ROVIK
Back to Home

Privacy Policy

Last updated: April 23, 2026

1. Information We Collect

We collect information you provide directly when you create an account and use the ROVIK platform. This includes:

  • Account Information: Name, email address, phone number, and company details.
  • Operational Data: Mission plans, flight logs, drone telemetry data, inspection reports, photos, and GPS coordinates.
  • Client Data: Contact information and project details for your clients, as entered by you into the platform.
  • Financial Data: Invoice amounts, payment records, and billing information. Payment card details are processed directly by Stripe and are never stored on our servers.
  • Usage Data: Log data, browser type, IP address, pages visited, and interaction patterns within the platform.

2. How We Use Your Data

We use the information we collect to:

  • Provide, maintain, and improve the ROVIK platform and its features.
  • Process your transactions and send related information, including invoices and receipts.
  • Send notification emails such as certificate expiry alerts, mission reminders, and report notifications (subject to your preferences).
  • Generate analytics dashboards and operational insights for your account.
  • Provide customer support and respond to your inquiries.
  • Detect, investigate, and prevent fraudulent or unauthorized activities.
  • Comply with legal obligations.

3. Data Storage and Security

Your data is stored securely using Supabase, a hosted PostgreSQL database platform with enterprise-grade security. All data is encrypted at rest and in transit using industry-standard TLS encryption.

  • Database access is protected by Row Level Security (RLS) policies, ensuring users can only access data belonging to their organization.
  • File uploads (images, reports, documents) are stored in Supabase Storage with access-controlled bucket policies.
  • Authentication is handled through Supabase Auth with secure session management.
  • We perform regular security reviews and follow industry best practices for data protection.

4. Third-Party Services

We integrate with the following third-party services to provide platform functionality. Each service has its own privacy policy governing their use of data:

  • Supabase — Database hosting, authentication, and file storage. Data is stored in Supabase-managed infrastructure. Privacy Policy
  • Mapbox — Map rendering and geocoding for mission planning and flight visualization. Location data is sent to Mapbox for map tile rendering. Privacy Policy
  • Google Gemini (AI)— AI-powered report generation and data analysis. Mission data may be sent to Google's API for processing. No data is retained by Google for model training. Privacy Policy
  • Stripe — Payment processing for subscription billing. Payment card details are handled directly by Stripe and are never stored on ROVIK servers. Privacy Policy
  • Vercel — Application hosting and deployment. Server logs and request metadata may be processed by Vercel. Privacy Policy

5. Data Retention

We retain your data for as long as your account is active or as needed to provide the Service. Specific retention periods include:

  • Account data: Retained for the duration of your account plus 30 days after deletion.
  • Flight logs and mission data: Retained for the duration of your account. You may delete individual records at any time.
  • Financial records: Retained for a minimum of 7 years as required by applicable tax and accounting regulations.
  • Usage logs: Retained for up to 90 days for debugging and security purposes.

6. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request correction of inaccurate or incomplete personal data.
  • Deletion: Request deletion of your personal data, subject to legal retention requirements.
  • Portability: Request your data in a structured, machine-readable format.
  • Restriction: Request that we limit the processing of your personal data.
  • Objection: Object to the processing of your personal data for certain purposes.

To exercise any of these rights, contact us at privacy@rovik.io. We will respond to all legitimate requests within 30 days.

7. GDPR Compliance

For users in the European Economic Area (EEA), we process personal data under the following legal bases:

  • Contract performance: Processing necessary to provide the Service you have subscribed to.
  • Legitimate interests: Processing for security, fraud prevention, and product improvement.
  • Consent: Processing based on your explicit consent, such as marketing communications.
  • Legal obligation: Processing required to comply with applicable laws.

You may withdraw consent at any time by updating your notification preferences or contacting us. Data transfers outside the EEA are protected by Standard Contractual Clauses or equivalent safeguards.

8. CCPA Compliance

For California residents, the California Consumer Privacy Act (CCPA) provides additional rights regarding your personal information:

  • The right to know what personal information is collected, used, shared, or sold.
  • The right to delete personal information held by us.
  • The right to opt out of the sale of personal information. We do not sell personal information.
  • The right to non-discrimination for exercising your CCPA rights.

9. Cookies and Tracking

We use essential cookies for authentication and session management. We may also use analytics cookies to understand how users interact with the platform. You can control cookie preferences through your browser settings.

10. Children's Privacy

The Service is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will take steps to delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the updated policy on this page and updating the "Last updated" date. We encourage you to review this policy periodically.

12. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at:

privacy@rovik.io