Riiw Terms of Service & Privacy Policy

Effective date: 25 May 2026

This document contains the Terms of Service and Privacy Policy for Riiw.

Riiw is operated by Olympos Labs OÜ, an Estonian company registered under company number 16626115, with its registered address at:

Olympos Labs OÜ
Company No: 16626115
Harju maakond, Kesklinna linnaosa, Viru väljak 2, 3. korrus
Tallinn 10111
Estonia

Contact email: [email protected]

By accessing or using Riiw.com, the Riiw platform, our websites, applications, products, services, and related features collectively referred to as the “Services”, you agree to the terms and policies described in this document.

Part 1: Terms of Service

1. About Riiw

Riiw is a work management and collaboration platform designed for teams, businesses, organizations, and professionals.

The Services may include features such as projects, tasks, chat, documents, files, workspaces, organization management, user permissions, and other business tools.

We may update, improve, modify, suspend, or remove certain features from time to time as the Services evolve.

2. Eligibility

You must be at least 16 years old, or the minimum legal age required in your country, to use the Services.

If you use the Services on behalf of a company, organization, or other legal entity, you confirm that you have authority to accept these Terms on behalf of that entity. In that case, “you” and “your” refer to both you as an individual and the organization you represent.

3. Accounts and Registration

To use certain parts of the Services, you may need to create an account.

You agree to:

Provide accurate, complete, and up-to-date information.
Keep your login credentials secure.
Not share your account with unauthorized users.
Notify us immediately if you suspect unauthorized access to your account.
Be responsible for all activity under your account.

We are not responsible for losses caused by your failure to protect your account credentials.

4. Workspaces and Organizations

Riiw may allow users to create or join workspaces, teams, companies, or organizations.

A workspace owner or administrator may have control over:

User access
Roles and permissions
Workspace settings
Billing and subscriptions
Projects, documents, files, tasks, chats, and other workspace content
User invitations and removals
Data exports or deletion, where available

If your account is created or managed by an organization, your access may be controlled by that organization. The organization may be able to view, manage, restrict, export, or delete content and activity within its workspace.

We are not responsible for disputes between users, workspace members, administrators, or organizations regarding access, ownership, permissions, or content.

5. Subscriptions, Plans, and Billing

Riiw may offer free and paid plans.

Paid plans may include additional features, usage limits, storage, seats, projects, workspaces, integrations, support levels, or other benefits.

By subscribing to a paid plan, you agree to pay all applicable fees according to the plan, billing cycle, and payment terms shown at the time of purchase.

Unless otherwise stated:

Fees are charged in advance.
Subscription fees are non-refundable except where required by law.
Your subscription may renew automatically.
You authorize us or our payment providers to charge your selected payment method.
You are responsible for applicable taxes, including VAT, sales tax, or similar charges.
We may suspend or terminate access if payment fails or remains overdue.

We may change our pricing, plans, features, or billing terms from time to time. If required by law or if the change materially affects your subscription, we will provide reasonable notice.

6. Free Trials and Free Plans

We may offer free trials, free plans, beta access, promotional credits, or limited-time offers.

We may modify, limit, suspend, or terminate free plans or trials at any time, with or without notice, unless prohibited by law.

Free plans may include limits on users, storage, projects, workspaces, features, or usage.

7. Acceptable Use

You agree not to misuse the Services.

You must not:

Violate any applicable law or regulation.
Infringe intellectual property, privacy, or other rights.
Upload or share illegal, harmful, abusive, defamatory, discriminatory, or obscene content.
Upload malware, viruses, ransomware, spyware, or harmful code.
Attempt to gain unauthorized access to any system, account, workspace, or data.
Interfere with or disrupt the Services.
Reverse engineer, decompile, or attempt to extract source code except where permitted by law.
Use the Services to send spam or unauthorized communications.
Abuse invitations, messaging, automation, storage, or collaboration features.
Scrape, crawl, or harvest data without permission.
Use the Services to build a competing product or service without our written permission.
Circumvent usage limits, security controls, or access restrictions.
Use the Services in a way that could damage Riiw, Olympos Labs, our users, infrastructure, or reputation.

We may investigate and take action if we believe you have violated these Terms, including suspending or terminating your account.

8. Customer Content

“Customer Content” means any content, data, files, documents, messages, projects, tasks, comments, or materials submitted, uploaded, created, stored, or shared through the Services by you or your users.

You retain ownership of your Customer Content.

By using the Services, you grant us a limited, worldwide, non-exclusive license to host, store, process, transmit, display, and use Customer Content only as necessary to:

Provide the Services.
Maintain and improve the platform.
Secure and troubleshoot the Services.
Provide support.
Comply with legal obligations.
Enforce these Terms.

We do not claim ownership of your Customer Content.

You are responsible for your Customer Content and for ensuring that you have all rights, permissions, and legal bases necessary to upload, share, process, or store it through the Services.

9. Content Visibility and Sharing

Riiw is a collaboration platform. Content you create or upload may be visible to other users depending on workspace settings, sharing settings, user roles, permissions, and administrator controls.

You are responsible for configuring permissions appropriately and for deciding what content to share.

We are not responsible for unauthorized access caused by incorrect permissions, invited users, shared links, weak passwords, compromised accounts, or administrator actions within your workspace.

10. Privacy and Data Protection

Our collection and use of personal data is described in the Privacy Policy section of this document.

By using the Services, you acknowledge that we process personal data as described in this document.

Where required, business customers may enter into a Data Processing Addendum with us. If we process personal data on behalf of your organization, your organization may act as the data controller and we may act as the data processor under applicable data protection laws.

11. Security

We use reasonable technical and organizational measures designed to protect the Services and Customer Content.

However, no system is completely secure. You are responsible for:

Keeping passwords secure.
Managing user access.
Removing users who should no longer have access.
Setting appropriate permissions.
Maintaining your own backups where necessary.
Using the Services responsibly.

You must notify us immediately if you become aware of unauthorized access, security incidents, or misuse of your account or workspace.

12. Third-Party Services and Integrations

The Services may allow you to connect to third-party applications, services, integrations, websites, or tools.

Your use of third-party services is governed by their own terms and privacy policies. We are not responsible for third-party services, their content, availability, security, or data practices.

If you enable an integration, you authorize us to exchange relevant data with that third-party service as necessary to provide the integration.

13. Intellectual Property

The Services, including software, design, interfaces, graphics, logos, trademarks, features, workflows, and related materials, are owned by Olympos Labs or its licensors.

These Terms do not grant you ownership of the Services or any Riiw intellectual property.

You may not copy, modify, distribute, sell, lease, reverse engineer, or create derivative works based on the Services except as expressly permitted by these Terms or applicable law.

The name Riiw, the Riiw logo, and related branding are trademarks or brand assets of Olympos Labs. You may not use them without our prior written permission.

14. Feedback

If you submit ideas, suggestions, feature requests, comments, or feedback about the Services, you grant us the right to use them without restriction or compensation to you.

We may use feedback to improve, modify, or develop our Services.

15. Service Availability

We aim to provide reliable Services, but we do not guarantee that the Services will always be available, uninterrupted, secure, or error-free.

The Services may be unavailable due to:

Maintenance
Updates
Technical issues
Network failures
Infrastructure outages
Third-party service failures
Security incidents
Events beyond our control

We may modify, suspend, or discontinue parts of the Services at any time.

16. Beta Features

We may offer beta, experimental, preview, or early-access features.

Beta features are provided “as is” and may be incomplete, unstable, changed, or discontinued at any time.

You should not rely on beta features for critical business operations unless we expressly state otherwise.

17. AI and Automation Features

Riiw may offer AI, automation, or smart-assistance features now or in the future.

You are responsible for reviewing outputs generated by AI or automation features before relying on them. Such outputs may be incomplete, inaccurate, or unsuitable for your specific needs.

Unless otherwise stated, AI or automation features do not replace professional, legal, financial, technical, or business advice.

Additional terms may apply to certain AI-powered features.

18. Suspension and Termination

We may suspend or terminate your access to the Services if:

You violate these Terms.
You fail to pay applicable fees.
Your use creates security, legal, or operational risk.
We are required to do so by law.
Your account is inactive for an extended period.
You misuse the Services or harm other users.
Your use may expose us, our users, or third parties to liability.

You may stop using the Services at any time. You may also cancel your subscription according to the cancellation process made available in your account or billing settings.

Termination does not relieve you of payment obligations incurred before termination.

19. Effect of Termination

After your account or subscription ends:

Your access to the Services may be disabled.
Your Customer Content may become inaccessible.
We may delete Customer Content after a reasonable period, subject to legal, backup, security, or contractual requirements.
Some data may be retained where required for legal, tax, accounting, fraud prevention, dispute resolution, or compliance purposes.

You are responsible for exporting or backing up your Customer Content before termination where export functionality is available.

20. Disclaimers

The Services are provided on an “as is” and “as available” basis.

To the maximum extent permitted by law, we disclaim all warranties, whether express, implied, statutory, or otherwise, including warranties of:

Merchantability
Fitness for a particular purpose
Non-infringement
Availability
Accuracy
Reliability
Security
Error-free operation

We do not guarantee that the Services will meet your specific requirements, be uninterrupted, or be free from errors, vulnerabilities, or harmful components.

21. Limitation of Liability

To the maximum extent permitted by law, Olympos Labs OÜ and its directors, employees, contractors, affiliates, suppliers, and licensors will not be liable for:

Indirect, incidental, special, consequential, exemplary, or punitive damages.
Loss of profits, revenue, business, goodwill, or anticipated savings.
Loss, corruption, or deletion of data.
Business interruption.
Unauthorized access to accounts or data.
Third-party services or integrations.
Damages caused by misuse of the Services.

To the maximum extent permitted by law, our total liability for any claim arising out of or relating to the Services or these Terms will not exceed the amount paid by you to us for the Services during the twelve months before the event giving rise to the claim, or €100, whichever is greater.

Some jurisdictions do not allow certain limitations of liability, so some of the above limitations may not apply to you.

22. Indemnification

You agree to defend, indemnify, and hold harmless Olympos Labs OÜ, its directors, employees, contractors, affiliates, suppliers, and licensors from and against any claims, damages, liabilities, losses, costs, and expenses, including reasonable legal fees, arising from:

Your use of the Services.
Your Customer Content.
Your violation of these Terms.
Your violation of applicable law.
Your infringement of third-party rights.
Your misuse of accounts, workspaces, permissions, or integrations.

23. Changes to the Services

We may update, improve, change, suspend, or discontinue any part of the Services at any time.

We may also introduce new features, remove existing features, or change usage limits.

Where a change materially affects your paid subscription, we will try to provide reasonable notice where practical.

24. Changes to These Terms

We may update these Terms from time to time.

If we make material changes, we may notify you by email, through the Services, or by posting a notice on our website.

The updated Terms will become effective when posted, unless a later date is stated.

Your continued use of the Services after the updated Terms become effective means you accept the updated Terms.

If you do not agree to the updated Terms, you must stop using the Services.

25. Governing Law

These Terms are governed by the laws of Estonia, without regard to conflict of law principles.

Where applicable consumer protection laws provide mandatory rights, those rights are not affected by this section.

26. Dispute Resolution

Before starting formal legal proceedings, you agree to first contact us and attempt to resolve the dispute informally.

You can contact us at [email protected].

If a dispute cannot be resolved informally, the dispute will be submitted to the competent courts of Estonia, unless applicable law requires another venue.

27. Force Majeure

We will not be liable for any delay or failure to perform obligations caused by events beyond our reasonable control, including:

Natural disasters
War
Terrorism
Civil unrest
Government actions
Labor disputes
Internet or telecommunications failures
Power outages
Cyberattacks
Third-party service outages
Infrastructure failures

28. Assignment

You may not assign or transfer these Terms or your rights under them without our prior written consent.

We may assign or transfer these Terms in connection with a merger, acquisition, restructuring, sale of assets, change of control, or by operation of law.

29. Severability

If any provision of these Terms is found to be invalid, illegal, or unenforceable, the remaining provisions will remain in full force and effect.

The invalid provision will be modified to the minimum extent necessary to make it enforceable, where permitted by law.

30. No Waiver

Our failure to enforce any provision of these Terms does not mean we waive our right to enforce that provision later.

Any waiver must be in writing and signed by an authorized representative of Olympos Labs.

31. Entire Agreement

These Terms, together with the Privacy Policy and any other policies or agreements referenced in this document, form the entire agreement between you and Olympos Labs regarding your use of the Services.

They replace any prior agreements or understandings relating to the Services.

Part 2: Privacy Policy

1. Introduction

This Privacy Policy explains how Olympos Labs OÜ collects, uses, stores, shares, and protects personal data when you access or use the Services.

Riiw is a work management and collaboration platform that may include features such as projects, tasks, chat, documents, files, team workspaces, organization management, and related business tools.

By using the Services, you acknowledge that your information will be processed as described in this Privacy Policy.

2. Our Role Under Data Protection Laws

For the purposes of the General Data Protection Regulation, also known as the GDPR, Olympos Labs OÜ may act as either:

Data Controller
When we determine the purposes and means of processing personal data, such as when you create an account, visit our website, contact us, subscribe to our services, or interact with our marketing.

Data Processor
When we process personal data on behalf of a customer, organization, or workspace owner that uses Riiw to store or manage data relating to its users, employees, clients, projects, documents, files, or other business information.

If you use Riiw through an organization, employer, team, or workspace, that organization may be the controller of certain data processed through the Services. In such cases, please contact your organization first regarding your personal data rights.

3. Information We Collect

We collect information in several ways depending on how you use Riiw.

3.1 Information You Provide to Us

We may collect personal data that you provide directly, including:

Name
Email address
Company or organization name
Job title or role
Profile information
Account login details
Billing and subscription information
Messages you send to us
Support requests
Survey responses
Marketing preferences
Any information you upload, submit, create, or share through the Services

3.2 Account and Workspace Information

When you create or join a Riiw workspace, we may collect:

Workspace name
Organization name
Team members and invitees
User roles and permissions
Project, task, document, file, and chat metadata
Activity logs
Audit logs
Settings and preferences
Usage and feature activity

3.3 Customer Content

“Customer Content” means content submitted, uploaded, stored, sent, received, or created by users through Riiw.

This may include:

Projects and tasks
Documents and notes
Files and folders
Chat messages
Comments
Forms
Internal knowledge base content
Customer, employee, partner, or business data added by your organization
Other content you or your team upload to the Services

We process Customer Content to provide, maintain, secure, and improve the Services. We do not claim ownership of your Customer Content.

3.4 Payment Information

If you purchase a paid subscription, payment information may be processed by our third-party payment providers.

We may receive limited billing-related information, such as:

Billing name
Billing email
Billing address
Company information
VAT or tax identification number
Subscription plan
Payment status
Invoice details

We do not intentionally store full credit card numbers on our own servers unless explicitly stated.

3.5 Automatically Collected Information

When you use the Services, we may automatically collect technical and usage data, including:

IP address
Device type
Browser type
Operating system
Referring URLs
Pages visited
Features used
Date and time of access
Approximate location based on IP address
Session information
Error logs
Performance data
Security logs

3.6 Cookies and Similar Technologies

We may use cookies, pixels, local storage, and similar technologies to:

Keep you signed in
Remember your preferences
Understand website usage
Improve performance
Measure marketing campaigns
Provide security features
Analyze product usage

You can control cookies through your browser settings. Some cookies are necessary for the Services to function properly.

4. How We Use Information

We use personal data for the following purposes:

4.1 To Provide and Operate the Services

We use data to:

Create and manage accounts
Provide workspaces and collaboration tools
Store and display Customer Content
Enable projects, tasks, documents, files, chat, and related features
Authenticate users
Manage subscriptions
Process payments
Provide customer support
Maintain service availability

4.2 To Improve and Develop the Services

We may use data to:

Understand how users interact with Riiw
Improve usability and performance
Develop new features
Debug errors
Monitor service reliability
Conduct internal analytics
Improve security and fraud prevention

4.3 To Communicate With You

We may use your contact information to:

Send service-related messages
Respond to support requests
Send administrative notices
Provide product updates
Notify you about security or account issues
Send marketing communications where permitted

You may opt out of marketing communications at any time. However, we may still send you important service, security, legal, or account-related messages.

4.4 To Protect Riiw and Our Users

We may use data to:

Prevent fraud, abuse, spam, and unauthorized access
Detect security incidents
Enforce our terms and policies
Protect the rights, safety, and property of users, customers, Olympos Labs, and the public
Comply with legal obligations

4.5 For Legal and Compliance Purposes

We may process personal data to:

Comply with applicable laws
Maintain business records
Respond to lawful requests
Enforce agreements
Resolve disputes
Meet tax, accounting, and regulatory obligations

5. Legal Bases for Processing

Where GDPR applies, we process personal data based on one or more of the following legal bases:

Performance of a contract
When processing is necessary to provide the Services, manage your account, process subscriptions, or fulfill our agreement with you.

Legitimate interests
When processing is necessary for our legitimate business interests, such as improving the Services, preventing abuse, securing our platform, and communicating with customers, provided those interests are not overridden by your rights.

Consent
When you have given consent, such as for certain marketing communications or optional cookies. You may withdraw consent at any time.

Legal obligation
When processing is necessary to comply with laws, tax obligations, accounting rules, court orders, or lawful government requests.

Protection of rights and safety
When processing is necessary to protect the rights, safety, and security of Riiw, our users, customers, or others.

6. How We Share Information

We do not sell your personal data.

We may share information in the following situations:

6.1 With Service Providers

We may share data with trusted third-party service providers that help us operate, secure, and improve the Services, such as:

Cloud hosting providers
Database and infrastructure providers
Payment processors
Email delivery providers
Analytics providers
Customer support tools
Error monitoring tools
Security providers
Communication providers

These providers are only permitted to process personal data as necessary to provide services to us and must protect it according to appropriate confidentiality and security obligations.

6.2 With Your Organization or Workspace

If you use Riiw as part of a workspace, organization, company, or team, certain information may be visible to workspace owners, administrators, and other authorized users, depending on workspace settings and permissions.

This may include:

Name and email address
Profile information
Role and permissions
Activity within the workspace
Content you create, upload, or share
Comments, messages, tasks, documents, and files
Login and usage information available to admins

6.3 With Other Users

When you collaborate through Riiw, information you share may be visible to other users in the same workspace, project, document, chat, file, or team area according to the permissions configured by you or your organization.

6.4 For Legal Reasons

We may disclose information if we believe disclosure is necessary to:

Comply with applicable law
Respond to lawful requests
Protect our rights or property
Enforce our agreements
Investigate fraud, abuse, or security issues
Protect users or the public from harm

6.5 Business Transfers

If Olympos Labs is involved in a merger, acquisition, financing, reorganization, sale of assets, or similar transaction, personal data may be transferred as part of that transaction, subject to appropriate safeguards.

7. Customer Content and Workspace Data

Customer Content belongs to the customer, workspace, organization, or user that submitted it, subject to the applicable agreement between the parties.

We access Customer Content only where necessary to:

Provide the Services
Maintain and troubleshoot the platform
Respond to support requests
Ensure security and prevent abuse
Comply with legal obligations
Enforce our terms and policies

We do not use Customer Content for advertising purposes.

We do not sell Customer Content.

If Riiw introduces AI-powered features, we will provide additional information about how data is processed by those features. Unless separately stated, Customer Content is not used to train third-party AI models.

8. International Data Transfers

Olympos Labs OÜ is based in Estonia, within the European Union. However, some of our service providers or infrastructure providers may process personal data in other countries.

Where personal data is transferred outside the European Economic Area, the United Kingdom, or Switzerland, we use appropriate safeguards where required by law. These may include:

European Commission Standard Contractual Clauses
Data Processing Agreements
Transfer impact assessments where applicable
Other legally recognized transfer mechanisms

9. Data Retention

We retain personal data only for as long as reasonably necessary for the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.

Retention periods may depend on:

The type of data
The nature of your account
Whether your account is active
Legal, tax, accounting, or compliance obligations
Security and fraud prevention needs
Backup and disaster recovery processes
Contractual obligations to customers

When data is no longer needed, we delete, anonymize, or securely retain it according to applicable law and our internal policies.

Customer Content may remain in backups for a limited period after deletion before being permanently removed according to our backup retention processes.

10. Security

We use reasonable technical, organizational, and administrative measures designed to protect personal data against unauthorized access, loss, misuse, alteration, disclosure, or destruction.

These measures may include:

Encryption in transit
Access controls
Authentication and authorization controls
Logging and monitoring
Infrastructure security practices
Backup and recovery procedures
Internal access restrictions
Security reviews
Vendor security assessment where appropriate

However, no online service can be guaranteed to be completely secure. You are responsible for maintaining the confidentiality of your account credentials and for using strong passwords and appropriate access controls.

11. Your Rights

Depending on your location and applicable law, you may have rights regarding your personal data, including the right to:

Access your personal data
Correct inaccurate or incomplete data
Delete your personal data
Restrict processing
Object to processing
Withdraw consent
Request data portability
Opt out of marketing communications
Lodge a complaint with a data protection authority

To exercise your rights, contact us at:

[email protected]

If your data is controlled by an organization using Riiw, we may direct your request to that organization or ask you to contact them directly.

12. Account Information and User Controls

You may be able to access, update, export, or delete certain information through your Riiw account settings.

Workspace owners and administrators may also control certain data, permissions, retention settings, exports, and user access within their workspace.

If you leave a workspace, some content you created may remain available to the workspace depending on the organization’s settings and legal rights.

13. Marketing Communications

We may send you marketing emails about Riiw, product updates, offers, and related services where permitted by law.

You can unsubscribe from marketing emails at any time by using the unsubscribe link in the email or by contacting us.

Even if you unsubscribe from marketing emails, we may still send you non-marketing messages, such as account, billing, legal, security, or service-related notifications.

14. Cookies and Tracking

We may use cookies and similar technologies for:

Essential website functionality
Authentication
Security
Preferences
Analytics
Performance monitoring
Marketing measurement

Where required by law, we will ask for your consent before using non-essential cookies.

You can manage cookies through your browser settings or through any cookie preference tools we may provide.

15. Third-Party Services and Integrations

Riiw may allow you to connect or use third-party services, integrations, applications, or links.

When you use third-party integrations, your data may be shared with or processed by those third parties according to their own privacy policies and terms.

We are not responsible for the privacy practices of third-party services that we do not control.

16. Children’s Privacy

Riiw is intended for business and professional use. Our Services are not directed to children under the age of 16, and we do not knowingly collect personal data from children.

If we become aware that we have collected personal data from a child without appropriate consent, we will take reasonable steps to delete such information.

17. Data Processing Addendum

For business customers that require a Data Processing Addendum, also known as a DPA, we may provide one upon request or make it available through our website.

Where we act as a processor on behalf of a customer, the DPA governs our processing of Customer Personal Data.

18. Regional Privacy Rights

Users in certain jurisdictions may have additional rights under applicable privacy laws.

European Economic Area, United Kingdom, and Switzerland

If you are located in the EEA, UK, or Switzerland, you may have rights under GDPR or similar laws, including access, correction, deletion, restriction, objection, portability, and complaint rights.

You may also have the right to lodge a complaint with your local data protection authority.

As Olympos Labs OÜ is registered in Estonia, the relevant supervisory authority may include the Estonian Data Protection Inspectorate, depending on the circumstances.

Other Regions

Depending on your location, you may have additional privacy rights under local laws. We will respond to valid requests in accordance with applicable law.

19. Changes to This Privacy Policy

We may update this Privacy Policy from time to time.