Privacy Policy

River by Two Spoon Technologies Pvt. Ltd.

Effective: 3rd August 2025
River Privacy Policy
River ("Platform") is a software-as-a-service (SaaS) platform owned and operated by Two Spoon Technologies Private Limited. This Privacy Policy describes our policies and procedures on the collection, use, disclosure, and protection of personal data when you use our Platform and Services ("Services"), and informs you about your privacy rights and how the law protects you. By accessing or using the Services, you agree to the terms of this Privacy Policy.
Company: Two Spoon Technologies Private LimitedWebsite: river.aiJurisdiction: India + global (as applicable)
Effective date

3rd August 2025

Registered office

56/29, 4th Cross, Subramanyapura Main Road, Chikkalasandra, Bengaluru, Karnataka – 560061, India

Definitions
  • Personal Data: any information relating to an identified or identifiable individual, including but not limited to name, email address, phone number, payment details, or online identifiers.
  • Usage Data: data collected automatically, such as IP address, browser type, device information, pages visited, time spent, and actions taken within the Services.
  • Cookies: small files stored on your device to help analyse usage and personalise experiences.
  • Data Controller: the entity that determines the purposes and means of processing Personal Data. For River, the Data Controller is Two Spoon Technologies Private Limited.
  • Data Processors: third-party vendors or service providers engaged by us to process data on our behalf.
Information we collect
We may collect the following categories of information.

Personal Data provided by you

  • Name
  • Email address
  • Phone number
  • Company details
  • Billing and payment information

Account Data

  • Login credentials
  • Authentication tokens

Usage Data

  • IP addresses
  • Browser/device information
  • Log files
  • API calls
  • Service usage analytics

Cookies & Tracking Data

  • Session management
  • Analytics
  • Personalization

Communications Data

  • Support interactions
  • Surveys
  • Feedback
How we use your information
  • Provide and maintain our Services
  • Process billing and payments
  • Communicate updates, security alerts, and support
  • Personalise experiences and improve Services
  • Monitor usage, detect fraud, and ensure security
  • Comply with legal obligations
  • Marketing, analytics, and remarketing (where legally permitted and with consent if required)
Retention of data
  • Personal Data is retained as long as necessary to provide the Services, comply with legal obligations, resolve disputes, and enforce agreements.
  • Usage Data may be retained for internal analysis for shorter periods, except where legally required for longer retention.
Transfer of data
  • Data may be transferred to and maintained on servers located outside your jurisdiction, including India and other locations where our providers operate.
  • We implement adequate safeguards (e.g., SCCs or equivalent mechanisms) for international transfers.
Disclosure of data

Business transactions

In connection with mergers, acquisitions, or asset sales.

Legal obligations

Where required to comply with applicable law, regulations, or legal process.

Service providers

Hosting, analytics, payment, or customer support providers.

Affiliates and partners

Group companies or business partners under confidentiality obligations.

Security
We use commercially reasonable technical, administrative, and organizational measures to protect Personal Data. However, no electronic transmission or storage is 100% secure, and we cannot guarantee absolute security.
Your rights

GDPR (EU/EEA)

  • Access
  • Rectification
  • Erasure
  • Restriction of processing
  • Data portability
  • Object to processing

CCPA/CPRA (California)

  • Right to know
  • Right to deletion
  • Right to opt-out of sale/sharing of personal information
  • Right to non-discrimination

Other regions

  • Rights per applicable local laws

You may exercise these rights by contacting us at privacy@river.ai.

Service providers
These providers are contractually bound to handle Personal Data only as instructed by us.

Hosting & Infrastructure

AWSGCP

Analytics

Google AnalyticsSegmentMixpanel

Payments

RazorpayPayPal (PCI-DSS compliant)

Customer Support

Intercom

Marketing & Remarketing

Google AdsMeta AdsLinkedIn Ads
Cookies & tracking
We use cookies and similar technologies for session management, analytics, personalization, and marketing/retargeting. You may disable cookies in your browser, but this may affect functionality.
NameTypePurposeExpires
_sessionStrictly necessaryAuthenticate logged-in users1 day
_prefsPreferencesRemember theme and language12 months
_analyticsAnalyticsUnderstand usage patterns6 months
_marketingMarketingRetargeting/remarketing (consent-based)3 months
Payments
We use third‑party payment processors such as Razorpay and/or PayPal. We do not store card details; such data is handled securely in compliance with PCI‑DSS standards.
Children’s privacy
Our Services are not directed to individuals under the age of 16. We do not knowingly collect Personal Data from children. If we become aware that we have collected such data, we will take steps to delete it.
Changes to this policy
We may update this Privacy Policy from time to time. Changes will be posted on this page with the Effective Date updated. Continued use of the Services constitutes acceptance of the updated policy.
Contact & grievance
Questions or requests related to this policy.
Email
privacy@river.ai
Phone

+91 8722110229

Address

Two Spoon Technologies Private Limited, 56/29, 4th Cross, Subramanyapura Main Road, Chikkalasandra, Bengaluru, Karnataka – 560061, India

Grievance Officer (India)

Name: Santosh Bishnoi

Email: privacy@river.ai

Address: Two Spoon Technologies Private Limited, 56/29, 4th Cross, Subramanyapura Main Road, Chikkalasandra, Bengaluru, Karnataka – 560061, India

Need a copy for your records? Print from your browser (Cmd/Ctrl + P).

Back to top
Top