Privacy Policy
Last updated:
This Privacy Policy describes how CODE SQUARE LTD
("we", "us", "our") handles your information when you use
Rively ("the app"). We respect your privacy and
are committed to protecting it. If you do not agree with this
policy, please do not use the app.
1. Who we are
Rively is operated by CODE SQUARE LTD, a company
registered in England and Wales (Companies House #15573592). For
any privacy question, contact us at
help.rively@outlook.com.
2. What information we collect
We collect only what we need to provide the app's features:
-
Account data — when you sign in with Apple or as
an anonymous guest, we store a unique user identifier, the display
name and handle you choose, and any optional profile photo you
upload. If you sign in with Apple and choose Apple's "Hide my
email" option, we only ever see the private relay address Apple
generates — never your real email.
-
Drive data — when you record a drive, the app
captures GPS location samples (lat/lng + timestamp), distance,
duration, speed, and a smoothness score derived from these.
Locations are processed locally on your device and only sent to
our servers if you choose to make the drive visible to friends.
-
Social data — friend requests, comments, story
posts, reactions, and views. This is the content you create with
the app.
-
Photos + camera — only when you choose to attach
a photo to a drive recap or upload a profile picture. We ask for
camera access (live capture) and photo library access (pick an
existing photo) at the moment you tap those buttons; we never
scan or upload any photo you didn't explicitly hand to us.
-
Device + diagnostics — anonymous crash reports
via Sentry (no IP, no PII), in-app event logs limited to errors
you and we can both see.
-
Purchase data — when you subscribe to Rively
Pro ($39.99 USD / year or $9.99 USD / month, with a 7-day free
trial on first purchase — pricing is uniform worldwide,
currency-converted only), Apple processes the payment. We
receive an opaque receipt identifier and your subscription
status from Apple via RevenueCat — never your payment method,
card number, or billing address.
3. How we use it
- To record, sync and show your drives across your devices.
- To let you build a friend graph and share drives with them.
- To compute Smooth Score, streaks, achievements, leaderboards.
- To send transactional and (opted-in) reminder push notifications.
- To diagnose crashes and fix bugs.
- To process subscriptions and unlock Pro features.
4. Who we share it with
We do not sell your data and we do not share it
with advertisers. We use a small number of trusted processors,
each contracted to use the data only to provide their service to
us:
- Supabase — database + storage (EU region).
- RevenueCat — subscription state management.
- Apple Push Notification service — push delivery.
- Mapbox — map tile rendering (we send anonymous tile coordinates).
- Sentry — crash + error reporting (PII off).
- Expo — push token brokering.
5. How long we keep it
- Stories — 24 hours from posting, then auto-deleted server-side.
- Drives, friends, profile — until you delete your account.
- Crash reports — 30 days, then auto-purged by Sentry.
- Subscription receipts — for as long as the subscription is active + 1 year for tax compliance.
6. Your choices and rights
Under UK GDPR / EU GDPR / California CCPA / Türkiye KVKK and other
applicable laws, you have the right to:
- Access — request a copy of your data.
- Correct — edit your name, handle, photo any time from Settings → Profile.
- Delete — Settings → Delete account permanently removes every row tied to you, including Storage files. If you signed in with Apple, we also call Apple's
/auth/revoke endpoint on your behalf so Rively disappears from your "Apps using your Apple ID" list in iOS Settings.
- Export — email help.rively@outlook.com for a JSON export.
- Restrict / object — disable per-channel push, switch all toggles off, or sign out without deleting.
- Withdraw consent — for anything we asked permission for (location, notifications) via iOS Settings.
7. Children
Rively is intended for users aged 13+ (16+ in EU territories where
required). We do not knowingly collect data from children under
these ages. If you believe a child has signed up, contact
help.rively@outlook.com and we
will remove the account.
8. Security
Data in transit uses TLS 1.2+. Data at rest is encrypted by our
processors. Database access is gated by Row-Level Security — a
user can only read their own rows + the public rows of their
friends. Service-role credentials never ship in the app binary.
9. International transfers
Our servers are primarily in the EU (Supabase eu-central-1).
Apple, RevenueCat, Sentry and Mapbox may process data in the US
under Standard Contractual Clauses.
10. Changes to this policy
We will update this page when our practices change and bump the
"Last updated" date at the top. If the change is material we will
surface it in-app on next launch.
11. Contact
Privacy questions, deletion requests and complaints:
help.rively@outlook.com.
© CODE SQUARE LTD — Companies House #15573592 — Registered in England and Wales