Privacy Policy
Last updated: June 5, 2026
Revio ("we", "us", "our") provides software that helps small businesses request and manage Google reviews. This Privacy Policy explains what personal information we collect, how we use it, and the choices you have. It applies to our website, our web app, and any communications we send on behalf of our customers.
1. Information we collect
Account information you provide: name, business name and category, email address, phone number, business address, and a hashed password. Customer data you upload: names, phone numbers, email addresses, and notes about the people you choose to contact through Revio. Messaging data: the content of review requests, replies received from your customers, opt-out events, delivery receipts, and timestamps. Usage data: device type, browser, IP address, language, and pages visited, which we use for security and product improvement.
2. How we use information
We use the information to operate the service and send messages on your behalf via WhatsApp, SMS, and email; to authenticate you and protect your account; to provide customer support; to improve and secure the product; and to comply with legal obligations including consent and unsubscribe requirements under PIPEDA, CASL, TCPA, and applicable US state laws.
3. Consent and your responsibility as a business user
When you sign up, you agree to our Terms and confirm that you have obtained the necessary consent from each contact you upload before sending them messages through Revio. You are the data controller for your customer list. Canadian anti-spam law (CASL) and the US Telephone Consumer Protection Act (TCPA) require express consent before commercial messages — you are responsible for that consent and for honouring opt-out requests.
4. Service providers we share data with
We use trusted vendors to operate Revio. We do not sell personal information. Vendors process data only on our instructions: Supabase (database, authentication, file storage); Twilio (WhatsApp, SMS, and voice delivery); Google (OAuth login and Business Profile API integration when you connect it); Stripe (payments and subscription billing); Vercel (hosting and content delivery). Each vendor publishes its own privacy policy and security commitments.
5. Call recording
When our AI voice assistant answers calls placed to a business's phone line, the call is recorded — both the caller's side and the assistant's — for quality assurance, training and improvement of the assistant, and record-keeping. Each recording is stored together with a written transcript of the call. These are accessible only to the business owner whose line received the call, through their Revio dashboard, and to Revio staff for support, security, and abuse prevention. Recordings are held by our telephony provider, Twilio, and kept only as long as needed for the purposes above; you or your customer may request access to, or deletion of, a recording at any time by contacting us. As the business user you remain responsible for providing any recording notice or obtaining any consent that your local laws require, including in two-party-consent jurisdictions. The same privacy rights, security measures, and retention principles described elsewhere in this policy apply to call recordings.
6. Your privacy rights
Subject to applicable law, you may access the personal data we hold about you, correct inaccurate data, request deletion of your account and associated data, obtain a portable copy of your data, and withdraw consent at any time. Canadian residents have rights under PIPEDA and Quebec's Law 25. California residents have rights under the CCPA and CPRA. To exercise any right, email us at the address below — we respond within 30 days.
7. Opt out of messaging
Anyone receiving a message from a Revio customer can reply STOP, UNSUBSCRIBE, OPTOUT, REVOKE, PARAR, or DESCADASTRAR (case-insensitive, in any language we support) to be unsubscribed immediately. We register the opt-out at the phone-number level and prevent further messages, regardless of which Revio customer they came from. To re-subscribe, reply START or INICIAR.
8. Data retention
While your account is active, we retain your data to provide the service. If you delete your account, we erase your personal data and customer data within 30 days, except where retention is required by law (for example, billing records). Operational logs are kept for up to 90 days for security and debugging. Aggregated, anonymous statistics may be retained indefinitely.
9. Security
We protect data with encryption in transit (TLS) and at rest, row-level security in the database, isolated environments per customer, hashed passwords, and least-privilege access for our team. No system is perfectly secure. If we ever discover a breach involving your personal information, we will notify you and the relevant authorities as required by PIPEDA and applicable laws.
10. International data transfers
Revio is operated from Canada. Your data may be processed in Canada and the United States by our service providers. Where applicable, we rely on contractual safeguards (such as standard contractual clauses) to protect your data during transfer.
11. Cookies
We use cookies that are strictly necessary to keep you signed in, remember your language preference, and protect against fraud. We do not use third-party advertising cookies.
12. Children
Revio is not directed at children under 16 and we do not knowingly collect personal information from them. If you believe a child has provided us information, contact us and we will delete it.
13. Changes to this policy
We may update this policy as the product or applicable laws change. Material changes will be communicated by email and shown in the app. The "Last updated" date at the top reflects the most recent version.
Contact us
Questions, requests, or complaints about privacy can be sent to:
Mailing address: Revio, Canada