Privacy Policy

Last Updated: June 2025

Caversham Digital ("we", "us", or "our") operates the RiskFree mobile application (the "App"). This page informs you of our policies regarding the collection, use, and disclosure of personal data when you use our App.

Information We Collect

Information You Provide

Account Information

When you create an account, we collect:

  • Email address
  • Name (optional)
  • Company name (optional)

Document Content

When you use RiskFree, you create content including:

  • Voice recordings (transcribed and discarded after processing)
  • Site photographs
  • Risk assessment and method statement text
  • Location data (GPS coordinates, if permitted)

Company Branding

If you choose to add branding, we store:

  • Company logo
  • Company name
  • Custom accent colours

Information Collected Automatically

Device Information

  • Device type and model
  • Operating system version
  • Unique device identifiers

Usage Data

  • Features used
  • Documents created
  • Crash reports and performance data

How We Use Your Information

We use the information we collect to:

  1. Provide the Service — Generate RAMS documents from your voice and photos
  2. Improve the App — Analyse usage patterns to improve features
  3. Customer Support — Respond to your requests and questions
  4. Legal Compliance — Meet legal obligations and protect our rights

Privacy-First Design

RiskFree is built with a privacy-first approach. Where possible, processing happens on-device. Voice transcription and photo analysis use on-device capabilities before falling back to cloud services when needed.

Third-Party Services

RiskFree uses the following third-party services:

AI Processing

Anthropic (Claude AI)

  • Purpose: Generate risk assessments and analyse photos
  • Data sent: Transcribed voice input, photos, form data
  • Privacy: anthropic.com/privacy

Apple Speech Recognition

  • Purpose: On-device voice transcription
  • Data sent: Processed locally on device where possible
  • Privacy: apple.com/legal/privacy

Cloud Storage

Supabase

  • Purpose: Store documents, photos, and sync across devices
  • Data stored: All document content and user data
  • Privacy: supabase.com/privacy

Analytics

Apple App Analytics

  • Purpose: Understand app performance and crashes
  • Data collected: Anonymous usage statistics
  • Privacy: apple.com/legal/privacy

Data Storage and Security

Local Storage

Your documents are stored locally on your device using iOS secure storage. Photos are stored in the app's sandboxed directory.

Cloud Sync (Optional)

If you enable sync, your data is stored on Supabase servers located in the EU. Data is encrypted in transit (TLS 1.3) and at rest (AES-256).

API Keys

If you provide your own API keys, they are stored securely in the iOS Keychain and never transmitted to our servers.

Data Retention

We retain your personal data only for as long as necessary to provide you with the Service and as described in this Privacy Policy.

  • Voice recordings: Deleted immediately after transcription
  • Documents and photos: Retained until you delete them or your account
  • Account data: Deleted within 30 days of account deletion request
  • Analytics data: Aggregated and anonymized after 26 months

Your Rights (GDPR/UK GDPR)

Under applicable data protection laws, you have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Request correction of inaccurate data
  • Erasure: Request deletion of your data ("right to be forgotten")
  • Restriction: Request limited processing of your data
  • Portability: Request your data in a machine-readable format
  • Objection: Object to processing based on legitimate interests

To exercise these rights, contact us at privacy@cavershamdigital.com.

Children's Privacy

RiskFree is not intended for use by children under 16. We do not knowingly collect personal information from children under 16. If you become aware that a child has provided us with personal data, please contact us.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date.

Contact Us

If you have questions about this Privacy Policy, please contact us:

Caversham Digital is the data controller for the purposes of GDPR/UK GDPR. Our legal basis for processing is contract performance (providing the Service) and legitimate interests (improving and securing the Service).