Data Disclosure Agreement

Last updated: 04/04/2026

1. Purpose and Contractual Function

This Data Disclosure Agreement ("DDA") supplements, and is incorporated into, the Rohy AI Terms of Service and Privacy Policy. It describes the categories of data that may be disclosed by Rohy AI, operated by Everbright Ventures LLC, the circumstances in which such disclosures may occur, the safeguards that ordinarily accompany those disclosures, and the responsibilities retained by you when you direct or authorize a disclosure.

2. Data Potentially Subject to Disclosure

Depending on the feature invoked and the lawful basis for disclosure, the following categories may be disclosed:

  • Identity and account information, including email address, account identifiers, and subscription status.
  • User-submitted content, including journal entries, chat messages, uploads, voice transcriptions, and support correspondence.
  • Derived or inferred information, including summaries, pattern analyses, emotional scoring, and AI-generated outputs associated with your account.
  • Technical and security information, including IP logs, device information, session records, and fraud or abuse indicators.
  • Transaction and billing metadata generated in connection with subscriptions and payment workflows.

3. Permitted Recipient Classes

Rohy AI may disclose covered data only to one or more of the following recipient classes, subject to the limitations of applicable law:

  • Processors and infrastructure vendors: providers of hosting, storage, authentication, AI model infrastructure, analytics, communications, error monitoring, and payments.
  • Professional advisers: attorneys, auditors, insurers, bankers, and consultants bound by legal or contractual duties of confidentiality.
  • Governmental or regulatory bodies: courts, law-enforcement agencies, regulators, or administrative authorities when compelled or reasonably necessary.
  • Corporate successors: counterparties and advisers involved in mergers, financings, reorganizations, or asset transfers.
  • User-designated recipients: persons, clinicians, family members, collaborators, or third-party services you intentionally instruct us to share with through available product functionality.

4. Grounds for Disclosure

We may disclose data only where at least one of the following grounds is present:

  • The disclosure is necessary to provide, secure, support, or maintain the Service you requested.
  • You expressly direct, initiate, or consent to the disclosure.
  • The disclosure is required to comply with applicable law, legal process, regulation, or enforceable governmental demand.
  • The disclosure is reasonably necessary to investigate misconduct, prevent fraud, address security incidents, enforce our agreements, or protect rights, property, and safety.
  • The disclosure is incident to a business transaction subject to appropriate confidentiality and transition controls.

5. User-Directed Disclosure Terms

Where you activate a sharing, export, forwarding, or collaborative function, you acknowledge that Rohy AI may disclose the data reasonably necessary to complete that instruction and that the recipient's subsequent handling of the data may be governed by that recipient's own terms, privacy practices, and legal obligations. You are solely responsible for assessing whether a recipient is trustworthy, authorized, and legally appropriate.

6. Disclosure Minimization and Protective Controls

We endeavor to apply data-minimization principles appropriate to the disclosure context, which may include limiting recipient access, using contractual restrictions, maintaining access controls, transmitting data through protected channels, and reviewing legal process where appropriate. Notwithstanding the foregoing, we do not warrant that every disclosure can be narrowed to the minimum amount conceivable, particularly where technical systems, legal compulsion, or emergency conditions dictate otherwise.

7. No Monetary Sale; Advertising Position

Rohy AI does not sell personal information for monetary consideration. We do not disclose raw journal entries or chat content to third parties for their independent behavioral advertising use. If a jurisdiction characterizes certain digital transfers differently under applicable law, your rights remain subject to the request mechanisms described in the Privacy Policy.

8. Records of Disclosure

We may maintain internal records regarding categories of disclosures, recipient types, timing, legal basis, and operational rationale for auditing, compliance, security, and dispute-resolution purposes. Such records may themselves be retained for as long as reasonably necessary to establish compliance or defend legal claims.

9. Requests, Objections, and Verification

Subject to applicable law, you may request additional information about our disclosure practices or object to certain disclosures by contacting support@rohy.ai. We may require identity verification, account authentication, or proof of authority before acting on a request, and we may deny requests where doing so is permitted or required by law.

10. Precedence and Updates

If this DDA conflicts with the Terms of Service or Privacy Policy, the document that more specifically addresses the disclosure scenario at issue will control to the extent of the conflict. We may update this DDA from time to time by posting a revised version with a new effective date. Continued use of the Service after the effective date of a revision constitutes acceptance to the extent permitted by law.

← Back to home