Privacy Policy
Last updated: April 18, 2026 · Applies to Riva v1.0.0
Riva stores all your cycle data on your device. Nothing leaves your phone unless you choose to sign in with Google to enable optional cloud sync. We never sell your data, never show ads, and never use analytics or tracking SDKs.
1. Introduction
Riva ("we", "our", "the app") is a menstrual cycle tracking application published by the Riva team. This Privacy Policy explains what data the app handles, what stays on your device, what happens if you opt into cloud sync, and what rights you have over your data.
This policy covers the Riva Android application available on Google Play
(package name com.rivatheflow.riva) and this website. It applies
to version 1.0.0 and onwards, until superseded by a newer version.
2. Two ways to use Riva
Offline mode (default)
When you first install Riva you are not signed into any account. In this mode the app works entirely on-device:
- No data is transmitted off the device.
- No account, email address, or identifier is collected.
- Cycle entries are stored locally in an SQLite database in the app's private storage.
Optional cloud sync (only if you sign in)
Riva includes an optional Google Sign-In button on the login screen. If you choose to sign in, the app uses Google Sign-In and Firebase Firestore (both operated by Google LLC) to back up and synchronize your cycle data across your own devices. This feature is strictly opt-in; the app remains fully functional without it.
3. Data we process
On your device (always)
- Period start dates
- Period duration and cycle length
- Predicted ovulation / fertile window (derived from your entries)
- App preferences (reminder times, notification settings)
This data is stored in app-private storage and is not accessible to other apps on your device. It is never transmitted anywhere as long as cloud sync is off.
When you sign in (optional)
If and only if you sign in with Google, the following data is processed:
- Google account email address - supplied by Google when you sign in.
- Google user ID (UID) - opaque identifier used to tie your cycle data to your account.
- Display name - if provided by Google Sign-In.
- Cycle data listed above - a copy is written to a Firestore document scoped to your Google UID.
This data is transmitted over HTTPS/TLS and stored in Google Cloud (Firebase Firestore). Google acts as our data processor for this storage.
We do not use this data for any purpose other than providing the sync feature. It is never sold, never shared with advertisers, and never used for profiling.
4. Data we do NOT process
- Location data (no location permissions are requested)
- Photos, camera, microphone, or contacts
- Advertising identifiers
- Third-party analytics (no Google Analytics, Firebase Analytics, Mixpanel, Amplitude, etc.)
- Automatic crash reports (no Crashlytics or similar)
- Device fingerprinting or behavioural tracking
- Health data from other apps (no Google Fit, Samsung Health, Apple Health integration)
5. Android permissions used
Riva declares the following permissions in its AndroidManifest.xml.
No other permissions are requested.
Notifications
POST_NOTIFICATIONS,SCHEDULE_EXACT_ALARM,USE_EXACT_ALARM,RECEIVE_BOOT_COMPLETED,VIBRATE- Purpose: deliver local period and ovulation reminders at the times you configure. All reminders are scheduled on-device; no server push notifications are used.
Network
INTERNET,ACCESS_NETWORK_STATE- Purpose: required only for the optional Google Sign-In / Firestore sync path. When you are not signed in, the app does not initiate network traffic for cycle data.
Storage
- Riva does not request
READ_EXTERNAL_STORAGEorWRITE_EXTERNAL_STORAGE. Cycle data is kept in app-private storage that does not require a runtime permission. CSV export uses the system file-picker (Storage Access Framework), which asks you to pick a location each time and needs no storage permission.
6. Third-party services
The only third parties Riva interacts with, and only when you opt into sign-in, are:
- Google Sign-In (Google LLC) - authenticates you using your Google account. Governed by Google's Privacy Policy.
- Firebase Authentication (Google LLC) - manages your auth session with Riva.
- Firebase Firestore (Google LLC) - stores a per-user copy of your cycle data so it syncs across your devices. Governed by the Firebase Privacy and Security information and Google's standard Data Processing Terms.
We do not integrate ad networks, analytics SDKs, crash reporters, social-media SDKs, attribution SDKs, or any other third-party services.
7. Data location and retention
On-device data
- Stored on your device indefinitely until you delete it.
- Removed when you tap "Clear all data" in Settings, or when you uninstall the app.
Synced data (if you signed in)
- Stored in Firebase Firestore (Google Cloud). Region follows Firebase project defaults; data may be stored on Google servers in the United States or other regions where Google operates.
- Retained as long as your account exists.
- Deleted within 30 days of you signing out and requesting deletion, or when you delete your Google account.
8. Your rights over your data
You can, at any time:
- Export all cycle data as CSV from Settings → Export Data.
- Delete all on-device data from Settings → Clear all data.
- Sign out of cloud sync to stop uploading new data.
- Request deletion of any cloud-synced data by emailing rivatheflow@gmail.com.
- Use the app fully without ever signing in.
See the Data Deletion Policy for step-by-step instructions.
9. Security
- In transit: sync traffic uses HTTPS/TLS via the Firebase SDK.
- At rest on device: protected by Android's full-disk encryption; Riva's local database lives in app-private storage and is not readable by other apps.
- At rest in the cloud: Firestore encrypts data at rest by default (Google-managed keys).
- Authentication: access to your Firestore document is restricted by Firebase security rules to requests authenticated with your Google UID.
No security system is perfect. If you believe there is a vulnerability in Riva, please email rivatheflow@gmail.com.
10. Children's privacy
Riva is intended for users aged 13 and above. We do not knowingly process data from anyone under 13. If you believe a child under 13 has used Riva's sync feature and uploaded data, contact us and we will delete it.
11. GDPR (users in the EU / UK / EEA)
For offline use, no personal data within the meaning of GDPR is processed by us - it stays on your device.
If you opt into cloud sync, we process your Google email, Google UID, display name, and cycle data as a controller. The lawful basis is Article 6(1)(b) (performance of a contract - providing the sync service you asked for) and, where applicable, Article 9(2)(a) (explicit consent for health-related data, given when you enable sync).
International transfers: data is stored on Google infrastructure, which may involve transfers to the United States. Google provides Standard Contractual Clauses under its Firebase Data Processing and Security Terms.
Rights you have: access, rectification, erasure, restriction, portability (via CSV export), and objection. Contact rivatheflow@gmail.com to exercise any of them.
12. CCPA (California residents)
- We do not sell your personal information.
- We do not share your personal information for cross-context behavioral advertising.
- The only "sharing" is with Google as our processor, solely to provide the cloud-sync feature you opted into.
- You have the right to know, delete, and correct your data; exercise it by writing to rivatheflow@gmail.com.
13. HIPAA
Riva is a consumer wellness app, not a medical device, and is not provided by a HIPAA covered entity or business associate. Do not use Riva as a substitute for professional medical advice, diagnosis, or treatment, or as a method of contraception.
14. Changes to this Privacy Policy
We may update this Privacy Policy as the app evolves. Material changes will be reflected by an updated "Last updated" date and, where required by law, highlighted in-app the next time you open Riva. Continuing to use the app after an update means you accept the updated policy.
15. Contact us
- Email: rivatheflow@gmail.com
- Website: rdxracer.com/riva
We aim to reply within 7 business days.
In plain English
- By default, all your cycle data stays on your phone.
- Cloud sync only happens if you sign in with Google, and you can sign out any time.
- No ads. No analytics. No tracking SDKs.
- You can export to CSV or delete everything in one tap.
- Google stores synced data on our behalf; we never sell or share it with anyone else.
Your period data is yours. Period.
Acknowledgment
By using Riva, you acknowledge that you have read and understood this Privacy Policy.
Riva — Track your natural flow
Version 1.0.0 · Last updated: April 18, 2026