Relaxy (Riri) Privacy Policy

Last Updated: Oct 27, 2025

This Privacy Policy explains how Relaxy Limited ("Relaxy", "we", "us") collects, uses, stores, and protects your information when you use Riri, Relaxy's AI coach, and the Relaxy app and services.

When using our AI services, you are interacting with AI software, not a person. The Software cannot replace care from a qualified health professional. AI does not replace human judgment and is intended solely as a support tool. If you are in immediate danger, contact local emergency services right away.

By using Relaxy and Riri, you agree to this policy.

1) About Relaxy and Contact Details

Relaxy Limited is a mental health technology company based in Dhaka, Bangladesh.

If you have any questions or requests about your privacy:
Email: info@relaxy.com.bd

2) What Information We Collect

We collect the minimum information necessary to provide and improve the service safely.

A) Information you provide

Account and profile (optional/minimal):

  • Nickname or display name
  • Age range (not exact date of birth unless required for a specific service)
  • Gender/pronouns (optional)

Conversation and wellbeing data:

  • Messages you type to Riri
  • Mood check-ins, feelings, topics, goals, and preferences
  • Responses to in-app assessments or questionnaires
  • Safety-related information you may share (e.g., self-harm thoughts)

Human support data (if you use therapy/counseling):

  • Contact details required to schedule sessions
  • Session notes or summaries (only where clinically necessary and with clear notice)

Support communications:

  • Emails/messages to our support team
  • Feedback you provide in surveys or forms

B) Information collected automatically

App usage data:

  • Screens visited, taps/clicks, feature usage, session time
  • Crash logs and performance diagnostics

Device and technical data:

  • Device type, OS version, app version, timezone
  • Non-invasive device identifiers used for security and analytics

We do not intentionally ask for sensitive identifiers (NID/passport, etc.). Please avoid sharing personal identifiers in chat unless the app specifically requests them for a service you are using.

3) How We Use Your Information

We use information for the following purposes:

A) To provide the service

  • Enable Riri conversations and wellbeing tools
  • Personalize recommendations (based on your usage and preferences)
  • Provide reminders if you turn them on
  • Help you access human support services if you choose them

B) To ensure safety and prevent harm

  • Detect high-risk language (self-harm, abuse, emergency signals)
  • Offer crisis guidance and encourage professional help
  • Where required for safety, enable escalation to Relaxy's internal clinical safety process (if available in the product)

C) To improve product quality (inside Relaxy only)

  • Fix bugs, improve performance
  • Improve conversation flows and tool recommendations
  • Conduct internal analytics and research to understand what works

Important: We do not sell your data, and we do not allow advertisers to use your conversation data.

4) Responsible Use of AI (Riri)

Riri uses AI to generate supportive responses and to recommend tools. We design Riri to be clinically safe, culturally relevant, and privacy-protective.

We apply safeguards such as:

  • Safety filtering for self-harm or harmful instructions
  • Clinician-reviewed conversation patterns and tool content
  • Quality monitoring to reduce unsafe or misleading responses

Limitations: AI can be wrong. Riri may sometimes misunderstand context. If something feels inaccurate or unsafe, stop and seek professional support.

5) Data Storage and Data Location

Your data is stored on secure servers controlled by Relaxy.

No international transfer

We do not transfer your personal data outside your country/region for storage or processing. We aim to keep user data within Bangladesh (or the same jurisdiction where the user is served).

6) Who We Share Information With

We do not share your personal data with third parties.

  • No selling
  • No renting
  • No marketing data sharing
  • No third-party data brokerage

Access within Relaxy (limited and controlled)

To improve Riri and deliver safer, higher-quality mental health support, authorized Relaxy team members may access certain data strictly on a need-to-know basis. This can include:

  • Product and engineering staff (to fix issues and improve performance)
  • Clinical safety and care teams (to ensure safe responses and appropriate support)
  • Relaxy-approved researchers working under Relaxy's direct supervision (to evaluate effectiveness and improve service)

How research access works (privacy-first)

When Relaxy researchers use data, we do so in a way that protects you:

  • We use de-identified, anonymized, or aggregated data wherever possible (so it cannot reasonably be linked back to you).
  • If identifiable data is ever required (rare), access is restricted, logged, and permitted only with a clear purpose and appropriate safeguards.
  • Research access is governed by:
    • Confidentiality obligations
    • Internal approval and oversight
    • Minimum-access principle (only what is necessary)
    • Secure storage and auditing

Service providers (future possibility)

Right now, we do not share personal data with service providers. If in the future we ever need a service provider (e.g., infrastructure support), we will:

  • Update this policy clearly, and
  • Ensure protections remain strong and aligned with our privacy principles, and
  • Obtain explicit user consent where required.

7) Mergers, Acquisitions, and Corporate Changes

Even if Relaxy merges, is acquired, or restructures:

  • We will not transfer or sell user personal data to another company as an asset.
  • We will either:
    • keep data under Relaxy-controlled systems, or
    • delete/retain data per this policy, or
    • request fresh, explicit user consent before any transfer (opt-in only).

8) How We Protect Your Information

We use reasonable security safeguards, including:

  • Encryption in transit and at rest (where applicable)
  • Access control (limited staff access, role-based permissions)
  • Logging and monitoring for suspicious access
  • Secure development practices and vulnerability management
  • Staff confidentiality and training

No system is 100% secure, but we work hard to protect your data.

9) Data Retention

We keep personal data only as long as needed for the purposes described.

Typical retention approach:

  • Conversation and account data: retained to provide continuity, unless you delete/reset
  • Support emails: retained for service history and compliance
  • Clinical/counseling records (if applicable): retained based on ethical/legal requirements and clinical continuity

10) Your Rights and Choices

You can request to:

  • Access a copy of your data
  • Correct inaccurate data
  • Delete your data
  • Withdraw consent (where processing is consent-based)
  • Reset your Riri conversation history (in-app, if available)

We may need to verify your identity before fulfilling requests.

11) Children's Privacy

Relaxy services are intended for users above the minimum age allowed by local law and app rules. If we learn we collected data from a child below the allowed age without appropriate consent, we will take steps to delete or restrict it.

12) Personal Data Breach Management

If there is a data breach that poses a risk to users, we will:

  • Investigate and contain it quickly
  • Notify affected users and relevant authorities where required by applicable law
  • Take corrective measures to prevent recurrence

13) Changes to This Policy

If we update this policy, we will notify you in the app. Continued use after notice means you accept the updated policy.

Relaxy SupportOnline
Relaxy Support

Hello! 👋 How can we help you today?

13:55