Privacy Policy

This Privacy Policy explains how Revu ("Revu," "we," "us," or "our") collects, uses, shares, and protects your personal information when you visit our website, use our services, or interact with us in any way. It applies to all visitors, waitlist subscribers, reviewers, and business users.

We believe privacy policies should be understandable. We have written this in plain language while covering everything the law requires us to disclose. If anything is unclear, contact us at the address listed at the bottom of this document.

1. Who We Are

Revu is a United States-based review platform that connects reviewers with businesses. Reviewers earn a share of the revenue their reviews generate. For the purposes of the EU General Data Protection Regulation (GDPR), Revu is the data controller responsible for your personal information.

2. Information We Collect

2.1 Information You Provide Directly

Currently collected (waitlist phase):

• Full name
• Email address
• City or general location
• Referral code (if you were referred by another user)
• Business name (if you sign up as a business)

Collected in future phases (when the full platform launches):

• Phone number (for identity verification)
• Photographs and images you upload (including review photos and receipt images)
• Written review content
• GPS or device-based location data (when you choose to share it)
• Payment and tax information (collected and processed by Stripe)
• Profile information you choose to add (bio, profile photo, social links)

2.2 Information We Collect Automatically

• IP address
• Browser type and version
• Operating system and device type
• Pages visited, time spent on pages, and navigation paths
• Referring URL
• UTM parameters (campaign tracking data)
• Date and time of your visit
• Cookie identifiers

2.3 Information from Third Parties

• Referral data: If someone shares a referral link with you, we receive the referral code associated with that link.
• Payment processors: Stripe may provide us with limited transaction information. We do not receive or store your full credit card number or bank account number.

3. How We Use Your Information

To provide and operate our services: Managing your waitlist registration, creating and maintaining your account, processing referrals, publishing reviews, calculating and distributing revenue share payments, and verifying your identity.

To communicate with you: Sending waitlist updates, transactional emails, marketing communications (with your consent), and responding to support requests.

To improve our services: Analyzing usage, conducting A/B tests, measuring marketing effectiveness, and debugging technical issues.

To protect our platform: Detecting and preventing fraud, enforcing our Terms of Service, and complying with legal obligations.

Legal bases for processing (GDPR): Contract (providing services), Legitimate interest (analytics, fraud prevention), Consent (marketing emails, cookies), Legal obligation (tax reporting, law enforcement).

4. Cookies and Tracking

Most browsers allow you to control cookies through their settings. Disabling cookies may affect referral tracking and login functionality. For EU/EEA visitors, we will obtain consent before placing non-essential cookies.

5. How We Share Your Information

We do not sell your personal information.

We share data only with: service providers (Supabase, Vercel, PostHog, Resend/Loops, Stripe) under contractual obligations; when reviews are published (display name, review text, photos — never email or phone); with referral program participants (limited info, never email); when required by law; and in connection with business transfers (with prior notice).

6. Third-Party Services

We use: Supabase (database/auth), Vercel (hosting), PostHog (analytics), Resend (email), and Stripe (payments). Each has its own privacy policy.

7. Data Retention

8. Data Security

We use encryption in transit (TLS/SSL), encryption at rest for sensitive data, access controls, and reputable infrastructure providers. No method of transmission is perfectly secure — we strive to protect your information but cannot guarantee absolute security. We will notify you of breaches in accordance with applicable law.

9. Your Privacy Rights

Regardless of location, you can: access your data, correct inaccuracies, request deletion, and opt out of marketing emails. Contact us and we'll respond within 30 days.

GDPR Rights (EEA/UK)

You additionally have rights to: restriction of processing, data portability, objection to processing, withdrawal of consent, and lodging complaints with your local data protection authority. We respond within one month (extendable by two months for complex requests).

CCPA Rights (California)

You have rights to: know what data we collect, request deletion, request correction, and opt out of sale/sharing (we do not sell data). We respond within 45 days. You may designate an authorized agent. We will not discriminate against you for exercising CCPA rights.

10. FTC Disclosure and Paid Reviews

Revu compensates reviewers — this is a material connection under FTC guidelines. We disclose this prominently. Compensation is not contingent on positive reviews. We retain compensation records for regulatory compliance.

11. International Data Transfers

Your data is stored and processed in the United States. For international transfers, we rely on Standard Contractual Clauses (SCCs), adequacy decisions, and consent where applicable.

12. Children's Privacy

You must be at least 18 years old to use Revu. We do not knowingly collect information from anyone under 18. If we learn we have, we will delete it promptly. This is consistent with COPPA, extended to all minors under 18.

13. Changes to This Policy

We may update this policy. For material changes, we'll notify you by email and/or prominent notice at least 30 days before changes take effect.

14. Contact Us

Email: privacy@revu.com

This Privacy Policy was last updated on March 27, 2026.