ORYZN

Privacy

No dark patterns. No surprises.

This page describes exactly what ORYZN does with your information, in the language you would want to use yourself.

If something here reads vaguer than it should, tell us and we will fix it.

Last updated: April 18, 2026

We do not sell or rent your data

Full stop. Your content, your audience, and your account activity are never part of a data deal. We make money from subscriptions, not your information.

Your content never trains a shared AI model

Anything you write or paste into ORYZN is used to serve you — not to quietly improve a general model that everyone else benefits from.

No third-party ad pixels

No Meta pixel, no Google Ads tag, no LinkedIn Insight Tag on the app. You are not the product.

You can leave — and take your work with you

If you need an export or deletion request, we will handle it without charging you or hiding the process behind a maze of forms.

Who we are

ORYZN is built by a small, independent company operating from the Republic of the Philippines. We are the data controller for information in your ORYZN workspace. If you want to reach a human, email privacy@oryzn.io and we will respond within a reasonable period.

What we collect — and why

We try to keep the list short. In practice it is:

  • Your account details. Name, email, password hash. Used to sign you in and bill you.
  • Your LinkedIn authorization. When you connect LinkedIn, we receive a secure access token and your profile metadata (headline, company, industry). Used to publish on your behalf and tailor drafts. Never shared.
  • Your content. Ideas, drafts, posts, outlines, voice calibration samples. Used to power the product for you.
  • Product usage. Which features you open, how schedules run, which errors you hit. Used to fix bugs and decide what to build. Aggregated where possible.
  • Payment data. Handled by our payment processor (Paddle). We receive billing status and the last four digits — not your full card number.

We do not ask for your LinkedIn password. We never receive it. OAuth is the only path in.

What we do not collect

We do not run advertising trackers. We do not integrate third-party analytics that fingerprint you across the web. We do not buy data enrichment. We do not read your DMs or your private connections. If you ever see behavior that contradicts this, please email privacy@oryzn.io — we want to know.

How we use what we collect

  • Run the product — drafting, scheduling, publishing, analytics.
  • Secure the product — detect abuse, investigate incidents, keep you signed in.
  • Communicate — transactional emails, infrequent product updates you can opt out of.
  • Improve the product — using aggregate usage signals, never by reading your content manually.
  • Comply with the law when we are legally required to.

AI, specifically

ORYZN uses AI models to draft posts, suggest improvements, and classify engagement. Here is what that means in practice:

  • Your content is sent to our AI providers for the limited purpose of serving your request, and is bound by contractual terms that prohibit using it to train general models.
  • We do not pool your writing with other customers’ writing to train a shared style model.
  • Voice calibration runs on your own samples, in your own workspace.
  • You can turn off AI features in settings. The rest of ORYZN keeps working.

Where your data lives

ORYZN runs on managed cloud infrastructure. Traffic is encrypted in transit (TLS 1.2+). Access to production systems and backup workflows is limited to the engineers who need it, logged, and reviewed.

Who we share data with

Only the vendors we need to run the product:

  • Cloud hosting (to run ORYZN itself).
  • AI providers (to generate drafts and analysis).
  • Payments (to charge your card and issue refunds).
  • Email delivery (to send transactional email).
  • Error monitoring (to catch crashes before you have to report them).

Every one of these vendors is bound by a data-processing agreement. We do not share with advertisers, data brokers, recruiters, or anyone else trying to buy audience data.

Your rights

Depending on where you live, you may have the right to access, export, correct, or delete your personal data, and to object to or restrict certain processing. Email privacy@oryzn.io if you want to make one of these requests, and we will respond within a reasonable period — in the EU, typically within 30 days.

Deletion

When you ask us to delete your account, we remove your content and workspace data from live systems and age it out of retained backups under our normal retention schedule.

Some records we are required to retain for legal reasons, including invoices and tax records, stay only for the minimum period the law requires and nothing longer.

Cookies, honestly

We use a small number of first-party cookies: one to keep you signed in, one to remember your theme preference, and one to keep your CSRF token safe. No advertising cookies, no cross-site tracking, no consent-banner theatre that secretly sets everything by default.

Security

We take security seriously. Passwords are stored as hashes, not plain text. Production access is limited by role and sensitive actions are audited. We review dependencies regularly and prioritize security updates based on severity. If you find a vulnerability, please report it to security@oryzn.io and we will review responsible disclosures as quickly as we reasonably can.

Changes to this policy

If we make material changes, we will email every active customer at least 14 days before they take effect. Minor clarifications are published on this page with an updated “Last updated” date at the top.

Still have questions?

We are easy to reach — and we answer.

Anything at all about your data, how it is used, or how to get it back. Email is the fastest path. We read every message.

privacy@oryzn.io