← Back to Auremis
Legal

Privacy Policy

Riverine Solutions LLC · Last updated: April 11, 2025

This Privacy Policy describes how Riverine Solutions LLC ("Riverine", "we", "our", or "us") collects, uses, and protects personal information in connection with Auremis, our alternative investments portfolio tracking platform (the "Platform"), and any related services, features, or content (collectively, the "Services"). By using the Services, you agree to the practices described in this Privacy Policy.

This policy may be updated periodically. We will notify you of material changes by posting a notice on the Platform or through other means required by applicable law. Continued use of the Services following any update constitutes your acceptance of the revised policy.

1. Information We Collect

1.1 Information You Provide

We collect information that you voluntarily submit when using the Platform, including:

  • Account registration details: name, email address, and password.
  • Portfolio and investment data: investment names, sponsor details, transaction records, asset types, NAV entries, capital contributions, distributions, and related financial figures.
  • K-1 document tracking information: tax years, received dates, and associated investment records.
  • User preferences and settings: display, AI chat, and dashboard configuration data.
  • Any notes, annotations, or other content you enter into the Platform.

1.2 Information Automatically Collected

When you access or use the Services, we may automatically collect:

  • Device and browser information: IP address, browser type and version, operating system.
  • Usage data: pages visited, features used, session duration, and interaction patterns.
  • Cookies and similar tracking technologies: used to maintain session state, remember preferences, and analyze usage (see Section 7).

1.3 Information from Third-Party Integrations

If you connect third-party financial services or data providers to the Platform, we may receive data from those sources as necessary to deliver the Services. We are not responsible for the privacy practices of third-party providers.

2. How We Use Your Information

We use the information we collect for the following purposes:

  • To provide, operate, and improve the Platform and Services.
  • To authenticate your identity and maintain the security of your account.
  • To process your portfolio data, run calculations (XIRR, NAV, yield, multiples), and generate analytics and reports.
  • To power AI-assisted features, including the Auremis AI chat panel, which uses your portfolio context to generate responses. AI features are processed through Anthropic's Claude API. Portfolio data sent to Claude is used solely to generate responses and is not retained by Anthropic for training purposes under their standard API terms.
  • To personalize your experience based on your configured settings and preferences.
  • To communicate with you about your account, service updates, or support requests.
  • To detect, investigate, and prevent fraudulent, unauthorized, or illegal activity.
  • To comply with applicable legal obligations.
  • To analyze aggregated, de-identified usage data to improve Platform functionality and user experience.

3. Legal Bases for Processing

Where applicable law requires a legal basis for processing personal data, we rely on the following:

  • Contract performance: processing necessary to provide the Services you have requested.
  • Legitimate interests: improving the Platform, ensuring security, and preventing fraud, where these interests are not overridden by your rights.
  • Legal compliance: processing required to meet regulatory or legal obligations.
  • Consent: where you have provided explicit consent, such as for certain marketing communications or optional analytics.

4. How We Share Your Information

We do not sell your personal information. We may share your information in the following limited circumstances:

4.1 Service Providers

We share information with third-party vendors who process data on our behalf to operate the Services, including:

  • Supabase: cloud database hosting and authentication infrastructure. Data is stored on AWS infrastructure in the United States.
  • Vercel: frontend hosting and serverless function execution.
  • Anthropic: AI inference for the Claude-powered chat feature. Data shared is limited to portfolio context required to generate a response and is processed under Anthropic's API terms.
  • Google Analytics: website and platform usage analytics. Data is governed by Google's Privacy Policy and Analytics Terms of Service.

4.2 Legal Requirements

We may disclose your information to courts, regulators, law enforcement agencies, or other governmental authorities where required by applicable law, regulation, or legal process, or to protect the rights, property, or safety of Riverine, our users, or others.

4.3 Business Transfers

If Riverine is involved in a merger, acquisition, financing, restructuring, or sale of assets, your information may be transferred to the relevant parties as part of that transaction. We will provide notice if your information becomes subject to a materially different privacy policy as a result.

4.4 With Your Consent

We may share your information for other purposes with your explicit consent.

5. Data Hosting and International Transfers

Auremis user data is hosted on infrastructure in the United States, including Supabase (hosted on AWS) and Vercel. If you are located outside the United States, your data will be transferred to and processed in the U.S. We take commercially reasonable steps to ensure that such transfers comply with applicable data protection laws, including through the use of data processing agreements with our service providers.

6. Data Retention

We retain your personal information for as long as your account is active or as necessary to provide the Services. If you request deletion of your account, we will delete or anonymize your data within a commercially reasonable time, except where retention is required by law, regulation, or for legitimate legal or business purposes (such as maintaining records for tax or compliance purposes or resolving disputes).

7. Cookies and Analytics

We use cookies and similar technologies to support Platform functionality, maintain user sessions, and collect analytics. Specifically:

  • Session cookies: required for authentication and to keep you logged in during a session. These are essential to the operation of the Platform.
  • Google Analytics: we use Google Analytics to understand how users interact with the Platform, including pages visited, feature usage, and session duration. Google Analytics data is subject to Google's Privacy Policy. You may opt out of Google Analytics data collection by using the Google Analytics Opt-out Browser Add-on.

We do not use cookies for advertising or cross-site tracking. You can configure your browser to block cookies, but doing so may affect Platform functionality.

8. Data Security

We implement reasonable administrative, technical, and organizational safeguards to protect your personal information against unauthorized access, disclosure, alteration, or destruction. These include:

  • Row-level security (RLS) enforced at the database level, ensuring users can only access their own data.
  • Encrypted data transmission via HTTPS.
  • Authentication managed through Supabase Auth with email/password credentials.

No method of transmission or storage is 100% secure. While we take the protection of your data seriously, we cannot guarantee absolute security. You are responsible for maintaining the confidentiality of your login credentials.

9. Your Privacy Rights

Depending on your jurisdiction, you may have the following rights with respect to your personal information:

  • Access: request a copy of the personal data we hold about you.
  • Correction: request that we correct inaccurate or incomplete data.
  • Deletion: request that we delete your personal data, subject to applicable legal exceptions.
  • Portability: request that we provide your data in a structured, machine-readable format.
  • Objection or restriction: object to or request restriction of certain processing activities.
  • Withdraw consent: where processing is based on consent, withdraw that consent at any time.

To exercise any of these rights, contact us at legal@auremis.net. We will respond to verified requests within the timeframe required by applicable law.

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information we collect and to opt out of any sale of personal information. We do not sell personal information.

10. Children's Privacy

The Platform is intended for adults and is not directed at children under the age of 18. We do not knowingly collect personal information from minors. If we become aware that we have collected information from a child under 18 without verifiable parental consent, we will take steps to delete that information promptly. If you believe we may have collected such information, please contact us at legal@auremis.net.

11. Third-Party Services and Links

The Platform may integrate with or reference third-party services (including financial data providers, document portals, or other tools). We are not responsible for the privacy practices, terms, or content of any third-party services. We encourage you to review the privacy policies of any third-party services you use in connection with Auremis.

12. AI Features and Data Use

Auremis includes an AI chat feature powered by Anthropic's Claude API. When you use this feature, relevant portfolio context (investment names, financials, transaction history, and settings) is transmitted to Anthropic's API to generate responses.

We do not use your portfolio data to train AI models. Under Anthropic's standard API terms, data submitted via the API is not used to train their models. The AI chat feature is designed to provide analysis and insight based solely on your own data — no data from other users is accessible or included in your prompts.

AI responses are generated dynamically and do not constitute financial advice. You should not rely on AI-generated output as a substitute for professional investment counsel.

13. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by posting an updated version on the Platform with a revised "Last Updated" date and, where appropriate, by email or in-app notification. Your continued use of the Services after the effective date of any revision constitutes your acceptance of the updated policy.

14. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Riverine Solutions LLC
Operating as Auremis Alternatives
Email: legal@auremis.net

← Back to Auremis | Terms of Service | Cookie Policy