Skip to content
Legal

Privacy Policy

Last updated: March 15, 2026

1. Overview

RivalBeam ("we", "us", or "our") operates the competitive intelligence platform available at rivalbeam.com. This Privacy Policy explains how we collect, use, store, and share your personal data when you use our service.

By using RivalBeam, you agree to the practices described in this policy. If you do not agree, please stop using the service.

2. Data We Collect

2.1 Account Data

When you create an account, we collect:

  • Email address (required)
  • Full name (optional)
  • Profile photo (if provided via Google OAuth)
  • Organization name

2.2 Usage Data

We automatically collect:

  • Pages visited within the app
  • Features used and actions taken
  • IP address and browser type
  • Session duration and frequency
  • Error logs and performance metrics

2.3 Competitive Intelligence Data

When you add competitors to monitor, we collect and store publicly available information about those competitors on your behalf: website content, job postings, review data, news mentions, and social signals. This data is the core product we provide to you.

We do not collect private or non-public information about your competitors. All scraped data comes from publicly accessible web sources.

2.4 Payment Data

Payment information (card numbers, bank details) is never stored on RivalBeam servers. All payment processing is handled by Stripe. We store only your Stripe customer ID and subscription status.

2.5 Communication Data

If you contact us by email or through support channels, we retain that correspondence to respond to your inquiry and improve our service.

3. How We Use Your Data

We use collected data to:

  • Provide, operate, and improve the RivalBeam service
  • Generate AI competitive briefs and battlecards for your organization
  • Send transactional emails (magic links, invoices, alert notifications)
  • Monitor and prevent fraud, abuse, and unauthorized access
  • Comply with legal obligations
  • Analyze aggregate usage patterns to improve the product

We do not sell your personal data to third parties. We do not use your data for advertising.

4. Scraping Disclosure

RivalBeam operates web crawlers that collect publicly accessible information about competitor companies. Our crawlers:

  • Respect robots.txt directives on all monitored domains
  • Identify themselves with a transparent User-Agent string
  • Do not attempt to access content behind authentication
  • Operate at human-browsing-comparable request rates
  • Only collect information you specifically request us to monitor

If you operate a website and do not want RivalBeam to collect data from it, add the appropriate Disallow directive to your robots.txt file, or contact crawlers@rivalbeam.com to request exclusion.

5. Third-Party Services

We use the following third-party services that may process your data:

  • OpenAI — AI brief and battlecard generation. Competitive intelligence context is sent to OpenAI's API. Subject to OpenAI's Privacy Policy.
  • Stripe — Payment processing. Governed by Stripe's Privacy Policy.
  • Resend — Transactional email delivery. Email addresses are shared for delivery purposes only.
  • Fly.io / Neon — Hosting and database infrastructure. Data is stored in US-East region.
  • ScraperAPI — Web content fetching for competitor monitoring. URLs you configure are passed to this service.

6. Data Retention

  • Account data: retained for the life of your account + 30 days after deletion
  • Raw page snapshots: 90 days
  • Change logs: 12 months (Starter and above), 30 days (Free)
  • AI briefs and battlecards: life of account
  • Audit logs: 12 months
  • Billing records: 7 years (legal requirement)

7. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate data
  • Delete your account and associated data
  • Export your data in machine-readable format
  • Object to or restrict processing of your data
  • Withdraw consent where processing is based on consent

To exercise these rights, email privacy@rivalbeam.com with your request. We will respond within 30 days.

8. Cookies

RivalBeam uses:

  • Session cookie (rivalbeam_session): HTTP-only, required for authentication. Expires after 30 days of inactivity.

We do not use advertising cookies, third-party tracking cookies, or analytics cookies. We do not load any third-party tracking scripts.

9. Security

We implement industry-standard security measures including AES-256 encryption at rest, TLS 1.3 in transit, RBAC with audit logging, and regular security reviews. See our Security page for details.

10. Children

RivalBeam is not directed at children under 16. We do not knowingly collect personal data from anyone under 16. If we learn we have collected such data, we will delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email (if you have an account) or by posting a notice on the site. Continued use after the effective date constitutes acceptance.

12. Contact

Questions about this Privacy Policy? Contact us at privacy@rivalbeam.com.