ReVloom (“we,” “us,” or “our”) provides AI-assisted reply tools for hospitality businesses. This Privacy Policy explains what personal data we collect, how we use it, and the choices you have. ReVloom is designed for business use — our users are restaurant and hospitality business owners and their authorized staff, not consumers.
Account information. When you create an account, we collect your email address. Authentication is handled via a one-time email code (OTP) — we do not store passwords.
Business profile data. You may connect a Google Business Profile account. When you do, we access your business name, location details, and customer review content via the Google Business Profile API, solely to enable reply drafting features.
Review screenshots. If you use the screenshot import feature, you upload photos of review content. These images are processed by our AI vision service to extract review text and are not used for any other purpose.
Usage data. We record which features you use, reply counts per billing period, and error logs to operate and improve the service.
Subscription and billing. Subscription purchases are handled by Apple (App Store) or Google (Google Play) via RevenueCat. We receive confirmation of subscription status and plan tier. We do not receive or store your payment card details.
Device and app data. Standard technical information such as device type, OS version, and app version may be collected to diagnose issues.
We rely on trusted infrastructure and AI providers to deliver the service. Each processes data only as directed by us and under appropriate data processing agreements:
These providers may have their own privacy policies governing their handling of data. We encourage you to review them.
We retain your account data and reply history for as long as your account is active. If you request account deletion, your personal data is removed within 30 days, except where we are required by law to retain certain records. Screenshot data and cached image extraction results are retained for up to 30 days after processing and then deleted.
We use industry-standard security practices, including encrypted storage for session tokens, HTTPS for all data in transit, and row-level security in our database. Authentication tokens are stored in your device's secure enclave. No system is perfectly secure; we encourage you to use a strong, unique email address and to notify us promptly if you suspect unauthorized access.
You may request access to, correction of, or deletion of your personal data at any time by contacting us at hello@revloomapp.com.
If you are located in the European Economic Area (EEA), United Kingdom, or California, additional rights may apply under the GDPR, UK GDPR, or CCPA, including the right to data portability, the right to restrict processing, and the right to object to certain uses. We will respond to verifiable requests within 30 days.
ReVloom is intended for use by business owners and their authorized staff who are 18 years of age or older. We do not knowingly collect personal data from individuals under the age of 16. If you believe we have inadvertently collected such data, please contact us immediately.
We may update this Privacy Policy periodically to reflect changes in our practices or applicable law. We will notify you of material changes via in-app notice or email at least 14 days before they take effect. Continued use of ReVloom after the effective date of an updated policy constitutes your acceptance of the changes.
Questions or concerns about this Privacy Policy or your data? Contact us at hello@revloomapp.com. We aim to respond within 3 business days.