> ## Documentation Index
> Fetch the complete documentation index at: https://help.rytz.com.au/llms.txt
> Use this file to discover all available pages before exploring further.

# Privacy and data

> What happens to your data on RYTZ — what we store, what we don't, who can see it, and what we'd never do.

import { Card, CardGroup } from '@mintlify/components'

Family-law matters involve deeply personal data — children's identities, financial details, family-violence history, mental-health context. We take the privacy obligations of holding this data seriously.

This page is the plain-English version. The full [privacy policy](https://rytz.com.au/privacy) is the legally operative document.

## What we store

The data you enter on the platform sits in a Supabase Postgres database, encrypted at rest, in an Australian region (Sydney). Specifically:

* Your Master Case File (names, dates, children, FV history, jurisdictional details)
* Your parenting-plan drafts and clause inputs
* Your settlement-planner inputs (asset pool, contributions, future-needs notes)
* Your AI chat history (so the chat can reference earlier messages in the same session)
* Your account information (email, password hash)
* Your subscription status (if you're premium)

## What we don't store

* **Documents you export.** Your PDF / DOCX / Markdown exports are generated on demand and downloaded by you. We do not retain a copy on the server.
* **Your password.** We store a hash, not the password itself. Even our engineers can't see your password.
* **Your payment details.** Stripe handles all payment data; we never see card numbers.
* **Your IP address (long-term).** We log it briefly for security purposes (rate limiting, abuse detection) but it's not retained beyond what's needed.

## Who can see your data

<CardGroup cols={2}>
  <Card title="You" icon="circle-check">
    Always. Every field you've entered is visible to you in your account.
  </Card>

  <Card title="RYTZ engineers — only with your consent" icon="circle-check">
    Row-Level Security policies on the database mean that even our engineers cannot read your specific case data without your explicit permission. The exception: troubleshooting requires us to see logs (not your case data) when you report a bug.
  </Card>

  <Card title="The other party in your matter" icon="circle-xmark">
    No. Your account is private. The other party (if they're also a RYTZ user) has their own separate account.
  </Card>

  <Card title="Third parties" icon="circle-xmark">
    No. We do not sell user data, share with marketers, or provide it to lawyers, courts, or government bodies. The only exception: a properly issued subpoena or court order, which we'd notify you of unless legally prevented.
  </Card>
</CardGroup>

## What about the AI?

The AI chat sees:

* Your Master Case File context (so answers are framed for your situation)
* Your conversation history within the session

The AI does not:

* Train on your specific case content. Anthropic (the AI provider) processes your messages to generate a response, but does not use them for model training. This is enforced contractually + technically.
* Share your data across users. Your conversations are siloed to your account.

## How long we keep your data

* **While your account is active:** as long as you keep using the platform.
* **After you delete your account:** 30 days (in case you change your mind), then permanently purged from production. Backups are retained for an additional 60 days for disaster-recovery purposes, then purged.
* **Anonymous analytics:** product-usage metrics (e.g. "X parenting plans were exported last month") may be retained indefinitely in aggregate, with no link back to individual users.

## Your rights under Australian privacy law

The Privacy Act 1988 (Cth) gives you specific rights over your data:

* **Right to access** — you can request a copy of all data we hold about you
* **Right to correction** — you can correct inaccurate data
* **Right to deletion** — you can ask us to delete your data
* **Right to complain** — you can complain to the Office of the Australian Information Commissioner (OAIC) if you think we've mishandled your data

To exercise any of these rights, email **[privacy@rytz.com.au](mailto:privacy@rytz.com.au)**.

## Security

We use industry-standard practices:

* **Encryption at rest** (database) and **in transit** (HTTPS everywhere)
* **Row-Level Security** on every table containing personal data
* **Multi-factor authentication** available on every account (we recommend turning it on)
* **Independent security review** annually
* **Active monitoring** for unusual access patterns

If you ever suspect your account has been compromised, email **[tech@rytz.com.au](mailto:tech@rytz.com.au)** immediately. We'll lock the account, audit the access log, and help you recover.

## When you should be careful

There are a few situations where you should think carefully about what you put into the platform:

* **Active family-violence risk** — if your safety depends on the other party not knowing what you're planning, consider whether your devices are secure (shared computer? known Apple ID?). The platform is not the weak link, but your device might be.
* **Information that would breach a court order** — if you have orders restricting what you can disclose about the other party (rare but possible), think about whether your case-file notes might breach those orders.
* **Information you'd want privileged** — drafts of negotiation strategy, internal arguments. The platform is private, but it isn't legal-professional-privilege protected (we're not your lawyer). If the matter ever comes to litigation and your account is subpoenaed, the contents could be disclosed.

For the third point — if you have anything truly privileged (lawyer-client communications, confidential strategy notes), keep that with your lawyer, not in the platform.

## Questions

For any privacy or data question:

* **Privacy-specific:** [privacy@rytz.com.au](mailto:privacy@rytz.com.au)
* **Account or technical:** [tech@rytz.com.au](mailto:tech@rytz.com.au)
* **Public regulator:** the [OAIC](https://www.oaic.gov.au) handles privacy complaints

## Next

<CardGroup cols={2}>
  <Card title="Pricing and tiers" icon="circle-dollar" href="/account/pricing-and-tiers">
    What's free, what's premium, what each tier unlocks.
  </Card>

  <Card title="Frequently asked" icon="circle-question" href="/faq/frequently-asked">
    Other common questions.
  </Card>
</CardGroup>
