Privacy Policy

Effective date: July 5, 2026

Last updated: July 5, 2026

Revilope respects your privacy and is committed to handling personal information responsibly.

This Privacy Policy explains how Revilope collects, uses, stores, discloses, and protects personal information when you visit revilope.com, create an account, purchase a subscription, add a business, use a private Revilope BCC address, submit customer email addresses, send review requests, communicate with us, or otherwise use Revilope’s services.

In this Privacy Policy, “Revilope,” “we,” “us,” and “our” refer to Revilope. “You” and “your” refer to a website visitor, account holder, business user, authorized sender, customer receiving a review request, or other individual whose personal information is processed through the Service.

“Service” refers to Revilope’s website, account area, dashboards, review-request tools, BCC email-processing system, manual request tools, subscriptions, support services, and related features.

By accessing or using the Service, you acknowledge the practices described in this Privacy Policy.

1. Who We Are

Revilope is a review-request automation service operated from Ontario, Canada.

Revilope helps businesses send review-request emails to their customers. Businesses may trigger requests by adding a private Revilope address to the BCC field of an eligible customer email or by manually submitting customer email addresses through the Revilope dashboard.

Privacy questions and requests may be directed to:

Privacy Officer, Revilope

Email: hello@revilope.com

Website: revilope.com

Location: Ontario, Canada

2. Scope of This Privacy Policy

This Privacy Policy applies to personal information processed through:

  • The Revilope website.
  • Revilope account registration and login pages.
  • The Revilope customer dashboard.
  • Business profiles created in Revilope.
  • Private Revilope BCC addresses.
  • Manual review-request submissions.
  • Authorized sender verification.
  • Review-request emails sent through Revilope.
  • Customer unsubscribe pages and suppression records.
  • Subscription, checkout, billing, and account-management features.
  • Customer support and other communications with Revilope.
  • Security, diagnostic, audit, and operational systems used to provide the Service.

This Privacy Policy does not govern the independent privacy practices of businesses that use Revilope, Google, review platforms, payment processors, email providers, hosting companies, or other third parties.

3. Revilope’s Role and the Business User’s Role

3.1 Information About Revilope Account Holders

Revilope generally determines how and why personal information about account holders, website visitors, billing contacts, authorized senders, and people communicating directly with Revilope is processed.

For this information, Revilope may act as the organization responsible for the personal information or as a “controller” where that term applies.

3.2 Information About a Business’s Customers

Businesses using Revilope generally decide:

  • Which customers are submitted to Revilope.
  • Whether a customer is eligible to receive a review request.
  • Why the customer is being contacted.
  • What the review-request email says.
  • Which review link is included.
  • When the request should be sent.
  • Which employees or representatives may trigger requests.

For customer email addresses and request information processed on a business’s instructions, the business is generally responsible for deciding the purpose of the processing. Revilope processes the information to provide the requested service.

Depending on the applicable law, the business may be considered the organization responsible for the information, a controller, or a business, while Revilope may be considered a service provider or processor.

Businesses using Revilope are responsible for providing legally required privacy notices, obtaining any required consent, maintaining appropriate records, and ensuring that their use of customer information complies with applicable laws.

4. Personal Information We Collect

The information Revilope collects depends on how you interact with the Service.

4.1 Account and Registration Information

When you register for or manage a Revilope account, we may collect:

  • Your name.
  • Your email address.
  • Your username.
  • Your encrypted or securely hashed account password.
  • Your account identifier.
  • Your selected timezone.
  • Your account status.
  • Your registration date.
  • Your login and account-management activity.
  • Information used to verify or secure your account.

4.2 Business Profile Information

When you create or manage a business profile, we may collect:

  • Business name.
  • Business website.
  • Business owner or representative name.
  • Business mailing address.
  • Business reply-to email address.
  • Account notification email address.
  • Google review link or another review destination.
  • Review-request email subject.
  • Review-request email body.
  • Review button text.
  • Selected sending delay.
  • Business status, including active, paused, deleted, or plan-limited status.
  • The private BCC token and address assigned to the business.
  • Request totals and plan usage associated with the business.

4.3 Authorized Sender Information

When an account holder adds an authorized sender, we may collect:

  • The sender’s email address.
  • The business associated with the sender.
  • The sender’s verification status.
  • The date the sender was added.
  • The date verification was completed.
  • A securely hashed verification token.
  • Records showing that a verification email was sent or used.

4.4 Customer and Review-Request Information

When a business schedules or sends a review request, Revilope may process:

  • The customer’s email address.
  • An encrypted version of the customer’s email address.
  • A keyed hash used to compare the customer’s address securely.
  • The business associated with the request.
  • The account that created the request.
  • The source of the request, such as BCC automation or manual submission.
  • The request status.
  • The date and time the request was created.
  • The scheduled sending time.
  • The sending time.
  • The number and timing of sending attempts.
  • The reason a request was skipped, cancelled, suppressed, rejected, or failed.
  • The review-request subject and template captured when the request was created.
  • The review destination and button text associated with the request.
  • Technical identifiers used to prevent duplicate processing.
  • Information required to create a secure unsubscribe link.

Customer email addresses displayed in the Revilope activity dashboard are masked so that the complete address is not ordinarily visible in the activity list.

4.5 Information Processed From BCC Emails

When a business adds its private Revilope address to the BCC field of an eligible customer email, Revilope is designed to request and process only the email-header information needed to operate the BCC workflow.

This information may include:

  • The sender’s email address.
  • The direct recipient email address or addresses.
  • The Revilope BCC address or routing token.
  • The email’s message identifier.
  • The date and time of the message.
  • Routing information.
  • Email authentication results, such as available SPF, DKIM, or DMARC indicators.
  • Indicators that the message may be automated, bulk, bounced, junk, or generated by a mail server.
  • Technical mailbox and folder information needed to locate and process the message.

Revilope does not intentionally retrieve or use the body of the original customer email or its attachments to create the review request.

You should not include sensitive personal information in email subject lines, display names, recipient fields, routing fields, or other email headers.

4.6 Manual Request Information

When a business manually submits customer email addresses, we may collect:

  • The submitted email addresses.
  • The selected business.
  • The selected sending option.
  • The submission date and time.
  • The number of addresses accepted, rejected, duplicated, suppressed, or skipped.
  • Records necessary to apply plan limits and prevent repeated requests.

4.7 Subscription and Billing Information

When you purchase or manage a paid subscription, we may collect:

  • Your name.
  • Your billing email address.
  • Your billing address.
  • Your selected plan.
  • Your subscription status.
  • Your billing period.
  • Your renewal date.
  • Your payment status.
  • Transaction identifiers.
  • Amounts charged.
  • Currency.
  • Applicable tax information.
  • Limited payment-method details supplied by the payment processor, such as card brand and last four digits.
  • Payment failure, refund, dispute, and chargeback information.

Full payment card numbers and security codes are generally collected and processed by the payment provider used at checkout. Revilope does not need to store your complete payment card number in order to operate your subscription.

4.8 Communications and Support Information

When you contact Revilope, we may collect:

  • Your name.
  • Your email address.
  • Your account and business information.
  • The content of your message.
  • Attachments you choose to provide.
  • Information needed to investigate a technical, billing, privacy, or account issue.
  • Records of our response and resolution.

4.9 Website and Technical Information

When you visit or use Revilope, our website, hosting provider, security tools, and related systems may automatically collect:

  • Internet Protocol address.
  • Browser type and version.
  • Device type.
  • Operating system.
  • Language and timezone settings.
  • Referring and exit pages.
  • Pages and features accessed.
  • Date and time of access.
  • Login and authentication events.
  • Approximate location derived from an IP address.
  • Cookie and session identifiers.
  • Server, application, security, and error logs.
  • Information about suspected fraud, abuse, or unauthorized access.

4.10 Audit and Diagnostic Information

Revilope may create internal records concerning:

  • Business creation and updates.
  • Business pauses, resumptions, and deletions.
  • Sender verification activity.
  • Manual request batches.
  • Test emails.
  • Rejected inbound messages.
  • Duplicate requests.
  • Unsubscribe and suppression activity.
  • Mailbox connection or processing failures.
  • Scheduled-request processing.
  • Outgoing email errors.
  • Activity-log removal.
  • Administrative actions.
  • Security events and suspected abuse.

4.11 Information We Derive

Revilope may derive limited information from data already collected, including:

  • Current plan usage.
  • Requests remaining in a billing period.
  • Whether a customer is within a cooldown period.
  • Whether a source message has already been processed.
  • Whether a sender is authorized.
  • Whether an address is suppressed.
  • Whether a business exceeds its plan limits.
  • Whether a request is overdue or eligible for retry.

5. How We Collect Personal Information

Revilope may collect personal information:

  • Directly from you when you create an account.
  • Directly from you when you create or edit a business profile.
  • Directly from you when you make a purchase or manage a subscription.
  • Directly from you when you contact support.
  • From a Revilope business user that submits a customer’s email address.
  • From the headers of an email sent to a private Revilope BCC address.
  • From an authorized sender completing email verification.
  • From a customer using an unsubscribe link.
  • Automatically through website, server, security, and application logs.
  • From payment, hosting, email, subscription, and other service providers.
  • From publicly available sources where reasonably necessary to prevent fraud, verify a business, or protect the Service.

6. How Revilope Processes BCC Emails

Revilope’s BCC system is designed to minimize the amount of information processed from a business’s original customer email.

When an incoming message reaches a private Revilope BCC address, Revilope may:

  1. Identify the Revilope business token contained in the address.
  2. Identify the sender and direct recipient from the email headers.
  3. Confirm that the business is active and eligible to use the Service.
  4. Confirm that the sender is authorized and verified.
  5. Confirm that one eligible customer recipient can be identified.
  6. Check whether the message appears automated, bulk, bounced, suspicious, or unauthenticated.
  7. Check the customer against duplicate, cooldown, and suppression records.
  8. Check whether the account has sufficient request capacity.
  9. Create and schedule a review request if the applicable conditions are satisfied.
  10. Delete the inbound mailbox copy after the processing attempt.

The inbound mailbox copy is designed to be marked for deletion and permanently expunged after processing, regardless of whether the request is accepted, rejected, skipped, suppressed, or blocked.

Revilope may retain limited information derived from the headers when it is needed to create a request, prevent duplicate processing, maintain security, apply plan limits, troubleshoot errors, or preserve an audit record.

7. How We Use Personal Information

Revilope may use personal information to:

7.1 Provide the Service

  • Create and manage accounts.
  • Authenticate users.
  • Create and manage business profiles.
  • Generate private BCC addresses.
  • Verify authorized senders.
  • Process BCC-triggered review requests.
  • Process manual review requests.
  • Schedule and send review-request emails.
  • Send test emails.
  • Apply business-specific templates and review links.
  • Display request activity.
  • Display dates and times in the selected timezone.
  • Manage pauses, deletions, and account limits.

7.2 Operate Subscriptions and Billing

  • Process purchases and subscription renewals.
  • Apply the correct plan and usage limits.
  • Calculate billing periods.
  • Process upgrades and downgrades.
  • Manage failed payments.
  • Issue approved refunds or credits.
  • Respond to payment disputes and chargebacks.
  • Maintain financial, tax, and transaction records.

7.3 Protect Customer Preferences

  • Provide unsubscribe functionality.
  • Create and maintain suppression records.
  • Cancel pending requests after an unsubscribe.
  • Prevent future requests to suppressed customers.
  • Apply duplicate and cooldown protections.

7.4 Communicate With You

  • Send account verification messages.
  • Send authorized sender verification messages.
  • Send security alerts.
  • Send subscription and billing notices.
  • Send important Service announcements.
  • Respond to support requests.
  • Respond to privacy requests and complaints.
  • Send marketing communications where permitted by law.

7.5 Secure and Improve Revilope

  • Detect unauthorized access.
  • Prevent fraud, spam, abuse, and malicious activity.
  • Investigate unusual account or mailbox activity.
  • Diagnose errors and performance issues.
  • Recover overdue scheduled requests.
  • Improve reliability, usability, and security.
  • Develop new features.
  • Analyze aggregate usage trends.
  • Enforce our Terms of Service.

7.6 Meet Legal and Regulatory Obligations

  • Comply with applicable laws.
  • Respond to lawful requests and legal process.
  • Maintain records required for tax, billing, and accounting purposes.
  • Protect the rights, safety, and property of Revilope, our users, customers, and others.
  • Establish, exercise, or defend legal claims.

8. Legal Bases for Processing

Where a law requires Revilope to identify a legal basis for processing personal information, we may rely on one or more of the following:

8.1 Performance of a Contract

We process information when it is necessary to create and operate your account, provide the features you requested, send review requests, manage your subscription, or otherwise perform our agreement with you.

8.2 Consent

We may rely on consent where you voluntarily provide information, choose optional features, subscribe to marketing communications, or where applicable law requires consent.

You may withdraw consent where the processing is based on consent, subject to legal or contractual restrictions and reasonable notice.

8.3 Legitimate Interests

Where permitted, we may process information for legitimate interests such as:

  • Operating and improving the Service.
  • Preventing fraud and abuse.
  • Securing accounts and infrastructure.
  • Applying plan limits.
  • Preventing duplicate requests.
  • Honouring unsubscribe preferences.
  • Supporting customers.
  • Protecting our legal rights.

We consider the nature of the information, the purpose of the processing, and the possible impact on individuals before relying on legitimate interests.

8.4 Legal Obligations

We may process information when necessary to comply with tax, accounting, privacy, consumer-protection, anti-fraud, court, regulatory, or other legal obligations.

8.5 Protection of Rights and Safety

We may process information where reasonably necessary to protect the rights, safety, security, and property of Revilope, our users, customers, service providers, or the public.

9. Responsibilities of Businesses Using Revilope

A business that submits or causes Revilope to process customer information is responsible for ensuring that it has the legal authority to do so.

Businesses using Revilope must:

  • Collect and use customer information lawfully.
  • Provide any privacy notices required by law.
  • Obtain any required consent.
  • Maintain evidence of consent or another lawful basis where required.
  • Use accurate and current customer email addresses.
  • Submit only genuine customers or individuals with an appropriate relationship to the business.
  • Respect customer unsubscribe requests received through Revilope or another channel.
  • Maintain their own suppression records across systems outside Revilope.
  • Not use purchased, rented, scraped, or unlawfully obtained email lists.
  • Not submit sensitive personal information that Revilope does not need.
  • Respond to customer privacy questions relating to the business’s own practices.
  • Comply with applicable privacy, email, marketing, consumer-protection, and review-platform rules.

Revilope’s technical features do not replace a business’s legal obligations.

10. How We Disclose Personal Information

Revilope may disclose personal information in the following circumstances.

10.1 Service Providers

We may disclose information to providers that help us operate the Service, including providers of:

  • Website hosting.
  • Cloud infrastructure.
  • WordPress and WooCommerce functionality.
  • Subscription management.
  • Payment processing.
  • Email delivery.
  • Mailbox and IMAP services.
  • Domain and DNS services.
  • Security and fraud prevention.
  • Backups and disaster recovery.
  • Analytics and performance monitoring.
  • Customer support.
  • Accounting, legal, and professional services.

These providers may process information only as needed to perform services for Revilope, subject to their agreements, applicable law, and their own legal responsibilities.

10.2 Payment and Subscription Providers

Payment and transaction information may be disclosed to payment processors, financial institutions, card networks, fraud-prevention providers, and subscription-management systems as needed to process payments and manage subscriptions.

10.3 Email and Mailbox Providers

Customer email addresses, business sender information, review-request content, and delivery information may be processed by the email and mailbox providers used to receive BCC messages and send review requests.

10.4 The Business That Initiated a Request

If you receive a review request from a business using Revilope, certain request information may be available to that business through its dashboard.

The business may see information such as:

  • A masked version of the customer email address.
  • The request source.
  • The request status.
  • The created, scheduled, and sent times.
  • Whether a request was skipped, cancelled, suppressed, or failed.

10.5 Legal and Safety Disclosures

We may disclose information if we reasonably believe disclosure is necessary to:

  • Comply with law, regulation, subpoena, warrant, court order, or legal process.
  • Respond to a lawful request from a government or regulatory authority.
  • Investigate fraud, abuse, security threats, or unlawful activity.
  • Enforce our Terms of Service.
  • Protect the rights, property, security, or safety of Revilope, our users, customers, service providers, or the public.
  • Establish, exercise, or defend legal claims.

10.6 Business Transactions

If Revilope is involved in a merger, acquisition, financing, reorganization, sale of assets, change of control, insolvency, or transfer of the Service, personal information may be disclosed to potential or actual purchasers, investors, lenders, advisers, or other participants in the transaction.

Any recipient will be expected to handle personal information consistently with applicable law and the commitments described in this Privacy Policy.

10.7 With Your Direction or Consent

We may disclose information to another party when you direct us to do so, request a feature that requires the disclosure, or provide valid consent.

11. Sale and Sharing of Personal Information

Revilope does not sell personal information for money.

Revilope does not sell customer email addresses, account information, or review-request information to data brokers, advertisers, or unrelated businesses.

Revilope does not share customer email addresses for cross-context behavioural advertising.

Revilope does not use customer email addresses submitted for review requests to advertise unrelated third-party products to those customers.

We may disclose information to service providers and other parties for the operational purposes described in this Privacy Policy. These operational disclosures are not intended to constitute a sale of personal information.

12. Aggregate and De-Identified Information

Revilope may create aggregate or de-identified information that is not reasonably capable of identifying an individual.

We may use and disclose aggregate or de-identified information to:

  • Understand how the Service is used.
  • Measure reliability and performance.
  • Improve features.
  • Plan infrastructure.
  • Prepare internal reports.
  • Describe general Service trends.

We will not attempt to re-identify information that has been properly de-identified unless permitted or required by law, needed to test the effectiveness of de-identification, or necessary to protect the Service.

13. International Processing and Data Transfers

Revilope is operated from Canada, but the Service may use providers or infrastructure located in Canada, the United States, or other countries.

Personal information may therefore be processed or stored outside your province, state, or country.

When information is processed in another jurisdiction, it may be subject to the laws of that jurisdiction and may be accessible to courts, law-enforcement agencies, regulators, or government authorities in accordance with applicable law.

Where required, Revilope uses contractual, organizational, and technical measures intended to protect personal information transferred internationally.

These measures may include:

  • Service-provider agreements.
  • Confidentiality obligations.
  • Data-protection provisions.
  • Access restrictions.
  • Encryption.
  • European Commission standard contractual clauses where applicable.
  • Other legally recognized transfer mechanisms.

Contact hello@revilope.com if you have questions about international processing relevant to your information.

14. Data Retention

Revilope retains personal information only for as long as reasonably necessary for the purposes described in this Privacy Policy, including providing the Service, honouring unsubscribe requests, preventing duplicate or abusive activity, resolving disputes, maintaining security, and complying with legal obligations.

Retention periods may depend on:

  • The type and sensitivity of the information.
  • The reason the information was collected.
  • Whether an account or subscription remains active.
  • Whether the information is needed to provide the Service.
  • Whether the information is needed to honour an unsubscribe request.
  • Whether the information is needed to prevent duplicate or abusive requests.
  • Legal, tax, accounting, contractual, and regulatory obligations.
  • The time needed to resolve disputes or enforce agreements.
  • Security and fraud-prevention requirements.
  • Backup and disaster-recovery schedules.

14.1 Inbound BCC Mailbox Copies

The original inbound mailbox copy of a BCC email is designed to be deleted and expunged immediately after Revilope completes its processing attempt.

Revilope may retain limited header-derived information needed to create the review request, prevent duplicate processing, apply security rules, or document a processing result.

14.2 Request Records

Review-request records may be retained while needed to:

  • Display account activity.
  • Send or retry a scheduled request.
  • Apply usage limits.
  • Prevent duplicate or repeated requests.
  • Investigate delivery or technical issues.
  • Resolve customer, billing, or legal disputes.
  • Maintain security and audit history.

If an account holder removes an entry from the visible activity dashboard, Revilope may continue to retain limited internal information when necessary for suppression, cooldown, security, billing, audit, dispute-resolution, or legal purposes.

14.3 Suppression Records

Revilope may retain a customer’s email hash and related suppression information for as long as reasonably necessary to honour the customer’s unsubscribe request and prevent future review requests from the relevant business.

Deleting suppression information too early could cause the customer to receive another unwanted request.

14.4 Account and Business Information

Account and business information may be retained while the account is active and for a reasonable period afterward when needed for billing, security, dispute resolution, fraud prevention, legal compliance, or account restoration.

14.5 Billing and Transaction Records

Billing, tax, accounting, refund, and payment-dispute information may be retained for the period required by applicable financial, tax, accounting, and legal obligations.

14.6 Backups

Information deleted from active systems may remain temporarily in backups or disaster-recovery systems until those backups are overwritten or securely deleted in accordance with normal retention cycles.

15. Cookies and Similar Technologies

Revilope and its service providers may use cookies, local storage, session identifiers, pixels, and similar technologies to operate and protect the website.

15.1 Essential Cookies

Essential cookies may be used for:

  • Account login and authentication.
  • Maintaining secure sessions.
  • Remembering account preferences.
  • Protecting forms against unauthorized submissions.
  • Operating the shopping cart and checkout.
  • Managing subscriptions.
  • Preventing fraud and abuse.
  • Balancing website traffic and maintaining reliability.

Disabling essential cookies may prevent parts of the Service from functioning correctly.

15.2 Preference and Functionality Cookies

These technologies may remember preferences such as account state, display options, or other choices that improve your experience.

15.3 Analytics and Performance Technologies

Revilope may use analytics or performance technologies to understand website traffic, feature usage, errors, and performance.

Where required by law, non-essential analytics technologies will be used only after obtaining the required consent.

15.4 Managing Cookies

You may be able to control cookies through your browser settings or any cookie-management controls made available on the website.

Removing or blocking cookies may sign you out, reset your preferences, or interfere with account, checkout, and dashboard features.

15.5 Do Not Track and Global Privacy Control

Some browsers provide “Do Not Track” or Global Privacy Control signals.

Because there is not one universally accepted standard for every signal, Revilope may not respond to all browser-based signals in the same way.

Where applicable law requires Revilope to recognize a legally valid opt-out preference signal, we will process that signal as required.

Because Revilope does not sell personal information or share customer email addresses for cross-context behavioural advertising, there is ordinarily no sale or advertising-related sharing to opt out of through these signals.

16. How We Protect Personal Information

Revilope uses administrative, technical, and organizational safeguards intended to protect personal information against unauthorized access, loss, misuse, alteration, disclosure, or destruction.

Safeguards may include:

  • Encryption of stored customer email addresses.
  • AES-256-GCM encryption for customer addresses stored in request and suppression records.
  • Separate keyed hashes for duplicate, cooldown, and suppression comparisons.
  • Encryption of stored mailbox credentials.
  • Securely hashed sender-verification tokens.
  • Signed customer unsubscribe tokens.
  • Masked customer email addresses in visible activity records.
  • Encrypted network connections where supported.
  • Authentication and authorization controls.
  • Account ownership checks.
  • Administrative permission controls.
  • Security nonces and request validation.
  • Input validation and output escaping.
  • Rate, usage, and plan controls.
  • Duplicate and automatic-message filtering.
  • Logging and monitoring of errors and suspicious activity.
  • Limited access to systems and information.
  • Service-provider security obligations.
  • Backups and recovery procedures.

No method of electronic transmission, processing, or storage is completely secure. Revilope cannot guarantee that personal information will never be lost, accessed improperly, disclosed, altered, or destroyed.

You are responsible for using a secure password, protecting your account credentials, limiting access to authorized personnel, keeping authorized sender lists current, and notifying us promptly if you suspect unauthorized activity.

17. Automated Processing and Request Rules

Revilope uses automated rules to determine whether a review request should be accepted, scheduled, sent, skipped, cancelled, retried, or rejected.

These rules may consider:

  • Whether the business is active.
  • Whether the sender is authorized and verified.
  • Whether one eligible customer can be identified.
  • Whether the message appears automated, bulk, bounced, or suspicious.
  • Whether email authentication appears to have failed.
  • Whether the customer is suppressed.
  • Whether a pending or recent request already exists.
  • Whether the same source message was already processed.
  • Whether the account has sufficient plan capacity.
  • Whether a failed request is eligible for retry.

These automated rules are used to operate and protect the Service. They are not intended to make decisions that produce legal or similarly significant effects concerning a customer.

An account holder may review request statuses in the dashboard or contact hello@revilope.com if they believe a request was processed incorrectly.

18. Your Privacy Choices

18.1 Account Information

You may review or update certain account and business information through the Revilope dashboard or WooCommerce account area.

18.2 Business Profiles

You may edit, pause, resume, or delete business profiles using the available dashboard controls, subject to plan limits, retention requirements, and the operational rules described in this Privacy Policy.

18.3 Authorized Senders

You may add or remove authorized senders, subject to your plan limits. Removing a sender prevents that address from triggering future BCC requests for the business.

18.4 Customer Review Requests

A business may cancel certain requests that have not yet been sent by removing the request from its visible activity, pausing the business, deleting the business, or using other available controls.

18.5 Customer Unsubscribe

A customer may use the unsubscribe link included in a live Revilope review-request email.

When a customer unsubscribes:

  • Revilope creates or updates a suppression record.
  • Future requests from that business may be blocked.
  • Pending requests from that business may be cancelled.
  • Limited suppression information may be retained to honour the request.

An unsubscribe from one business does not necessarily unsubscribe the customer from unrelated businesses or from communications sent outside Revilope.

18.6 Revilope Marketing Emails

You may unsubscribe from optional Revilope marketing emails by using the unsubscribe link included in the message or by contacting hello@revilope.com.

Even after opting out of marketing, you may continue to receive necessary account, billing, security, verification, legal, and Service-related communications.

18.7 Account Closure

You may request account closure by contacting hello@revilope.com.

Closing an account may not immediately delete information that Revilope must retain for suppression, billing, security, legal, tax, dispute-resolution, or backup purposes.

19. Access, Correction, and Privacy Requests

Depending on where you live and the applicable law, you may have the right to:

  • Ask whether Revilope holds personal information about you.
  • Request access to your personal information.
  • Request correction of inaccurate or incomplete information.
  • Request deletion of certain information.
  • Request restriction of certain processing.
  • Object to certain processing.
  • Withdraw consent where processing is based on consent.
  • Request a portable copy of certain information.
  • Ask for information about categories of information collected and disclosed.
  • Opt out of a sale or legally defined sharing of personal information where applicable.
  • Complain to an appropriate privacy or data-protection authority.

These rights are not absolute. Revilope may refuse or limit a request when permitted or required by law, including when information must be retained to:

  • Complete a transaction.
  • Provide a requested service.
  • Honour an unsubscribe request.
  • Prevent fraud or abuse.
  • Maintain security.
  • Comply with legal obligations.
  • Protect another person’s rights.
  • Establish, exercise, or defend legal claims.

19.1 How to Submit a Request

Submit a privacy request to hello@revilope.com with the subject line “Privacy Request.”

Please include:

  • Your full name.
  • Your email address.
  • Your Revilope account email, if applicable.
  • The business associated with the request, if applicable.
  • The right you wish to exercise.
  • Enough detail for us to locate the relevant information.

19.2 Identity Verification

Revilope may need to verify your identity before completing a privacy request.

Verification may involve:

  • Sending a confirmation to the email address associated with the information.
  • Confirming account information.
  • Requesting additional information reasonably necessary to prevent unauthorized disclosure.

We will not request more verification information than reasonably necessary.

19.3 Requests Concerning a Business Customer

If your information was submitted by a business using Revilope, we may direct your request to that business or consult with the business before responding.

This is because the business may be responsible for determining how the customer information is used.

Revilope will still respond directly where required by law or where the request concerns Revilope’s independent processing.

19.4 Authorized Agents

Where permitted by law, you may authorize another person to submit a privacy request on your behalf.

Revilope may require proof of the agent’s authority and may separately verify your identity or confirm that you authorized the request.

19.5 Response Timing

Revilope will respond within the time required by applicable law.

If additional time is legally permitted and reasonably necessary, we will notify you of the extension and the reason for it.

20. Canadian Privacy Rights

Revilope handles personal information in accordance with applicable Canadian privacy requirements.

Subject to applicable exceptions, individuals in Canada may request access to personal information held about them and request correction of information that is inaccurate or incomplete.

You may also ask:

  • How Revilope collected your information.
  • How Revilope has used your information.
  • Whether Revilope has disclosed your information.
  • How to challenge Revilope’s compliance with applicable privacy requirements.

Privacy requests may be sent to hello@revilope.com.

If you are not satisfied with our response, you may contact the Office of the Privacy Commissioner of Canada or an applicable provincial privacy regulator.

More information about Canadian privacy rights is available from the Office of the Privacy Commissioner of Canada at priv.gc.ca.

21. European Economic Area, United Kingdom, and Switzerland

If European data-protection law applies to the processing of your personal information, you may have the following rights, subject to applicable conditions and exceptions:

  • The right to be informed about the processing.
  • The right to access your personal information.
  • The right to correct inaccurate or incomplete information.
  • The right to request deletion.
  • The right to restrict processing.
  • The right to object to certain processing.
  • The right to data portability.
  • The right to withdraw consent.
  • The right to object to direct marketing.
  • Rights concerning certain automated decisions.
  • The right to complain to a data-protection authority.

Withdrawing consent does not affect the lawfulness of processing completed before the withdrawal.

Where Revilope relies on legitimate interests, you may object to the processing. Revilope will consider the request and stop the processing unless we have compelling legitimate grounds or need the information for legal claims.

Revilope does not use customer review-request information to make decisions that produce legal or similarly significant effects concerning the customer.

European privacy requests may be sent to hello@revilope.com.

Information about European data-protection rights is available from the European Commission at commission.europa.eu.

22. United States State Privacy Rights

Residents of certain U.S. states may have privacy rights under applicable state law.

Depending on the law and whether it applies to Revilope, these rights may include:

  • The right to know or confirm whether personal information is processed.
  • The right to access personal information.
  • The right to correct inaccurate information.
  • The right to request deletion.
  • The right to receive a portable copy of certain information.
  • The right to opt out of the sale of personal information.
  • The right to opt out of certain targeted advertising or legally defined sharing.
  • The right to opt out of certain profiling.
  • The right to appeal a denied privacy request.
  • The right not to receive discriminatory treatment for exercising privacy rights.

Revilope does not sell personal information for money and does not share customer email addresses for cross-context behavioural advertising.

If you submit a request and Revilope denies it, you may appeal by replying to our decision or emailing hello@revilope.com with the subject line “Privacy Request Appeal.”

22.1 California Privacy Notice

If the California Consumer Privacy Act applies, California residents may have rights concerning the personal information Revilope collects, uses, discloses, sells, or shares.

During the preceding 12 months, Revilope may have collected the following categories of personal information, as those categories are defined by California law:

  • Identifiers, such as names, email addresses, account identifiers, IP addresses, and transaction identifiers.
  • Customer-record information, such as contact and billing information.
  • Commercial information, such as subscription, transaction, and plan information.
  • Internet or electronic network activity, such as login, website, device, and usage information.
  • Approximate geolocation derived from an IP address.
  • Professional or employment-related information, such as business and authorized sender relationships.
  • Inferences used to determine request eligibility, plan usage, duplicate status, or security risk.
  • Contents of communications sent directly to Revilope for customer support.

Revilope collects and uses these categories for the business and commercial purposes described in this Privacy Policy.

Revilope may disclose these categories to service providers, payment processors, hosting providers, email providers, security providers, professional advisers, authorities, or transaction participants for the purposes described in this Privacy Policy.

Revilope does not knowingly sell or share the personal information of consumers under 16 years of age.

California privacy requests may be submitted to hello@revilope.com.

More information about California privacy rights is available from the California Privacy Protection Agency at cppa.ca.gov.

23. Children’s Privacy

Revilope is intended for businesses and adults who are legally capable of entering into contracts.

The Service is not directed to children under 13 years of age or to any higher minimum age required by applicable law.

Revilope does not knowingly allow children to create business accounts or purchase subscriptions.

Businesses must not intentionally submit a child’s email address to Revilope unless they have a lawful basis, all required parental or guardian consent, and a legitimate reason permitted by applicable law.

If you believe Revilope has collected personal information from a child improperly, contact hello@revilope.com. We will investigate and take appropriate action.

24. Sensitive Personal Information

Revilope is not designed to process highly sensitive personal information through the BCC or manual request workflow.

Do not submit or include the following information unless Revilope specifically requests it for a lawful and necessary purpose:

  • Payment card numbers or security codes.
  • Bank account information.
  • Government identification numbers.
  • Passwords or authentication credentials.
  • Medical or health information.
  • Biometric information.
  • Precise location information.
  • Information about a person’s race, ethnicity, religion, sexual orientation, or political beliefs.
  • Private legal information.
  • Information about alleged or confirmed criminal activity.
  • Highly sensitive information about minors.

In particular, do not place sensitive information in email subject lines, display names, recipient fields, or other headers of messages sent to a Revilope BCC address.

25. Third-Party Websites and Review Platforms

Revilope review requests may contain links to Google or another review platform selected by the business.

The Revilope website may also contain links to payment providers, social media services, support resources, and other third-party websites.

Revilope does not control and is not responsible for the privacy practices, content, security, availability, or policies of third-party services.

When you access a third-party website, that third party may collect information under its own privacy policy.

You should review the privacy policy of each third-party service before providing personal information.

26. Email Communications Sent Through Revilope

26.1 Review-Request Emails

Review-request emails are sent on behalf of the business identified in the email.

The email may include:

  • The business name.
  • The business’s customized message.
  • A review button and destination link.
  • The business’s reply-to email address.
  • Business identification and mailing-address information.
  • An unsubscribe link.
  • Revilope branding or sending information.

Replies are ordinarily directed to the business’s configured reply-to address.

26.2 Sender Verification Emails

Revilope may send verification messages to email addresses added as authorized senders. These messages are necessary to confirm that the address may trigger requests for the business.

26.3 Test Emails

A business user may send a test version of its review-request email to the account email address. Test emails are identified as tests and are not intended for customers.

26.4 Account and Transactional Emails

Revilope may send necessary messages relating to:

  • Account registration.
  • Password resets.
  • Security.
  • Subscription purchases and renewals.
  • Payment failures.
  • Plan changes.
  • Service updates.
  • Privacy or legal notices.
  • Support requests.

You may not be able to opt out of necessary transactional or administrative emails while maintaining an active account.

27. Security Incidents

Revilope maintains procedures intended to detect, investigate, contain, and respond to security incidents involving personal information.

If a security incident creates a legally reportable risk, Revilope will notify affected individuals, organizations, regulators, or other parties as required by applicable law.

A notification may describe:

  • The nature of the incident.
  • The information involved.
  • The steps Revilope has taken.
  • Steps the affected person may take.
  • How to contact Revilope for additional information.

If you believe your Revilope account or information has been compromised, contact hello@revilope.com immediately.

28. Changes to This Privacy Policy

Revilope may update this Privacy Policy to reflect:

  • Changes to the Service.
  • New features.
  • Changes to our providers.
  • Changes to privacy and security practices.
  • Legal or regulatory developments.
  • Operational requirements.

The updated Privacy Policy will display a revised “Last updated” date.

If a change materially affects how we collect, use, or disclose personal information, Revilope may provide additional notice through the website, dashboard, or account email.

Where required by law, we will request consent before using previously collected personal information for a materially different purpose.

Your continued use of the Service after an updated Privacy Policy takes effect means that you acknowledge the revised policy.

29. Privacy Complaints

If you have a question or complaint about Revilope’s handling of personal information, contact our Privacy Officer first so that we have an opportunity to investigate.

Send the complaint to hello@revilope.com with the subject line “Privacy Complaint.”

Please include:

  • Your name.
  • Your email address.
  • Your Revilope account email, if applicable.
  • The business associated with the issue, if applicable.
  • A description of the concern.
  • Relevant dates and communications.
  • The resolution you are requesting.

Revilope will review the complaint and respond within the period required by applicable law.

You may also have the right to complain to the privacy or data-protection authority in your jurisdiction.

30. Contact Revilope

Questions, privacy requests, complaints, and concerns about this Privacy Policy may be sent to:

Privacy Officer, Revilope

Email: hello@revilope.com

Website: revilope.com

Location: Ontario, Canada

© Revilope 2026. All Rights Reserved.