This page outlines our data privacy practices, including how we handle data, ensure compliance, and offer control to users.
Rayven.io Privacy Practices
1. Introduction
At Rayven.io, we prioritize your privacy and the security of your data. This page outlines our data privacy practices, including how we handle data, ensure compliance, and offer control to users.
2. GDPR Compliance
- Data Processing Agreement (DPA): Included as part of our Terms of Service.
- Standard Contractual Clauses (SCCs): We follow the latest standards for data handling set by the European Commission.
- Sub-Processors: Rayven.io audits all authorized sub-processors to ensure compliance with GDPR.
GDPR for Self-Hosted Users
If you self-host Rayven.io, you are responsible for implementing your own GDPR-compliant policies and handling data deletion requests.
3. Data Collection Practices
What We Collect
- Workflow execution metadata (excluding payload data).
- Performance metrics for optimization.
- Diagnostic information for troubleshooting issues.
What We Don’t Collect
- Sensitive or personal data from workflows.
- Credential values or private keys.
- Output data processed within workflows.
4. User Access and Control:
- Purpose: This section emphasizes the platform’s capability to manage permissions and user access effectively. It also highlights features like audit logs and self-service data management.
- Why it Matters: Enterprise customers often require precise control over user roles and actions. This section builds trust by showing that Rayven.io offers role-based permissions, action tracking, and user control over their data, improving governance and security.
5. Incident Management and Reporting
- Incident Response Plan: Defined procedures for managing data breaches.
- Reporting Security Incidents: Contact us at support@rayven.io.
- Data Pruning: Configure automatic data pruning using environment variables to minimize manual handling.
6. AI and Data Governance
- AI Features: Rayven.io offers AI-powered recommendations integrated directly into dashboards.
- User Control: Users must opt-in to enable AI features.
- Privacy: We never use customer data to train external AI models, and all processed data is deleted within 30 days.
7. Cloud vs. Self-Hosted Data Management
Cloud Version
- Logs and workflow data retained per account settings.
- Guaranteed availability through our Service Uptime SLA.
Self-Hosted Version
- Full control over data and infrastructure.
- Custom retention policies based on business needs.
8. Payment Processing
- Stripe Integration: Secure payment processing via PCI-compliant systems.
- No Payment Data Storage: Rayven.io does not store payment method details.
9. Tata Encryption Standards:
- Purpose: This section highlights the encryption methods Rayven.io uses to protect data both in transit (when it moves across systems) and at rest (when stored in databases).
- Why it Matters: Encryption ensures that data is secure from unauthorized access, even if intercepted or compromised. This is essential for customers concerned about data breaches and compliance with standards like GDPR.
10. Retention and Deletion of Personal Data
Cloud Version
- Customer data is retained until deleted by the user or upon account closure.
- Internal logs are retained for up to 90 days for security investigations.
Self-Hosted Version
- Users are responsible for defining their own data retention policies.
11. Documentation and Cookie Policies
- Cookies: Used to track preferences and improve documentation.
- Session Data Retention: Stored for 30 days to enhance services.
- Cookie Settings: Manage your preferences.
12. Sustainable Use License
- Terms of Use: Ensures fair access to the platform’s resources.
- Data Retention: Customizable execution log retention policies for optimal performance.
13. Was this Page Helpful?
Let us know if you found this page helpful by submitting feedback here.