Privacy Policy

Last updated: 22/12/2025

1. Data Controller

The data controller is the owner of RevenlyAI. For any questions about this Policy or our data practices, contact:info@revenlyai.com.

2. Data we collect

  • Account data: name, email, password or authentication credentials, billing address.
  • Subscription & billing data: plan details, invoices, payments, VAT info, Stripe customer ID.
  • Business data: business name, type, location, staff, services, pricing, working hours.
  • Calendar & appointment data: connected Google Calendars, bookings, time slots, notes.
  • Customer data of your clients: contact info, messages, bookings, reviews, channel communication history.
  • Technical data: IP address, device info, browser, pages visited, cookies and similar identifiers.

3. How we use data

  • to provide and maintain the Service;
  • to authenticate users and secure access;
  • to integrate with third-party services (Google Calendar, WhatsApp, Instagram, Messenger, review platforms);
  • to send onboarding, billing and system communications;
  • to generate aggregated analytics and usage statistics;
  • to comply with accounting, tax and regulatory obligations;
  • to improve and develop new features.

4. Legal basis for processing (GDPR)

  • Contract: necessary to provide the Service.
  • Legitimate interest: security, analytics, product improvement.
  • Consent: for optional marketing or cookies.
  • Legal obligation: tax / accounting requirements.

5. Data sharing and processors

We may share personal data with trusted service providers such as:

  • Hosting and infrastructure providers (Vercel, Supabase)
  • Payment processor (Stripe)
  • Meta / WhatsApp / Instagram / Messenger
  • Analytics and error monitoring tools
  • Email delivery platforms

These providers act as processors and follow strict confidentiality agreements.

6. International transfers

Some providers may be outside the EU/EEA. We rely on appropriate safeguards such as Standard Contractual Clauses.

7. Data retention

We retain data only as long as necessary to fulfill the purposes described above, or as required by law. When data is no longer needed, we delete or anonymize it.

8. Your rights

Depending on your location, you may request:

  • Access to your data
  • Rectification
  • Erasure (“right to be forgotten”)
  • Restriction of processing
  • Data portability
  • Objection to processing
  • Withdrawal of consent
  • Complaint to a supervisory authority (e.g. Garante Privacy in Italy)

To exercise these rights, contact:info@revenlyai.com.

9. Security

We implement technical and organizational measures to protect data. However, no system is 100% secure.

10. Third-party services and links

The Service may link or integrate with third-party services. We are not responsible for their policies.

11. Changes to this Policy

We may update this Policy periodically. Updated versions will be posted here.