Privacy Policy

1. Data Controller
The data controller for the personal data collected through this website is:
WEE ECOMMERCE, S.L.
Tax ID (NIF): B98656275
Address: C/ Grabador Enguídanos 47-10, 46015, Valencia (Spain)
Contact email: hola@revi.io

2. Purposes of Data Processing
The personal data we collect will be processed for the following purposes, depending on the relationship or interaction the user maintains with Revi:
• To manage and respond to information, contact or support requests submitted via the relevant form or by email.
• To formalize, manage, and maintain the contractual relationship resulting from the hiring of our services, including the creation of user accounts and the management of the private area.
• To send commercial communications about products, services, or content of interest, when the user has given express consent.
• To send invitations for consumers to review products or services, either as part of the contractual relationship or based on the consent given.
• To analyze platform usage and optimize the user experience, as well as improve technical performance and service quality.
• To comply with applicable legal obligations in tax, commercial, data protection, or other required areas.

3. Legal Basis for Processing
Revi processes personal data on different legal bases, in accordance with the General Data Protection Regulation (GDPR), depending on the purpose of the processing.
When processing is necessary for the performance of a contract or the application of pre-contractual measures requested by the data subject, the legal basis is Article 6.1(b) of the GDPR. This includes account management, provision of contracted services, or handling related inquiries.
Where processing is based on the user’s consent (e.g., sending commercial communications or newsletters), the legal basis is Article 6.1(a) of the GDPR. This consent may be withdrawn at any time without affecting the lawfulness of processing prior to withdrawal.
Some processing is also based on Revi’s legitimate interest, in accordance with Article 6.1(f) of the GDPR. This applies to activities such as ongoing platform improvement, quality control, fraud prevention, or sending communications about products/services similar to those already contracted (unless the user has objected).
Finally, for compliance with legal obligations, such as tax or commercial regulations (e.g., invoice retention), the applicable legal basis is Article 6.1(c) of the GDPR.

4. Types of Data Processed
Depending on the user's relationship with Revi, various categories of personal data may be processed. These include, primarily, identification data, such as name, surname, email address, and phone number. For customers, additional contact and billing data may also be processed for administrative management.
We also collect technical data derived from platform use, such as IP address, browser type, device used, and interaction logs with the system or emails sent.
As part of the review service, we process data related to customer reviews, such as the review text, date of submission, rating, and certain technical metadata associated with it.
Finally, we collect browsing data through cookies and similar technologies, as described in Revi’s Cookie Policy.

5. Recipients and International Data Transfers
Revi may disclose personal data to third parties when necessary to fulfill the purposes described in this policy. Specifically, certain technology and service providers related to the platform's operation may have access to data—such as hosting companies (e.g., Dinahosting) or tools for email management, customer service, or web analytics.
Where legally required, data may also be disclosed to competent authorities in compliance with applicable regulations.
Some of Revi’s service providers may be located outside the European Economic Area. In such cases, and in accordance with Articles 44 to 49 of the GDPR, Revi ensures that appropriate safeguards are in place to guarantee a level of protection equivalent to that required by the EU. These safeguards may include Standard Contractual Clauses approved by the European Commission, as well as prior risk assessments and additional mechanisms when necessary.

6. Data Retention
Personal data will be retained only for as long as necessary to fulfill the purpose for which it was collected. Where a contractual relationship exists between the user and Revi, data will be kept for the duration of that relationship and for as long as the user’s consent remains valid, when applicable.
Once the contractual relationship ends or consent is withdrawn, the data will be securely blocked and retained for the legally required periods to address any potential liabilities, in accordance with tax, commercial, and data protection laws. After such periods, data will be securely deleted and will only remain accessible for legal preservation, not for any further processing.

7. User Rights
Users may exercise their data protection rights at any time by contacting hola@revi.io, properly identifying themselves and clearly stating their request.
According to the GDPR, users have the following rights:
• Right of access: To know what personal data Revi processes.
• Right to rectification: To request correction of inaccurate or incomplete data.
• Right to erasure ("right to be forgotten"): To request deletion of data when no longer needed for the purposes collected.
• Right to restrict processing: To limit data use in certain circumstances.
• Right to data portability: To receive personal data in a structured, commonly used, and machine-readable format and transfer it to another controller.
• Right to object: To oppose the processing of data in specific situations for reasons related to their personal situation.
• Right to withdraw consent: To revoke previously granted consent at any time without affecting the lawfulness of prior processing.
8. Cookies and Similar Technologies
Revi uses both first-party and third-party cookies and similar technologies for various purposes, always in compliance with the applicable data protection and information society services regulations.
In particular, cookies are used to ensure the essential technical operation of the website, as well as analytical cookies for statistical analysis and navigation behavior to improve the user experience. Cookies for advertising and personalization purposes may also be used, provided that the user has previously given their consent.
Users may configure, reject, or accept the use of cookies through the Cookie Management Panel, accessible from both the website footer and upon first navigation. For more detailed information about the use and management of cookies, users can consult Revi’s Cookie Policy at any time.

9. Communication with Revi
The personal data provided by users when contacting Revi—whether through the contact form on the website or via email—will be processed in order to respond to their request, manage inquiries, or provide the required information.
The data marked as mandatory in the contact forms are necessary for Revi to properly handle the communication. Without this information, it will not be possible to process the user’s request or inquiry.
The legal basis for this processing is generally the performance of pre-contractual or contractual measures at the request of the data subject (Art. 6.1(b) GDPR). In the absence of a contractual relationship, the processing will be based on Revi’s legitimate interest in properly handling incoming communications (Art. 6.1(f) GDPR).
Once the inquiry has been resolved or the request processed, the data will be blocked and retained for the periods established by tax, commercial, or data protection regulations. After these periods, the data will be securely deleted, unless the user has given consent for additional retention purposes.

10. Online Meetings via Google Meet
To facilitate direct and efficient communication with users, Revi may offer virtual meetings through the Google Meet platform as part of service provision or to address questions or inquiries. Users can join these meetings via the Google Meet app or directly through their browser, without needing to install additional software.
During the use of this tool, various personal data may be processed, depending on the participant’s configuration and use. This data may include: username, email address, profile picture, language, meeting date and time, session ID, IP address, approximate location, and any content shared via video, audio, chat, or file uploads.
As a general rule, meetings are not recorded. If a recording is to be made, users will be informed in advance and their express consent will be requested.
The purpose of processing this data is to enable online meetings, facilitate information exchange, and ensure effective communication with users. The legal basis for processing will be the performance of a contractual or pre-contractual relationship (Art. 6.1(b) GDPR), or, where applicable, Revi’s legitimate interest in ensuring efficient communication (Art. 6.1(f) GDPR).
Data will not be shared with third parties unless strictly necessary for the meeting to take place. Revi uses technology providers such as Google LLC for this service, which may involve international data transfers. In such cases, appropriate safeguards are applied in accordance with Articles 44 to 49 of the GDPR, including the use of Standard Contractual Clauses approved by the European Commission.
For more information on such transfers, please refer to the corresponding section of this Privacy Policy on recipients and international transfers.
La conservación de los datos se limita al tiempo estrictamente necesario para cumplir con las finalidades mencionadas o para atender obligaciones legales. Posteriormente, los datos serán suprimidos o anonimizados. En caso de cancelación de la cuenta, Revi conservará únicamente un registro mínimo del evento de eliminación, a efectos de trazabilidad y cumplimiento normativo.
Revi aplica medidas de seguridad técnicas y organizativas adecuadas para proteger los datos personales frente a accesos no autorizados o tratamientos indebidos. No obstante, se advierte que no es posible garantizar la seguridad absoluta de la información transmitida por medios no cifrados, como el correo electrónico.

11. Access and Hosting Data
Accessing and browsing the Revi website can be done without providing personally identifiable data. However, when visiting our site, the web server automatically collects technical information that may include the IP address, date and time of access, name of the requested file, amount of data transferred, browser used, operating system, and internet service provider, among other similar data.
These data, known as "access data," are collected and temporarily stored in server log files for the purpose of ensuring system security, maintaining optimal technical operation of the website, and improving the quality of our service. The processing of this information is based on Revi’s legitimate interest pursuant to Article 6.1(f) of the General Data Protection Regulation (GDPR). The data are generally retained unless there is a reason to delete them sooner.
Our website is hosted by the provider Dinahosting, whose servers are located in Interxion and Global Switch (Madrid, Spain). This provider acts as a data processor in accordance with Article 28 of the GDPR and provides its services under strict contractual confidentiality and security commitments.
Any other processing of data collected during browsing will only be carried out in accordance with this Privacy Policy and, where required, based on the user’s consent.

12. Data Collection in the Use of Revi Services
As part of the provision of Revi's services, personal data is collected from users (clients) when using our features, such as sending review requests, participating in review processes, or using the client area.
Certain technical and interaction-related data is also automatically recorded, such as IP addresses, browser used, device type, access logs, and data related to the opening and interaction with emails sent by Revi. This information is processed for security purposes, technical diagnostics, platform improvement, and user experience personalization, all based on Revi’s legitimate interest pursuant to Article 6.1(f) of the GDPR.
Personal data may be used to identify the user, properly manage their account, send informational or promotional communications (when consent has been given), respond to inquiries about products or stores, and improve our services through aggregated analysis.
Data linked to the user profile, such as reviews, responses, or interactions, may be publicly displayed in search engines or on the profiles of reviewed businesses, in line with the legitimate purpose of ensuring transparency in the review system.
Data retention is limited to the time strictly necessary to fulfill the purposes mentioned or to comply with legal obligations. Afterwards, the data will be deleted or anonymized. In the event of account cancellation, Revi will retain only a minimal record of the deletion event for traceability and regulatory compliance purposes.
Revi applies appropriate technical and organizational security measures to protect personal data from unauthorized access or improper processing. However, it is noted that absolute security of information transmitted via unencrypted means, such as email, cannot be guaranteed.
13. Email Newsletter and Commercial Communications
If you subscribe to our newsletter or provide your data to download free content from our website or from our social media pages (such as Facebook or LinkedIn), we will use your email address and the associated data to send you regular communications with news, tips, and content related to our services. This processing is based on your explicit consent, in accordance with Article 6.1(a) of the GDPR.
The newsletter may be sent through service providers contracted by Revi, who act as data processors and with whom we maintain agreements ensuring the confidentiality, security, and lawful use of your data.
You may unsubscribe at any time by using the link included in each email or by contacting us at the email address provided in this policy.

14. Email Advertising Without Prior Newsletter Subscription and Right to Object
If we have obtained your email address in the context of a prior contractual relationship — for example, after the purchase of a product or contracting a service — and you have not expressly objected, we reserve the right to send you commercial communications by electronic means about products or services similar to those already purchased. This processing is based on our legitimate interest in maintaining a business relationship with our customers in accordance with Article 6.1(f) of the GDPR.
These communications may be sent via external service providers acting as data processors under our instructions and with the appropriate legal safeguards.
You have the right to object at any time to the processing of your data for promotional purposes. You can exercise this right easily by using the unsubscribe link included in every email or by contacting us directly at the address provided in this policy.

15. Cookies and Web Analytics Technologies
To offer you an optimized browsing experience, enable essential functionalities, display content tailored to your interests, and conduct statistical analyses or market research, we use cookies and similar technologies that store or retrieve information on your device (hereinafter, “cookies”).
What are cookies?
Cookies are small text files saved on your device when you visit our website. Some are necessary for the basic functioning of the site (technical or functional cookies), while others help us improve performance, personalize content, or carry out statistical measurements and analysis.
There are different types of cookies:
• Session cookies, which are deleted when you close your browser.
• Persistent cookies, which remain on your device to recognize it on future visits.
• First-party cookies, managed directly by Revi.
• Third-party cookies, such as those used by analytics or advertising services (e.g., Google Analytics).
Consent management
Available at the footer of the site at all times, you can accept or reject the use of non-essential cookies. This panel provides detailed information about:
• The cookies used
• Their purpose
• Their duration
• The applicable legal basis (consent, legitimate interest, etc.)
Your choices are stored in your browser’s local memory. If you switch devices or browsers, or clear your browsing data, you’ll need to reconfigure your preferences.
Please note that rejecting certain cookies may result in limited functionality or a suboptimal browsing experience.
For more information, please refer to our [Cookies Policy].
16. Presence on Social Media
Revi maintains active profiles on various social media platforms (such as Facebook, Instagram, LinkedIn, among others) in order to facilitate communication with our customers, provide direct support, and share information about our products, services, and promotions.
When you access our profiles on social networks, the respective platform operators may collect and process your personal data, even if you are not registered or logged in. This data collection typically occurs through cookies or similar technologies and may include information such as your browsing behavior, interests, interactions with our content, approximate location, or the device used.
The purpose of this data processing is to analyze usage and create advertising profiles (also known as "pseudonymized profiles"), allowing the display of personalized ads both within and outside the platforms. This activity is based on Revi’s legitimate interest, in accordance with Article 6.1(f) of the GDPR, which is to optimize brand visibility and improve communication with users and potential customers.
If the social media provider requires your explicit consent for certain processing activities (e.g., via a checkbox), the legal basis will be Article 6.1(a) of the GDPR.
Joint responsibility on social networks
On certain social platforms, such as Facebook (Meta), we share joint responsibility for data processing with the platform operator, in accordance with Article 26 of the GDPR. This means that if you interact with our content, both Revi and the platform may access aggregated or statistical data about the interaction.
International data transfers
Some social media platforms are headquartered outside the European Economic Area (e.g., in the United States). In such cases, appropriate safeguards are applied in accordance with Articles 44 to 49 of the GDPR, in particular the standard contractual clauses approved by the European Commission, to ensure an adequate level of protection for your personal data.

17. Sending Email Invitations to Leave Reviews
We may use your email address to send you invitations to review products or services you have purchased, provided one of the following conditions is met:
• Explicit consent: If you have given your explicit consent during the purchase process or at a later time, in accordance with Article 6.1(a) of the GDPR, we will send these invitations as part of our customer service. You may withdraw your consent at any time with future effect by contacting us at the email address listed at the end of this policy.
• Contractual relationship: For customers registered with Revi via a free or paid subscription, sending review requests is part of the contracted service and necessary for its proper execution, in accordance with Article 6.1(b) of the GDPR. This processing is essential for the operation of our verified review collection and management system offered to our clients.
In all cases, the processing of data is strictly limited to this purpose and is carried out under appropriate conditions of security and confidentiality.

18. Policy Changes
Revi reserves the right to modify this policy to reflect legal or jurisprudential developments. In the event of substantial changes, users will be notified before they take effect. Continued use of the platform after such changes will be considered as acceptance thereof.

cookies.cookie	Description	Domain	Expiration
cor_session	Website-owned cookie. Essential for its functioning	revi	at the end of session
revi_cookie	Website-owned cookie. Essential for its functioning	revi	10 year

cookies.cookie	Description	Domain	Expiration
1P_JAR	Third party Google Cookie that collects statistical data about anonymous browsing.	google.com	1 month
_gid	Corbeto's Boots and Google Analytics affiliate Cookie that distinguishes users.	google.com	24 hours
__Secure-3PSIDCC	Advertising. These cookies are used to deliver ads that are relevant to you and your interests.	google.com	1 year
__Secure-1PSID	Cookie required to use website options and services.	google.com	2 years
SID Terceros	User preferences storage in Google.	google.com	2 years
__Secure-1PAPISID	Cookie required to use website options and services.	google.com	2 years
HSID	User preferences storage in Google.	google.com	2 years
__Secure-3PSID	Advertising. These cookies are used to deliver ads that are relevant to you and your interests.	google.com	2 years
SSID	Stores information, identifiers and preferences on Google.	google.com	2 years
SIDCC	Used by Google to provide services and extract anonymous information about browsing.	google.com	1 year
__Secure-1PSIDCC	Cookie necessary for the use of website options and services in one year.	google.com	1 year
__Secure-3PAPISID	These cookies are used to deliver ads that are relevant to you and your interests.	google.com	2 years
SAPISID	User preferences storage in Google.	google.com	2 years
APISID	User preferences storage in Google.	google.com	2 years
1P_JAR	Google Cookie. Used to collect website statistics and track conversion rates.	google.com	30 cookies.cookie_time_days
DV	Preference cookie placed by google.com stores Google-related information, identifiers, and preferences.	google.com	variable
OGPC	Cookie required to use website options and services in one month.	google.com	variable
CONSENT	Cookie acceptance function on websites.	gstatic.com	permanent
SEARCH_SAMESITE	The goal is to mitigate the risk of cross-site information leakage. It also provides some protection against cross-site request forgery attacks.	google.com	5 months
NID	These cookies are used by Google to store user preferences.	gstatic.com	6 months
OTZ	Purpose: advertising. They allow optimizing and customizing ads displayed while browsing. It is related to Google Adwords personalized advertising system.	google.com	1 month