Rivet Privacy Policy

Last updated June 8, 2026

Rivet is private by design. Your day is yours — it stays on your device. This policy explains the few things that touch a server, and the choices you have.

Rivet (“Rivet,” “we,” “us”) is a planning app for iPhone, iPad, and Mac, provided by James Whelan. By using Rivet, you agree to this policy.

The short version

• Your timeline — to-dos, events, notes, attachments, and voice captures — is stored on your device. We don’t keep a copy of it on our servers.
• We don’t track you, show ads, or use third-party analytics or advertising SDKs.
• Apple Health and Apple Music data stay on your device and are used only to show things on your timeline.
• There is exactly one optional path where text leaves your device: Pro “Smart Add refinement,” described below. It’s off unless you turn it on.
• Calendar and Reminders access is read-and-show by default — Rivet asks before changing anything.

How your data is stored

Rivet is local-first. The content you create lives in Rivet’s storage on your device. Because it’s on your device, you stay in control of it, and most of Rivet works with no network connection at all.

Account and sign-in

You sign in with Sign in with Apple or Google. Signing in with Google is also how you connect Google Calendar and Meet. We use these only to identify your account and provide the features you ask for — they are not used to track you across other apps or services.

Smart Add refinement (optional, Pro)

By default, Rivet understands what you type using on-device parsing. If you’re a Pro subscriber and you turn on Smart Add refinement, the raw text you type into Smart Add is sent to Rivet’s enrichment endpoint, which forwards it to our AI provider, Anthropic (the maker of Claude), purely to improve how that text is understood. This text:

• is sent under a short-lived, scoped token — it is not linked to your identity or stored against you;
• is used only to refine the parse you asked for;
• is not used to train AI models, for advertising, or for tracking.

Because Smart Add can contain personal, work, calendar, or health details, this feature is off until you choose to turn it on. Keep it off to use on-device parsing only.

Permissions you can grant

Each of these is optional, asked for in context, and revocable in the iOS or macOS Settings app:

• Apple Calendar — to show your events and help you plan around them. Rivet asks before creating or changing anything on your calendar.
• Contacts — to suggest names and email addresses when you invite people to events.
• Notifications — to remind you before timed to-dos and, if you set them, medication doses.
• Apple Health — to show sleep, activity, heart-rate, and medication context beside your schedule. Rivet reads only the categories you approve, and that data stays on your device.
• Apple Music — to use your recent plays to build your monthly listening capsule, on your device.
• Apple Reminders — to import reminders you choose, or send selected Rivet to-dos to Reminders.
• Google Calendar & Meet — to show your Google events and, when you ask, create Google events and Meet links (Pro).

Apple Health and Apple Music data are used only to display things on your timeline. They are not sent to our servers and are never sent to the AI provider.

Google data

When you connect Google, Rivet’s use of information received from Google APIs follows the Google API Services User Data Policy, including its Limited Use requirements. We use Google Calendar data only to provide the calendar and Meet features you ask for. We don’t sell it, use it for advertising, or use it to train AI models.

Subscriptions

Rivet Pro is sold through Apple. Apple processes your payment; we never see your card details. We receive your subscription status so we can unlock Pro features.

What we don’t do

• We don’t sell your personal information.
• We don’t show ads or use cross-app/cross-site tracking.
• We don’t embed third-party advertising or analytics SDKs.

Service providers

We share information only with the providers that make a given feature work, and only for that purpose: Apple (sign-in, payments, Health, Music, Calendar, Reminders), Google (Google Calendar and Meet, if you connect it), and Anthropic (only the Smart Add text described above, and only if you’re a Pro user who turned on refinement).

Data retention

Your on-device content stays until you delete it in the app or remove Rivet. Smart Add refinement requests are processed to return a result and are not retained against your identity.

Your rights and choices

• Delete your data — delete items in the app, or remove Rivet to delete its on-device content.
• Control permissions — grant or revoke Calendar, Contacts, Notifications, Health, Music, and Reminders access in your device’s Settings; disconnect Google in Rivet’s settings.
• Turn off refinement — Smart Add refinement can be switched off at any time.
• Depending on where you live, you may have rights under laws such as the GDPR or CCPA, including the right to access, correct, delete, or restrict use of your data, and to complain to a regulator. We do not sell personal information or use it for cross-context behavioral advertising.

Children

Rivet is not directed to children under 13 (or under the minimum age required in your country), and we don’t knowingly collect their information.

Security

We use reasonable measures to protect your information, including encryption in transit for anything that leaves your device. No method of storage or transmission is completely secure, so we can’t guarantee absolute security.

International transfers

Where information does leave your device (such as a Smart Add refinement request), it may be processed in another country. Where required, we put appropriate safeguards in place for those transfers.

Changes to this policy

We may update this policy as Rivet evolves. We’ll change the “last updated” date above and, for material changes, give you notice in the app.

Contact

Questions about privacy? Email us at jdwhelan@me.com.