Legal

Disclosures and legal notices

audit the outcome · verify activation · prove it every Friday

This page covers the honest-marketing disclosures, AI-output review obligations, third-party trademark notices, and forward-looking-statement disclaimers that apply to the Riley marketing site and the Riley product. For binding contractual terms, see Terms of Service, Privacy Policy, HIPAA Notice, and the Data Processing Addendum.

Last updated May 2026

1. Riley is software, not an employee

Riley is an AI software product owned and operated by Luminex Technologies LLC, a Delaware corporation headquartered in Austin, Texas. Phrases used in our marketing (including "AI coworker," "hire Riley," "Riley drafted," and "Riley posted to Slack") are product-positioning language and do not establish an employment, agency, partnership, joint venture, or fiduciary relationship between Riley, Luminex, and the customer. Riley does not have legal personhood. Customer remains solely responsible for all decisions, communications, and actions taken using Riley's outputs.

2. AI outputs require human review

Riley generates draft content (including review replies, insurance workflow scopings, recall messages, AEO content, and customer-facing SMS) for customer review and approval. AI systems can produce inaccurate, biased, fabricated, or contextually inappropriate information (commonly called "hallucinations"). Customer is solely responsible for reviewing every Riley-generated output and explicitly approving it before it is sent, posted, or otherwise delivered to a third party. Riley does not make autonomous outbound communications on the customer's behalf without an explicit approval step.

3. Not professional advice

Riley does not provide medical, dental, clinical, diagnostic, treatment, legal, financial, tax, or regulatory-compliance advice. Riley's outputs are administrative drafts only and are not a substitute for the judgment of a licensed dentist, physician, attorney, accountant, or other qualified professional. Do not rely on Riley for clinical decisions, treatment plans, prescription guidance, regulatory determinations, or compliance advice.

4. HIPAA framing

Riley is "HIPAA-aware": engineered with PHI handling in mind, including a 21-pattern PII redactor on every output. Riley is not HIPAA-certified (no such certification exists; HIPAA is a regulation, not a certification). On the Practice plan, Luminex Technologies LLC acts as a Business Associate (BA) under HIPAA and signs a Business Associate Agreement (BAA) with the customer. The customer is the Covered Entity (CE) and remains responsible for HIPAA compliance, including determining which workflows process PHI and configuring Riley's access accordingly. Riley does not use customer PHI to train AI models. PHI is processed only within authorized integrations the customer has connected.

5. SOC 2 status

SOC 2 certification is not currently claimed. We do not claim certification we have not earned. SOC 2 Type I observations and the in-progress Type II scope are available on request under NDA. A completion estimate will be published when the audit is finalized.

6. Beta status and absent social proof

Riley is in private beta as of the date this page was published. Customer logos, customer counts, public press logos, and award badges that other SaaS marketing sites typically display are intentionally absent from our pages. We have not publicly launched and we do not fabricate social proof. The "Live today" and "Still in motion" panels on our home page reflect current product status truthfully.

7. Industry statistics and sources

Pain-section figures shown on our home page (38 percent missed-call rate, 18 percent AR write-off rate, $4,200 estimated cost per unanswered 3-star review) are industry benchmarks sourced from BrightLocal, Dental Economics, and Womply. They are not Riley's measured customer outcomes. Your results will vary based on business size, payer mix, geographic market, existing systems, and other factors.

8. Forward-looking statements

Q2 2026 ship dates (per-payer eligibility workflow scoping, PMS integration scoping) and Q3 2026 ship dates (voice phone agent roadmap and multilingual voice) are good-faith engineering estimates, not contractual commitments. Roadmap timing may shift based on engineering progress and partner-API availability. We will publish updates on the public roadmap if ship dates slip materially.

9. AEO sample answers

The "sample ChatGPT answer" mockup shown under our "Ask AI about us" section is illustrative. Actual AI answer engine responses (ChatGPT, Perplexity, Claude, Gemini, and similar) vary by user, session, model version, and what has been indexed about Riley at the time of the query. AI engines may produce inaccurate, outdated, or fabricated information. Verify directly via the Ask AI buttons at any time.

10. Trial and billing terms

The 30-day trial requires Slack or Microsoft Teams (beta) OAuth. No payment method is required at signup. Riley does not auto-bill without explicit customer consent (plan selection plus payment method confirmation). Cancellation is processed via a "cancel" message in Slack or Microsoft Teams (beta) or via the customer billing portal; the remainder of any paid month is refunded prorated. Square is a payment processor. A first-paid-month money-back guarantee applies per the pilot success review terms below.

11. Pilot success review terms

If Riley does not recover at least the subscription cost, Luminex Global Inc. will refund the first paid month upon written request via email to support. The guarantee applies only to the customer's first paid month and is limited to one claim per customer.

12. Pricing

Free $0 / Starter $99 per month / Growth $249 per month / Studio $499 per month / Enterprise custom, USD. Prices are exclusive of applicable sales taxes, VAT, and similar levies. Annual billing receives a 20 percent discount. Pricing is subject to change for new signups with at least 30 days' written notice; existing subscriptions honor the price at signup for the duration of the subscription term. Volume and multi-location pricing is available on request.

13. Geographic scope

Riley is currently offered to businesses physically located in the United States. Businesses outside the United States may experience reduced functionality, particularly for insurance verification (U.S. dental payer eligibility checks are the only payer integrations currently supported, via pVerify) and SMS delivery after consent controls (Twilio U.S. number assignment). International availability is on the public roadmap but no firm date is committed.

14. No warranty / "as-is"

Except as expressly stated in the Riley Master Subscription Agreement and the pilot success review above, Riley and the Riley Service are provided on an "as-is" and "as-available" basis. Luminex Global Inc. disclaims all implied warranties to the maximum extent permitted by applicable law, including warranties of merchantability, fitness for a particular purpose, non-infringement, and any warranties arising out of course of dealing or usage of trade. Use is at the customer's risk and judgment.

15. Third-party trademarks

The following trademarks may be referenced on this site for descriptive and interoperability purposes only. Such use does not imply endorsement, sponsorship, partnership, affiliation, or certification by the trademark holder.

  • Slack and the Slack mark are trademarks of Slack Technologies, LLC.
  • Microsoft and Teams beta are trademarks of Microsoft Corporation.
  • Google and Google Workspace are trademarks of Google LLC.
  • Stripe is a trademark of Stripe, Inc.; Square is a trademark of Block, Inc. (both wired as payment processors).
  • Twilio is a trademark of Twilio Inc.
  • Dentrix is a trademark of Henry Schein, Inc.
  • Open Dental is a trademark of Open Dental Software, Inc.
  • Eaglesoft is a trademark of Patterson Dental.
  • HubSpot is a trademark of HubSpot, Inc.
  • ChatGPT is a trademark of OpenAI, Inc.
  • Perplexity is a trademark of Perplexity AI, Inc.
  • Claude and Anthropic are trademarks of Anthropic, PBC.
  • Birdeye, Podium, NiceJob, Weave, Arini, Denti.AI, Viva AI, and Dentina.AI are trademarks of their respective owners.
  • BrightLocal, Womply, and Dental Economics are trademarks of their respective owners.

16. Built on Anthropic Claude

Riley uses Anthropic Claude as its primary large-language-model provider. Anthropic's Acceptable Use Policy and Usage Policies apply to outputs generated through the Riley Service. Customer agrees to comply with applicable provider policies when using Riley. Outputs may include content reflecting model limitations including but not limited to hallucination, bias, recency limits (knowledge cutoff), and refusal of certain prompts under Anthropic's safety policies.

17. Acceptable Use Policy (summary)

The full Riley AUP is part of the Master Subscription Agreement. Summary: customers may not use Riley to (a) generate or send content that is illegal, defamatory, harassing, deceptive, or violates third-party rights; (b) impersonate a licensed clinician for the purpose of dispensing medical advice or prescribing; (c) circumvent Riley's human-approval gates to ship unreviewed AI output to customers; (d) attempt to extract or replicate Riley's underlying models, prompts, or training data; (e) use Riley to compete with Luminex Global Inc. or build a competing AI coworker product; (f) violate HIPAA, CCPA, GDPR, TCPA, CAN-SPAM, or any other applicable law. Violation of the AUP is grounds for service suspension and contract termination.

18. Subprocessors

Riley uses the following third-party subprocessors to deliver the service. Customer authorizes their use as part of the Master Subscription Agreement and DPA. Updates to this list will be posted with at least 30 days' notice.

  • Anthropic, PBC · United States · LLM inference (Claude). Customer data may be sent to Anthropic for inference; Anthropic does not train on customer data per their Commercial Terms.
  • Fly.io · application hosting (US/EU regions) · encrypted at rest (AES-256) and in transit (TLS 1.2+).
  • Stripe, Inc. and Block, Inc. (Square) · United States · payment processing (both wired). PCI-DSS compliant. We do not store card numbers.
  • Slack Technologies, LLC · United States · messaging delivery via OAuth-authorized workspace.
  • Microsoft Corporation · United States · Teams beta messaging delivery via OAuth-authorized tenant.
  • Twilio, Inc. · United States · SMS delivery after consent controls to U.S. numbers.
  • SendGrid (Twilio) · United States · email delivery for digests and notifications.
  • pVerify, Inc. · United States · insurance eligibility workflow scoping (Q2 2026 activation).
  • Kolla, Inc. · United States · PMS connector (Dentrix, Open Dental, Eaglesoft). Activation per-tenant on approved pilot scopes.
  • PostHog, Inc. · United States · product analytics, opt-out available.

19. AI safety and limitations

Riley uses modern large-language-model technology that has known limitations. Customers should understand and account for these when using the service:

  • Hallucination: AI may produce confident-sounding but factually incorrect output. All Riley drafts require customer approval before sending.
  • Bias: AI can reflect biases present in training data. Customer is responsible for reviewing outputs for inappropriate tone or content.
  • Knowledge cutoff: the model has a training cutoff. Riley will not have current-event awareness past that date except where supplemented by web search or customer-provided context.
  • Prompt injection: Riley applies defenses against prompt-injection attacks via incoming reviews, emails, or messages. We cannot guarantee 100 percent prevention; customer should not approve outputs that look anomalous.
  • Refusals:Anthropic's safety policies cause Claude to decline certain prompts (medical advice, legal opinion, and similar). Riley inherits these refusals; we do not jailbreak the model.
  • No autonomous high-risk actions: Riley will not autonomously contact emergency services, prescribe medication, override clinical workflows, or send customer-facing content without customer approval.

20. Data subject rights

If you are a patient or other data subject whose information may be processed by Riley as part of a customer's authorized use, contact the business (the Covered Entity / Controller) directly. Riley as a Business Associate / Processor will support the customer in honoring access, deletion, correction, and portability requests within 30 days as required by HIPAA, CCPA, and GDPR. Customer requests for data export or deletion can be sent to privacy@hireriley.com with the binding response timelines stated in the Data Processing Addendum.

21. Not an FDA-regulated medical device

Riley is general-purpose administrative software for business operations (review responses, recall communications, insurance workflow scoping, scheduling assistance). Riley is nota Software as a Medical Device (SaMD) under 21 CFR Part 820, the FDA Software Guidance, or analogous regulations. Riley does not perform clinical diagnosis, treatment recommendation, prescription generation, dose calculation, image analysis for clinical decisions, or any other function that meets the FDA's definition of a medical device. Customers must not configure or use Riley for medical-device functions; doing so violates the AUP and Terms of Service.

22. California privacy rights (CCPA / CPRA)

If you are a California resident, you have the right to (a) know what personal information we collect about you, (b) request deletion of your personal information, (c) request correction of inaccurate personal information, (d) opt out of sale or sharing of your personal information, and (e) limit use of sensitive personal information. Luminex Global Inc. does not sell personal information. To exercise these rights, email privacy@hireriley.com or use the Do Not Sell My Personal Information form. We will respond within 45 days as required by the CCPA.

23. SMS and TCPA compliance

Riley sends SMS messages on behalf of customers (missed-call recovery, recall reminders, appointment confirmations) only to recipients the customer represents have given prior express written consent under the Telephone Consumer Protection Act (TCPA), 47 U.S.C. section 227. Customer is responsible for collecting and documenting that consent. Every Riley-generated SMS includes (a) sender identity, (b) "Reply STOP to opt out"instruction on the first message of any campaign, and (c) immediate honoring of STOP, UNSUBSCRIBE, CANCEL, END, and QUIT keywords across all future messages. "HELP" returns customer support contact information. Recipients can opt back in by replying START. Riley logs every consent and opt-out action to the per-tenant audit ledger.

24. Email and CAN-SPAM compliance

Riley-generated commercial email on behalf of customers complies with the CAN-SPAM Act of 2003. Every email includes (a) accurate sender identity (the customer's business), (b) a clear and conspicuous unsubscribe mechanism honored within 10 business days, (c) a valid physical postal address of the sender, (d) non-deceptive subject lines, and (e) clear "ad" or "promotional" disclosure where applicable. Transactional emails (appointment confirmations, billing receipts) are exempt from some CAN-SPAM provisions but still include unsubscribe and sender identity. Customer is responsible for ensuring its mailing list complies with CAN-SPAM consent requirements.

25. EU AI Act awareness (forward-looking)

Riley is currently offered to U.S. businesses only and does not market to European Union customers. We are aware that under Regulation (EU) 2024/1689 (the EU AI Act), AI systems used in healthcare may fall within the high-risk category subject to conformity assessment, transparency, human oversight, and record-keeping obligations. Before international expansion, Luminex Global Inc. will conduct EU AI Act conformity assessment, register Riley in the high-risk AI database where applicable, and publish required transparency documentation. Riley's existing human-approval gating, audit ledger, and AI safety practices align with EU AI Act human-oversight and traceability requirements.

26. DMCA copyright agent

If you believe content posted through Riley infringes your copyright, send a notice meeting the requirements of 17 U.S.C. section 512(c)(3) to our designated DMCA agent: DMCA Agent, Luminex Global Inc., Austin, Texas, email legal@hireriley.com. Notices must include (a) physical or electronic signature of the rights holder, (b) identification of the work claimed to be infringed, (c) identification of the allegedly infringing material with sufficient detail to locate it, (d) contact information, (e) a good-faith statement of unauthorized use, and (f) a statement under penalty of perjury that the information is accurate and you are authorized to act. We will respond as required by the Digital Millennium Copyright Act safe-harbor provisions.

27. Responsible AI principles

Riley's design and operation align with the OECD AI Principles, the White House Blueprint for an AI Bill of Rights, and the NIST AI Risk Management Framework (AI RMF 1.0). Specifically:

  • Safe and effective: human approval gates on all customer-facing output, a 21-pattern PII redactor, and prompt-injection defenses.
  • Algorithmic discrimination protections: we monitor outputs for bias and refine training; customer reports of biased output trigger investigation.
  • Data privacy: minimum data, encrypted at rest and in transit, no model training on customer data, customer control over export and deletion.
  • Notice and explanation: Riley discloses when AI generated each output; customer always sees the draft before it ships.
  • Human alternatives: customer can disable any Riley capability and revert to a manual workflow at any time.

28. Accessibility (WCAG 2.1 AA)

Luminex Global Inc. designs the Riley marketing site, customer portal, and Slack, email, and Teams beta Block Kit interfaces toward WCAG 2.1 Level AA compliance. The marketing site supports keyboard navigation, focus-visible indicators, semantic HTML landmarks, the prefers-reduced-motion preference, and 44px minimum touch targets on coarse pointers. We continue to improve and welcome accessibility feedback at support@hireriley.com.

29. Children's data (COPPA)

Riley is intended for use by business staff (adults). Customer records may include minors as part of the business's authorized workflow; Riley processes such data on the business's behalf as a Business Associate under HIPAA where applicable. We do not knowingly collect personal information directly from children under 13. Businesses serving minors that use Riley remain responsible for COPPA compliance for any direct child-facing data collection (which Riley does not perform).

30. Updates to these disclosures

These disclosures may be updated to reflect product changes, new regulations, or improved practices. The "Last updated" date at the top of this page reflects the most recent revision. Material changes (new subprocessors, expanded data uses, changes to BAA terms) will be communicated to active customers at least 30 days in advance via email and in-product notification. Continued use after the effective date constitutes acceptance.


Questions about these disclosures? Contact legal@hireriley.com. © 2026 Riley · Luminex Global Inc. · All rights reserved. This page is informational; the Riley Master Subscription Agreement, Privacy Policy, BAA, and DPA are the binding contractual documents.