financial transactions occur over encrypted connections

4.3 Data Retention

We retain different types of data for different periods:

  • Account Data: Retained for the duration of your account unless you request deletion
  • Competitor Data: Retained based on your subscription plan (Starter: 30 days, Growth: 60 days, Pro: 180 days)
  • Transaction Records: Retained as required by tax and accounting regulations
  • Support Communications: Retained for up to 24 months for service quality purposes

5. Data Sharing and Third-Party Services

We do not sell, trade, or rent your personal information. We share information only in the following circumstances:

5.1 Service Providers

We work with trusted third-party service providers:

  • Amazon Web Services (USA): Cloud infrastructure, authentication, database, and email delivery
  • LemonSqueezy (USA): Payment processing and subscription management (Merchant of Record)
  • Google (USA): Analytics (Google Analytics 4) and advertising (Google Ads)
  • Reddit, Inc. (USA): Advertising measurement and conversion tracking (Reddit Pixel)
  • Plausible Insights OÜ (EU/Estonia): Privacy-first web analytics (no personal data collected)

These providers are contractually obligated to protect your information and use it only for the purposes we specify.

5.2 Legal Requirements

We may disclose your information if required by law or in good faith belief that such action is necessary to:

  • Comply with a legal obligation or court order
  • Protect and defend our rights or property
  • Prevent or investigate possible wrongdoing
  • Protect the personal safety of users or the public

5.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred. We will notify you via email of any change in ownership or uses of your personal information.

6. Your Rights and Choices

You have certain rights regarding your personal information:

6.1 Access and Portability

You have the right to request access to the personal information we hold about you and to receive a copy in a structured, commonly used format.

6.2 Correction

You have the right to request correction of inaccurate personal information. You can update most account information directly through your dashboard.

6.3 Deletion

You have the right to request deletion of your personal information. You can delete your account at any time through the Account tab in your settings page.

6.4 Email Preferences

You can manage your email preferences in your account settings. You may opt out of promotional emails while still receiving essential service communications.

6.5 California Privacy Rights (CCPA)

California residents have additional rights including:

  • The right to know what personal information is collected
  • The right to delete personal information
  • The right to opt-out of the sale of personal information (Note: We do not sell personal information)
  • The right to non-discrimination for exercising privacy rights

6.6 European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), you have additional rights. We process your personal data under the following legal bases:

  • Contract Performance: Processing necessary to provide you with our Service
  • Legitimate Interest: Processing for analytics and service improvement
  • Consent: Processing for marketing communications (where applicable)
  • Legal Obligation: Processing required to comply with applicable laws

Your additional rights under GDPR include:

  • The right to object to processing of your personal information
  • The right to restrict processing
  • The right to withdraw consent at any time
  • The right to lodge a complaint with a supervisory authority

To exercise any of these rights, please contact us at support@getrivalert.com. We will respond to your request within 30 days.

7. Additional Provisions

7.1 International Data Transfers

Rivalert is operated from the Republic of Korea. Your data is stored on servers located in the United States (Amazon Web Services, US-East region). By using our Service, you acknowledge and consent to the transfer of your information to these locations.

We implement appropriate safeguards for international data transfers, including using service providers that maintain adequate data protection standards and security measures consistent with this Privacy Policy.

7.2 Children's Privacy

Our Service is a business-to-business platform intended for use by business owners and professionals. We do not knowingly collect personal information from anyone under the age of 13, in compliance with the Children's Online Privacy Protection Act (COPPA). If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information promptly.

7.3 Third-Party Links

Our Service may contain links to third-party websites. We have no control over and assume no responsibility for the privacy policies of these third parties. We encourage you to review their privacy policies.

7.4 Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. For material changes, we will notify you by email.

7.5 Governing Law

This Privacy Policy shall be governed by and construed in accordance with the laws of the Republic of Korea, without regard to conflict of law principles.

8. Contact Information

If you have any questions about this Privacy Policy or our privacy practices, or if you wish to exercise any of your data protection rights, please contact us:

Data Controller

Service: Rivalert

Operated from: Republic of Korea (South Korea)

Data Storage: United States (AWS)

Privacy Inquiries

Email: support@getrivalert.com

Response Time: We aim to respond within 30 days

For formal data protection requests requiring a physical mailing address, please contact us via email and we will provide the appropriate address.

© 2026 Rivalert. All rights reserved.