Revylo · Terms · Privacy · Cookies · Subprocessors
Privacy Policy
Last updated: May 27, 2026
At Revylo, your privacy is a priority. This policy explains how we collect, use, and protect your personal information when you use our website and content audit services.
Information we collect
- Account information (email address, profile preferences) when you sign in.
- URLs and site content you submit for audits, and audit results we generate.
- Billing-related identifiers from Stripe (we do not store full payment card numbers).
- Basic usage and technical data (e.g., page views, timestamps, browser type).
- Support correspondence and optional feedback you choose to send.
How we use your data
- To run audits, display results, and manage your credit balance.
- To authenticate you and maintain your account.
- To process payments and prevent fraud.
- To improve reliability, security, and product experience.
- To comply with legal obligations and enforce our terms.
Service providers
We use trusted subprocessors to operate Revylo, including hosting (Vercel), API infrastructure (Render), authentication and database (Supabase), payments (Stripe), and AI or data providers used to perform audit checks (e.g., language models, search, and retrieval services). These providers process data only as needed to deliver the service. See our Subprocessors page for the current list.
Analytics
We may use privacy-conscious analytics to understand how the product is used (e.g., feature usage and errors). We do not sell your personal information. Where analytics are used, we aim to minimize identifiable data and honor browser Do Not Track when applicable.
See our Cookie Policy for how cookies relate to analytics and site functionality.
Account deletion and data retention
When you delete your account, we remove your profile, org membership, credit ledger, audit metadata, and sign-in credentials from our active systems. Audit result files on our servers may take up to 30 days to age off backups.
To prevent abuse of welcome credits and similar one-time offers, we may retain a one-way cryptographic hash of your email address after deletion. We do not store your plain email in this record. The hash is used only to recognise whether that email has already received a welcome credit or certain one-time bonuses if you sign up again. Our lawful basis for this retention is our legitimate interest in preventing fraud and misuse of the service (UK GDPR and equivalent laws).
You may request erasure of this hash by contacting support@revylo.app. We will respond within one month and may retain it where we have compelling legitimate grounds (for example, ongoing abuse prevention).
Your choices
- You can update profile preferences in your account settings.
- You can export or delete your account data from account settings. Deletion is described above, including limited retention to prevent abuse.
- We do not sell your personal information to third parties.
Security
We implement industry-standard security measures to protect your data. No system is 100% secure; avoid submitting highly sensitive personal data in URLs or audit content unless necessary.
International users
If you access Revylo from outside the United States, your information may be processed in the US or other countries where our providers operate. We take steps consistent with applicable data protection requirements.
Contact
For privacy questions or requests, contact support@revylo.app.
