Skip to content

Legal

Data processing

This page explains how Caviyard, Inc. handles the personal data inside the products we operate, and the service providers we rely on to do it. We are the controller of that data. It complements our Privacy page.

Our role

Caviyard, Inc. is the data controller for the personal data processed in the products we build and operate under the Caviyard name. We decide what is collected and why, and we are accountable for protecting it. We are based in the United States and process data in the United States and in other countries where our providers operate.

Service providers

We rely on a small number of vetted service providers that process personal data only on our instructions and under written agreements. These cover infrastructure and hosting, email delivery, analytics, and age and identity verification. We review the list as it changes and hold each provider to security and privacy commitments.

Cross-border transfers

Where personal data leaves the region in which it was collected, we use appropriate safeguards, including the Standard Contractual Clauses and the additional measures the applicable rules require.

Data retention

Personal data is retained only for as long as it is needed for the purpose it was collected, then deleted or irreversibly anonymized. Backups age out on a documented schedule. Safety and verification records are kept for the period our legal and safety obligations require.

Your rights

The rights you have over your personal data, including access, correction, and deletion, are described on our Privacy page. To exercise them, write to privacy@caviyardcorp.com.