Risefy

Legal

Privacy Policy

Last updated: May 16, 2026

This Privacy Policy describes how Risefy (“Risefy,” “we,” “our,” or “us”) collects, uses, discloses, and protects information when you visit risefy.co or use any Risefy product or service (collectively, the “Services”). By using the Services, you agree to the practices described here.

1. Information We Collect

1.1 Information You Provide

  • Account data: name, email address, password (stored as a hash), company name, and billing information when you sign up.
  • Content data: quizzes, forms, branding assets, uploaded media, and any text or files you create or upload to your Risefy workspace.
  • Communications: messages you send to our support team, feedback, and survey responses.

1.2 Information Collected Automatically

  • Usage data: pages visited, features used, clicks, and time spent in the application.
  • Device data: browser type, operating system, IP address, device identifiers, and approximate location derived from IP.
  • Cookies and similar technologies: used to keep you signed in, remember preferences, and measure aggregate usage.

1.3 Information From Third Parties

If you sign in using a single sign-on provider (such as Google), we receive basic profile information (name, email, profile photo) from that provider. We do not store passwords from third-party sign-in providers.

2. How We Use Your Information

  • To provide, operate, and maintain the Services.
  • To process payments and manage subscriptions.
  • To improve the Services, including training internal models on aggregated, anonymized usage data.
  • To communicate with you about product updates, security alerts, and administrative messages. We will only send marketing emails with your consent, which you may withdraw at any time.
  • To detect, prevent, and respond to fraud, abuse, or security incidents.
  • To comply with legal obligations.

3. Lawful Basis for Processing

We process your personal data on one or more of the following bases under the Digital Personal Data Protection Act, 2023 (India) and other applicable laws:

  • Performance of the contract you have with us (providing the Services).
  • Your consent (e.g., for marketing communications).
  • Our legitimate interests in operating and improving the Services.
  • Compliance with legal obligations.

4. How We Share Your Information

We do not sell your personal information. We share data only as follows:

  • Service providers: infrastructure (AWS), payment processors, email delivery, analytics, and AI providers. These vendors are contractually bound to use the data only to provide services to us.
  • With your direction: when you publish a quiz, share a result link, or integrate Risefy with a third-party tool, the relevant data is shared as you have configured.
  • Legal and safety: when required by law, regulation, legal process, or to protect the rights, property, or safety of Risefy, our users, or the public.
  • Business transfers: in connection with a merger, acquisition, financing, or sale of assets, subject to standard confidentiality protections.

5. Data Retention

We retain personal data for as long as your account is active or as needed to provide the Services. When you delete your account, we delete or anonymize your personal data within 90 days, except where retention is required by law (e.g., tax records) or necessary for the establishment, exercise, or defence of legal claims.

6. Your Rights

Subject to applicable law, you have the right to access, correct, update, port, or delete your personal data, and to withdraw consent or object to certain processing. To exercise any of these rights, email support@risefy.co from the email address associated with your account. We will respond within 30 days.

You may also lodge a complaint with the Data Protection Board of India or the supervisory authority in your jurisdiction.

7. Children

The Services are not directed to individuals under 18. We do not knowingly collect personal data from children. If you believe a child has provided us personal data, contact us and we will delete it.

8. Security

We use industry-standard technical and organisational measures including TLS encryption in transit, encryption at rest for sensitive fields, access controls, and regular security reviews. No method of transmission over the internet is 100% secure, so we cannot guarantee absolute security.

9. International Transfers

Risefy is operated from India. If you access the Services from outside India, your information may be transferred to and processed in India or in countries where our service providers are located. We rely on appropriate safeguards (such as contractual clauses) where required by applicable law.

10. Cookies

We use essential cookies for authentication and session management, and analytics cookies to understand aggregate usage. You can disable non-essential cookies in your browser settings or via our cookie preference centre where available.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be notified via email or an in-product notice at least 14 days before they take effect. The “Last updated” date at the top of this page reflects the latest revision.

12. Contact

Questions about this Privacy Policy or our data practices? Email us at support@risefy.co.