Privacy Policy

1.1 Information You Provide

We collect information that you voluntarily provide when using our services:

• Account Information: Name, email address, company name, phone number, job title
• Business Data: Customer contacts, deals, quotes, invoices, tasks, and communications
• Payment Information: Billing details processed securely through Stripe (we do not store credit card numbers)
• AI Interactions: Conversations with AI agents, prompts, and generated content
• Integration Data: Data from connected third-party services (Gmail, Slack, HubSpot, etc.)

1.2 Automatically Collected Information

• Usage Data: Pages visited, features used, time spent, click patterns
• Device Information: IP address, browser type, operating system, device identifiers
• Cookies & Tracking: Session cookies, analytics cookies, preference cookies
• Performance Data: Error logs, API response times, system health metrics

We use collected information for the following purposes:

• Service Delivery: Provide, maintain, and improve our CRM and AI services
• AI Processing: Train and improve AI agents (Alex, Jordan, Sam, Nova, Aria, Riley, Morgan)
• Personalization: Customize your experience and recommendations
• Communication: Send service updates, security alerts, and support messages
• Analytics: Understand usage patterns and improve features
• Security: Detect fraud, prevent abuse, and maintain platform security
• Legal Compliance: Comply with legal obligations and enforce our Terms of Service
• Marketing: Send promotional content (with your consent, opt-out available)

3.1 Third-Party Service Providers

We share information with trusted partners who help us operate our services:

• Cloud Hosting: Supabase (database), Vercel (hosting)
• AI Services: Google AI (Gemini), OpenAI (GPT models)
• Payment Processing: Stripe (payment gateway)
• Authentication: Auth0 (identity management)
• Analytics: Vercel Analytics, Google Analytics
• Communications: Twilio (SMS), SendGrid (email)

3.2 We Never Sell Your Data

We do not sell, rent, or trade your personal information to third parties for their marketing purposes. Your data is used solely to provide and improve our services.

3.3 Legal Requirements

We may disclose information when required by law, including:

• Compliance with legal obligations (subpoenas, court orders)
• Protection of our rights and property
• Prevention of fraud or security threats
• Response to government requests

We implement industry-standard security measures to protect your information:

• Encryption: TLS/SSL encryption for data in transit, AES-256 encryption at rest
• Access Controls: Role-based access, multi-factor authentication (MFA)
• Infrastructure Security: SOC 2 compliant hosting, regular security audits
• Database Protection: Row-level security (RLS), encrypted backups
• API Security: Rate limiting, API key rotation, webhook verification
• Monitoring: 24/7 security monitoring, intrusion detection

5.1 GDPR Rights (EU Users)

• Right to Access: Request a copy of your personal data
• Right to Rectification: Correct inaccurate information
• Right to Erasure: Request deletion of your data ("right to be forgotten")
• Right to Restriction: Limit how we process your data
• Right to Portability: Receive your data in a structured format
• Right to Object: Object to certain processing activities

5.2 CCPA Rights (California Users)

• Know: What personal information we collect and how it's used
• Delete: Request deletion of your personal information
• Opt-Out: Opt-out of sale of personal information (we don't sell data)
• Non-Discrimination: Equal service regardless of privacy choices

5.3 How to Exercise Your Rights

To exercise any of these rights, contact us at privacy@reviveai.com or use the privacy controls in your account settings.

6. Data Retention

We retain your information for as long as necessary to:

• Provide our services to you
• Comply with legal obligations (tax records, compliance requirements)
• Resolve disputes and enforce agreements
• Maintain security and prevent fraud

When you delete your account, we permanently delete your data within 30 days, except where retention is required by law.

7. Cookies & Tracking Technologies

We use cookies and similar technologies:

• Essential Cookies: Required for service functionality
• Analytics Cookies: Track usage and performance
• Preference Cookies: Remember your settings
• Marketing Cookies: Personalize advertisements (with consent)

You can manage cookie preferences in your browser settings. See our Cookie Policy for details.

8. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place, including:

• Standard Contractual Clauses (SCCs) approved by the European Commission
• Privacy Shield certification (where applicable)
• Data processing agreements with all service providers

9. Children's Privacy

Our services are not intended for children under 16 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately at privacy@reviveai.com.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

• Posting the updated policy on our website
• Sending email notification to registered users
• In-app notification for significant changes

Continued use of our services after changes constitutes acceptance of the updated policy.

If you have questions about this Privacy Policy or our data practices, please contact us:

12. Legal Basis for Processing (GDPR)

We process your personal data based on:

• Contract Performance: Processing necessary to provide our services
• Consent: Where you have given explicit consent
• Legitimate Interest: For service improvement and security
• Legal Obligation: Compliance with applicable laws