LogotypeGet Free

Effective Date: 30 November 2025

Your privacy matters to us. Ravo (“we,” “our,” “us”) is committed to protecting your personal information and complying with all applicable data protection laws and regulations, including GDPR (EU), CCPA (California, USA), COPPA (USA) and UAE PDPL. This Privacy Policy explains how we collect, use, store, and share your personal information when you use our website https://www.ravoai.app, mobile applications, APIs, and any other platforms or services we operate.

1. Definitions

Personal Data: Any information relating to an identified or identifiable individual.

Processing of personal data: Any action or set of actions performed on personal data, including its collection, recording, storage, use, transmission, and other operations.

Data Controller: Ravo, which determines purposes and means of processing personal information.

Data Processor / Subprocessor: Third parties who process data on behalf of Ravo.

Sensitive Personal Data: Data revealing racial or ethnic origin, health, biometric or genetic data, religious beliefs, criminal records, or similar categories requiring special protection.

Third Parties: External service providers, partners, or authorities with whom data may be shared under lawful conditions.

2. Information We Collect

We may collect and process the following categories of personal data:

a) Account & Contact Information

  • Name, email address, phone number (if provided)
  • Social media profiles, if you link accounts
  • Payment information for subscriptions (processed via Apple Pay; not stored on our servers)

Transaction Data may also be collected automatically as you use Ravo. This includes order records, analytics data, user profiles, saved files, and general usage metrics.

b) Chat and AI Interaction Data

  • Messages exchanged with the AI CHat bot
  • Analysis of writing style, tone, and preferences to personalize responses
  • Only the last 10 messages are processed when screenshots are uploaded for context
  • Chat data is primarily stored in the user’s iCloud account and is private

Important: Chat messages are never used to train external AI models without explicit consent. Aggregated and anonymized data may be used internally to improve AI models and service quality.

c) Device & Technical Data

  • IP address, device type and model, operating system, browser type
  • App usage logs, crash reports, error messages
  • Optional geolocation if enabled

d) Payment & Transaction Data

  • Purchase records and subscription details
  • Payment handled by Apple Pay; sensitive payment details are not stored on our servers

3. How We Collect and Use Information

You may provide personal data when you:

  • Create an account
  • Purchase a subscription
  • Sign up for updates via email or social channels
  • Access our website or app through a browser or mobile device
  • Communicate with us via email, social media, or similar tools
  • Mention or interact with Ravo on social platforms

We may use the information we collect for purposes such as:

  • Delivering the core functionality of Ravo
  • Personalize AI responses based on your chat style and tone
  • Analyze trends and improve app performance
  • Contacting and supporting you
  • Conducting analytics, marketing, and business development
  • Keeping internal records and administrative logs
  • Fraud detection, security, and compliance checks
  • Testing, improving, and maintaining our app and website

AI Personalization: The AI adapts to your messaging style to provide contextually appropriate responses. This data may be aggregated and anonymized for internal model improvement. Individual chat content is never shared externally without consent.

We collect and process only the personal data necessary to provide and improve the App, in accordance with the principles of data minimization and purpose limitation as required under UAE PDPL and other applicable data protection laws. Data will not be retained or processed for unrelated purposes.

4. Sharing Information with Third Parties

We share personal data only when necessary and in compliance with GDPR, CCPA and PDPL:

  • With trusted service providers (cloud hosting, IT services, analytics, marketing)
  • With legal or regulatory authorities when required by law
  • With business partners, only with explicit consent or legal basis

All third parties are bound by contractual obligations to maintain data confidentiality and comply with applicable laws.

We may share data with:

  • Apple iCloud: Your chat data is stored in your iCloud account solely to enable app functionality, synchronization, and backup. Apple does not gain any rights to use this data for advertising, analytics, or any other external purposes
  • Payment processors:  Apple Pay for subscription processing
  • Hosting, analytics, support providers: Bound by Data Processing Agreements
  • Law enforcement or regulatory authorities: When legally required
  • Business transfers: In case of acquisition or asset transfer, data may be transferred to the successor entity

As a data controller, we remain responsible for ensuring an adequate level of protection when transferring data to these providers. To do this, we:

  • Conduct due diligence to assess the security measures of third-party providers.
  • Enter into Data Processing Agreements (DPAs) that comply with GDPR, CCPA and PDPL requirements.
  • Monitor providers to ensure ongoing compliance with contractual and legal obligations.

While we take all reasonable steps to protect your personal data, no system can be completely secure. Therefore, we cannot guarantee absolute protection against unauthorized access, leaks, or incidents that may occur due to factors beyond our reasonable control.

5. International Data Transfers

In some cases, your personal data may be transferred and processed outside of your country of residence (for example, for secure cloud hosting, payment processing, or fraud prevention).

Where such transfers take place, we make sure your data is protected by:

  • Using legally recognized safeguards such as the EU Standard Contractual Clauses (SCCs);
  • Entering into data transfer agreements with our providers that require them to meet equivalent privacy and security standards;
  • Transferring data only to countries that provide adequate levels of data protection, or applying appropriate additional safeguards if required.

You may contact us at any time to request further details about the safeguards we use when transferring your data internationally.

6. Data Retention

We retain personal data only as long as necessary for the purposes outlined in this Policy or as required by law.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data,  the potential risk of harm from unauthorised use or disclosure of your personal data the purposes for which we process your personal data and whether we can achieve such purposes through other means, and the applicable legal requirements.

  • Account and chat data: stored in iCloud while your account is active
  • AI model training: only aggregated and anonymized data may be retained
  • Payment data: processed via Apple, not stored
  • Logs and analytics: retained as long as necessary for internal analysis or compliance

Users may request deletion of their account and chat history at any time.

7. Children’s Privacy

Our App is not intended for children. Therefore,we do not knowingly collect personal data from children under 13 (or higher minimum age as required by applicable law, e.g., 16 in the EU). For the purposes of this Section 7 the terms "child" and/or "children" in the context of data processing activities may be interpreted on a case-by-case basis as prescribed by applicable data protection laws. No one who is considered a "child" under applicable data protection laws is allowed to directly provide any personal information to the App.

As a general rule we consider a person under the age of 16 to be regarded as "a child" until we have legal grounds to conclude that a person under 16 should be treated as an adult as per provisions of local data protection rules or based on the parent authorization provided to us directly.

Solely the holders of parental responsibility are liable for preventing their children from providing personal information via the App without relevant verifiable parental consent. If we learn that we have collected personal information from a child without verification of the holder of parental responsibility for a child, we will erase that information as quickly as possible. If you reasonably believe that we might have any information from or about a child, or a child has directly provided us with personal information via the App without verifiable parental consent, please contact us.

8. User Rights

Depending on your location (GDPR, CCPA, PDPL), you have the following rights to:

Right to access

You have a right to request a copy of the personal data that we hold on you, along with meaningful information on how it is used and who we share it with. This right always applies, but there are some instances where We may not be able to provide you with some or all of the information We hold. Where this is the case, We will explain to you the reason and when We can respond to your request, unless the relevant laws or regulations prevent us from doing so.

 

Right to request data portability

You have the right to receive your personal data which was provided to Us for processing, in a structured and machine-readable format. You may also have the right to request transmission of such personal data to another controller, where technically feasible.

Right to rectification

You have a right to ask Us to correct inaccurate or incomplete personal data that We hold about you. We will either confirm to you that this has been done, or if there is a valid reason that this cannot be done, We will let you know the reason.

Right to erasure

You can request that We delete your personal data in certain circumstances, for example if We no longer need the personal data for the purpose(s) for which We collected it. We will either confirm to you that this has been done, or if we are unable to delete it due to a compelling overriding reasons or retention is required by any legal or regularly obligations, we will let you know the reason for continuing to hold personal data and the period We are required to hold such personal data.

Right to restrict processing

You can ask Us to restrict the processing of your personal data in certain circumstances. If you do so, We will either confirm to you that this has been done, or if We are unable to do so, We will inform you the reason.

Right to object to automated decision-making

You have the right to object to decisions made about you, using your personal data and undertaken by purely automated means, including profiling.  If you do so, We will arrange for someone to assess the automated decision and confirm the outcome of this assessment to you.

Right to object to certain processing, including direct marketing

You can object to certain processing, including to receive direct marketing from Us. You can object to receiving direct marketing from Us by simply clicking on the unsubscribe link in any email you receive from Us or alternatively getting in touch with Us though the contact details mentioned hereunder.

Right to withdraw your consent

You have the right to withdraw your consent at any time to the use of your personal data for a particular purpose (where we have asked you for consent to use your information for that particular purpose).

Right to lodge a complaint

If you find that you have reasons to file a complaint against Howden for our data processing activities, you may contact the UAE Data Office.

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA):

Right to Know what categories of personal information we collect, use, disclose, or share.

Right to Request Deletion of your personal information, subject to certain exceptions.

Right to Correct inaccurate personal information we hold about you.

Right to Opt-Out of Sale or Sharing: You have the right to direct us not to sell or share your personal information. While Ravo does not sell personal information for monetary value, some of our data uses may be considered “sharing” under California law (e.g., analytics, personalization). You may exercise this right at any time by contacting us at support@ravoai.app

Right to Limit Use of Sensitive Personal Information: You can ask us to limit the use of sensitive personal data to what is strictly necessary to provide the App.

We will not discriminate against you for exercising your CCPA/CPRA rights.

We will respond to rights requests within 30 days, unless extended due to complexity.

To exercise your rights or if you have any questions regarding this Privacy Policy, please contact our Privacy Contact at:

support@ravoai.app 

+380776310931

9. Security Measures

We take the security of your personal data seriously and implement a combination of technical and organizational measures to protect it. These measures include:

Our Security Measures

Encryption: All personal data is encrypted both in transit and at rest.

Access Controls: Multi-factor authentication and role-based access ensure that only authorized personnel can access data.

Data Minimization: Sensitive personal data is pseudonymized or anonymized wherever possible.

Staff Awareness: Regular training and awareness programs are conducted to ensure employees understand data protection responsibilities.

System Testing: We perform regular security audits, penetration tests, and maintain incident response procedures to detect and mitigate vulnerabilities.

10. AI Data Use & Personalization

The chat functionality within Ravo is powered by artificial intelligence (“AI”). All responses generated in the app are produced by the AI system and not by a human. Users should understand that:

Nature of AI Responses: AI-generated responses are provided solely for informational, educational, and entertainment purposes. They are not intended as professional advice of any kind, including but not limited to medical, legal, financial, or other professional advice.

Accuracy and Reliability: While we strive to make AI interactions accurate and useful, Ravo does not guarantee the correctness, completeness, or suitability of AI-generated content. AI responses may be inaccurate, outdated, or incomplete, and should not be relied upon as a sole source for decision-making.

User Responsibility: Users are solely responsible for any decisions made based on AI responses. Ravo encourages users to exercise independent judgment and, where appropriate, to consult qualified professionals for advice.

AI Learning and Context: The AI analyzes messages exchanged within the app, including up to the last 10 messages when a screenshot is uploaded, solely to maintain conversation context and improve user experience. Individual chat data is never used to train external AI models without explicit user consent. Aggregated and anonymized data may be used internally to improve AI performance.

Limitation of Liability: Ravo shall not be liable for any consequences arising from the use of AI-generated responses, including but not limited to decisions made or actions taken based on such responses. Use of the AI chat constitutes acknowledgment and acceptance of these limitations.

Compliance with App Store Guidelines: This disclosure satisfies Apple’s App Store requirements for AI transparency, ensuring that users are informed that responses are AI-generated and not professional advice.


11. Cookies and Tracking

What are cookies?

This Cookie Policy explains what cookies are, how we use them, the types of cookies we use (i.e., the information we collect using cookies and how that information is used), and how to manage your cookie settings.

Cookies are small text files used to store small pieces of information. They are stored on your device when a website loads in your browser. These cookies help ensure that the website functions properly, enhance security, provide a better user experience, and analyse performance to identify what works and where improvements are needed.

How do we use cookies?

Like most online services, our website uses both first-party and third-party cookies for various purposes. First-party cookies are primarily necessary for the website to function properly and do not collect any personally identifiable data.

The third-party cookies used on our website primarily help us understand how the website performs, track how you interact with it, keep our services secure, deliver relevant advertisements, and enhance your overall user experience while improving the speed of your future interactions with our website.

……………

Consent is required for non-essential cookies. You can manage or withdraw consent via your browser or our cookie consent tool. See our Cookie Policy for more details.

12. Data Breaches

In the event of a personal data breach, we will take all reasonable steps to contain and investigate the incident. Where required by applicable data protection laws, we will notify the competent supervisory authority and affected individuals.

Under the GDPR (EU/EEA): we will notify the relevant Data Protection Authority within 72 hours of becoming aware of the breach, unless the breach is unlikely to result in a risk to the rights and freedoms of individuals. If the breach is likely to result in a high risk to individuals, we will also notify affected users without undue delay.

Under the PDPL (UAE): we will notify the UAE Data Office without undue delay. If the breach is likely to cause serious harm to individuals, we will also inform the affected individuals promptly.

Other Jurisdictions: where other applicable data protection laws impose different or additional obligations, we will comply with those requirements as well.

We will maintain records of all data breaches in accordance with our legal obligations.

13. Changes to This Privacy Policy

We are constantly reviewing our Privacy Policy to ensure compliance with data protection legislation. Our apps are also constantly evolving and new features and services may change how we process your personal data. Any substantive or material change to this Privacy Policy will be brought to your attention.

In the event of material changes relating to Personal Data, we will notify Users, Clients, and Consultants by posting a notice on the Website and/or by sending an informational email. We encourage you to review this Privacy Policy periodically to stay informed about how we handle your Personal Data.

If you have opted out of receiving email notifications regarding changes to our legal documentation, you remain solely responsible for reviewing and familiarizing yourself with such changes.

Following amendments to this Privacy Policy, we may require Users, Clients, and Consultants to provide renewed consent to the updated version. Unless otherwise stated, all amendments shall become effective thirty (30) days after the publication of the revised version of this Privacy Policy.

Our electronic or otherwise stored copies of this Privacy Policy shall be deemed to be the authentic, complete, valid, and enforceable version of the Policy in effect at the time of your interaction with the Website.

Updates will be published on this page with a new “Last Updated” date.

14. Contact Us

If you have any questions regarding this Privacy Policy or wish to exercise your rights regarding your personal data, please contact us at:

Ravo AI

Mira Avenue 12, 127 Dnipro, Ukraine, 49130

support@ravoai.app +380776310931