Legal

Privacy Policy

Last updated: 2026-04-23

Who we are

Riverin OÜ ("we", "us", "our") operates maatriks.ai, a mobile training application with a public website. This policy explains how we process personal data when you use the app, the website, support channels, and account-management pages.

We do not sell personal information, and we do not use your data to build advertising profiles.

What this policy covers

This policy applies to the mobile app, the public website, support interactions, password-reset and auth handoff pages, and the account-deletion flow.

App stores, identity providers, analytics tools, and other third-party services may also process data under their own policies.

What data we collect

Account and profile data

  • Email address
  • Name details you provide or that we receive from your chosen sign-in method
  • Account ID, account status, and related timestamps
  • Onboarding answers and training preferences, such as experience level, training days, target session length, workout focus, unit system, and exercise exclusions

Authentication data

  • Email/password credentials handled through the authentication system
  • Authentication session data and security-related logs
  • Provider identifiers and basic profile details we receive if you choose Google sign-in

Workout and service data

  • Programs and planned workouts
  • Completed sessions, exercises, sets, reps, weights, and progression data
  • Personal records, dashboard metrics, and workout timestamps
  • Exercise, set, and session comments

AI-related data

  • Structured inputs derived from your profile, workout history, session details, and comments
  • AI-generated workout feedback, session review text, and related outputs
  • Technical generation metadata needed to operate and troubleshoot AI-assisted features

Support and communications data

  • Emails and messages you send to support
  • Issue descriptions, screenshots, and attachments you choose to provide
  • Device type and app version if you include them in a support request
  • Email addresses and communication preferences if you contact us about updates or the website newsletter

Technical, device, and website data

  • Device type, operating system, and app version
  • Crash information, diagnostics, request telemetry, and security logs
  • Feature usage or navigation events collected to operate, secure, and improve the service
  • Cookie-consent state on the website
  • Website analytics and tag-management data where consent is required and has been given
  • IP address, browser information, and similar online identifiers collected through normal web requests

How we collect data

  • Directly from you when you sign up, complete onboarding, log workouts, contact support, or manage your account
  • Automatically when you use the app and website
  • From Google if you choose Google sign-in
  • From service providers that help us operate authentication, hosting, analytics, AI-assisted features, and app distribution

How we use data and legal bases

We process personal data to provide the service, keep it secure, and improve it over time.

  • To provide the service — create and manage accounts, authenticate users, store workouts, and deliver workout planning and AI-assisted feedback. Legal basis: performance of a contract.
  • To personalize the training experience — use onboarding answers, training preferences, and workout history to tailor the app experience. Legal basis: performance of a contract.
  • To respond to support requests — review support emails, screenshots, and account details needed to help you. Legal basis: legitimate interests and, where applicable, performance of a contract.
  • To operate, secure, and improve the service — use diagnostics, security logs, and usage information to prevent abuse, troubleshoot problems, and improve the app and website. Legal basis: legitimate interests.
  • To run consent-based website analytics — process website analytics and tag-management data only where consent is required and has been given. Legal basis: consent.
  • To comply with legal obligations — retain or disclose data when required for legal, tax, accounting, fraud-prevention, or compliance reasons. Legal basis: legal obligation and legitimate interests.

AI processing

Some features use one or more third-party AI providers or model platforms to generate workout feedback, session review text, and related outputs. To do that, we may send relevant workout context, profile information, comments, and technical metadata needed to generate the requested response.

AI outputs may be stored with your workout history so the service can show past feedback and maintain continuity between sessions. We do not use your workout data for advertising.

Cookies and website analytics

The public website uses a cookie banner to ask for consent before loading optional analytics and tag-management tooling. Those tools are used to understand website usage and improve the public site, not for cross-site advertising profiles.

The auth callback and password-update handoff pages do not use the main cookie-consent and analytics surface.

Who we share data with

We share data only as needed to operate the service and meet legal obligations. Depending on the feature, recipients may include:

  • Hosting, backend, database, storage, and infrastructure providers
  • Authentication providers
  • AI providers or model-platform providers
  • Website analytics and tag-management providers
  • Customer support, messaging, and email tools
  • App-store operators and related platform services
  • Professional advisers and authorities where disclosure is legally required

International transfers

Our service providers may process data outside your home country. Where required by law, we use appropriate safeguards for international transfers.

Data retention

We keep personal data for as long as needed to provide the service and for legitimate business or legal purposes.

  • Account, profile, and workout data — retained while your account is active and as needed to provide the service
  • Support records — retained as needed to respond to requests, maintain service history, and protect against abuse or disputes
  • Technical and security logs — retained for troubleshooting, security, and service-improvement purposes
  • Deletion and compliance records — retained where needed to demonstrate compliance or meet legal obligations
  • Backups and disaster-recovery systems — deleted data may remain there for a limited period where technically necessary

Rights and choices

Depending on your location, you may have rights to access, correct, delete, restrict, object to, or port your personal data, and to withdraw consent where processing depends on consent.

  • You can contact us to request access, correction, deletion, or export of your data
  • You can manage website analytics consent through the cookie banner
  • Some information, such as account credentials and core workout/profile data, is required to create and use the service
  • Other information, such as support attachments or update/newsletter requests, is optional

If you are in the EEA or UK, you may also complain to the Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon) or your local supervisory authority. We do not currently use automated decision-making with legal or similarly significant effects.

Account deletion

You can delete your account from within the maatriks.ai app. When your deletion request is processed, we delete or de-identify associated data unless retention is required for legal, security, fraud-prevention, tax, accounting, dispute, or compliance reasons.

Deletion may take time to complete across active systems and backups. For step-by-step instructions, see our Delete Account page. If you cannot access the app, contact us at info@maatriks.ai.

Security

We use reasonable technical and organizational measures to protect personal data, including access controls, encrypted transmission, and vendor/infrastructure safeguards. No system is completely secure.

Children

maatriks.ai is not intended for children under 16, and we do not knowingly allow accounts for users under 16. If you believe a child under 16 has provided personal data to us, contact us at info@maatriks.ai and we will review the request.

Changes to this policy

We may update this privacy policy from time to time. When changes are material, we may provide notice through the app, website, or email. The date at the top of this page shows the latest update.

Contact

For questions, concerns, or requests related to this privacy policy or your personal data:

Riverin OÜ
Ida-Viru maakond, Lüganuse vald, Lüganuse alevik, Papli tn 5c, 43301, Estonia
Email: info@maatriks.ai