Business

Users

Effective from February 25, 2026

Privacy Policy

1. Data Controller

The controller responsible for the processing of personal data collected through this website is:

REVI DIGITAL S.L.
Tax ID: B23839574
Address: Calle Gaudencia Torres 9 16, 46015, Valencia, (Spain)
Registered in the Mercantile Registry of Valencia, volume 11,473, book 8751, folio 81, sheet V-214487, entry 1st
Email: hola@revi.io

2. Purposes of Data Processing

The personal data we collect will be processed for the following purposes, depending on the relationship or interaction the user maintains with Revi:

Managing and responding to information, contact or support requests, sent through the corresponding form or by email.
Formalizing, managing and maintaining the contractual relationship arising from the contracting of our services, including the creation of user accounts and management of the private area.
Sending commercial communications about products, services or content of interest, when the user has given their express consent.
Sending invitations so that consumers can rate products or services, either as part of the contractual relationship or based on the consent given.
Analyzing platform usage and optimizing the user experience, as well as improving the technical functioning and quality of the service.
Complying with applicable legal obligations in tax, commercial, data protection or other applicable matters.

3. Legal Basis for Processing

The processing of personal data by Revi is based on different legal grounds, in accordance with the General Data Protection Regulation (GDPR), depending on the purpose of the processing.

When processing is necessary for the performance of a contract or for the application of pre-contractual measures requested by the data subject, the legal basis will be article 6.1.b) of the GDPR. This includes, for example, the management of the user account, the provision of contracted services or the handling of queries arising from said relationship.

In those cases where processing is based on the user's consent, such as the sending of commercial communications or newsletters, the legal basis is article 6.1.a) of the GDPR. Such consent may be withdrawn at any time, without affecting the lawfulness of prior processing.

Likewise, certain processing activities are carried out based on Revi's legitimate interest, in accordance with article 6.1.f) of the GDPR. This is the case for activities such as the continuous improvement of the platform, service quality control, fraud prevention or the sending of communications related to products or services similar to those already contracted, provided no objection has been raised.

Finally, in fulfillment of legal obligations, such as those arising from tax or commercial regulations (for example, retention of invoices or records), the applicable legal basis will be article 6.1.c) of the GDPR.

4. Types of Data Processed

Depending on the relationship the user maintains with Revi, different categories of personal data may be processed. These include, first of all, identification data such as name, surnames, email address and phone number. In the case of clients, additional contact data and data necessary for billing and administrative management will also be processed.

Technical data derived from platform usage is also collected, such as the IP address, browser type, device used, as well as records of interaction with the system or with emails sent.

In the context of the review service provision, data related to reviews submitted by consumers is also processed, such as the text of the review, the date of submission, the score assigned and certain technical metadata associated with it.

Finally, browsing data is collected through the use of cookies and similar technologies, the specific conditions of which are detailed in Revi's Cookie Policy.

5. Recipients and International Transfers

Revi may share personal data with third parties when necessary to fulfill the purposes set out in this policy. In particular, certain technology and service providers linked to the operation of the platform may have access to the data, such as hosting companies like Dinahosting, or tools used for email management, customer support or web usage analysis.

Likewise, where there is a legal obligation, data may be communicated to the competent authorities, in compliance with applicable regulations.

Some of the service providers used by Revi may be located outside the European Economic Area. In these cases, and in accordance with articles 44 to 49 of the General Data Protection Regulation, Revi guarantees that adequate safeguards have been adopted to ensure a level of protection equivalent to that required in the European Union. These safeguards include, among others, the signing of standard contractual clauses approved by the European Commission, as well as prior risk assessment and supplementary mechanisms where necessary.

6. Data Retention

Personal data will be retained for only as long as strictly necessary to fulfill the purpose for which it was collected in each case. Where there is a contractual relationship between the user and Revi, the data will be retained while said relationship remains in force, as well as while the consent given is maintained, where consent is the legal basis for processing.

Once the contractual relationship has ended or consent has been withdrawn, the data will be duly blocked for the legally established periods to address potential liabilities, in accordance with tax, commercial and data protection regulations. After these periods have elapsed, the data will be securely deleted. It will only be accessible for legal retention purposes, not for any other processing.

7. User Rights

At any time, the user may exercise their data protection rights by writing to hola@revi.io, duly identifying themselves and clearly indicating the request they wish to make.

In accordance with the provisions of the General Data Protection Regulation (GDPR), the rights available to you are as follows:

Right of access, to find out what personal data Revi is processing.
Right of rectification, to request the modification of inaccurate or incomplete data.
Right of erasure, to request the deletion of your data when it is no longer necessary for the purposes for which it was collected (also known as the "right to be forgotten").
Right to restriction of processing, to restrict the use of your data in certain circumstances.
Right to data portability, to receive your data in a structured, commonly used and machine-readable format, and to be able to transmit it to another data controller.
Right to object, to object to the processing of your data in certain situations and for reasons related to your particular situation.
Right to withdraw consent at any time, without affecting the lawfulness of processing based on consent prior to its withdrawal.

8. Cookies and Similar Technologies

Revi uses both first-party and third-party cookies and equivalent technologies for various purposes, always respecting the provisions of current data protection regulations and information society services regulations.

In particular, necessary cookies are used to ensure the essential technical functioning of the website, as well as analytical cookies aimed at statistical and browsing behavior analysis in order to improve the user experience. Cookies may also be used for advertising and personalization purposes, provided the user's prior consent has been obtained.

The user may configure, reject or accept the use of cookies through the Cookie Management Panel, accessible both at the bottom of the page and at the start of browsing. For more detailed information on the use and management of cookies, users may consult Revi's Cookie Policy at any time.

9. Communications with Revi

Personal data provided by the user when contacting Revi, whether through the form on the website or by sending an email to our contact addresses, will be processed for the purpose of handling their request, managing queries or providing the required information.

The data requested in such forms that are marked as mandatory are necessary to properly process the communication. In the absence of such information, it will not be possible to handle the query or process the user's request.

The legal basis legitimizing this processing will generally be the performance of pre-contractual or contractual measures at the request of the data subject (art. 6.1.b of the GDPR). Failing that, where no contractual relationship exists, the processing will be based on Revi's legitimate interest in properly handling the communications received (art. 6.1.f of the GDPR).

Once the query has been resolved or the request processed, the data will be retained in blocked form for the periods established by tax, commercial or data protection regulations, and will be securely deleted once those periods have elapsed, unless the user has given their consent for retention for additional purposes.

10. Online Meetings via Google Meet

In order to maintain direct and efficient communication with users, Revi may offer virtual meetings through the Google Meet platform, as part of the provision of its services or to resolve queries. Users may access these meetings through the Google Meet application or directly from the browser, without needing to install additional software.

During the use of this tool, various personal data may be processed, the quantity and nature of which will depend on the configuration and use made by the participant. The data processed includes: username, email address, profile photo, language, date and time of the meeting, session ID, IP address, approximate location, as well as any content shared via video, audio, chat or file transfer.

As a general rule, meetings are not recorded. If any recording were to take place, the user will be informed in advance and their express consent will be requested.

The purpose of processing this data is to enable the development of online meetings, facilitate the exchange of information and ensure effective communication with the user. The legal basis for processing will be the performance of a contractual or pre-contractual relationship (art. 6.1.b GDPR), or, failing that, Revi's legitimate interest in ensuring smooth and efficient contact (art. 6.1.f GDPR).

Data will not be shared with third parties unless strictly necessary for the development of the meeting. Revi uses technology providers, such as Google LLC, for the provision of this service, which may involve international data transfers. In these cases, adequate safeguards are adopted in accordance with articles 44 to 49 of the GDPR, including standard contractual clauses approved by the European Commission.

For more information on these transfers, please refer to the corresponding section of this Privacy Policy on recipients and international transfers.

11. Access Data and Hosting

Access to and browsing of the Revi website can be done without the need to provide personally identifiable data. However, when visiting our page, the web server automatically collects technical information which may include the IP address, date and time of access, name of the requested file, volume of data transferred, browser used, operating system and access provider, among other similar data.

This data, known as "access data", is collected and temporarily stored in server log files for the purpose of ensuring system security, guaranteeing optimal technical functioning of the site and improving the quality of our service. The processing of this information is based on Revi's legitimate interest in accordance with article 6.1.f) of the General Data Protection Regulation (GDPR). Data is retained as a general rule, unless it is necessary to delete it for other reasons.

The hosting of our website is provided by Dinahosting, whose servers are located at Interxion and Global Switch (Madrid, Spain). Said provider acts as a data processor in accordance with article 28 of the GDPR, providing its services under strict contractual commitments of confidentiality and security.

Any other processing of data collected during browsing will only be carried out in accordance with what is described in this Privacy Policy and, where applicable, based on the user's consent when so required.

12. Data Collection in the Use of Revi's Services

In the context of the provision of services offered by Revi, personal data provided by users (clients) is collected when using our functionalities, such as sending review requests, participating in rating processes, or using the client area.

Certain technical and interaction data is also automatically recorded, such as IP addresses, browser used, device type, access logs, and data related to the opening and interaction with emails sent by Revi. This information is processed for security, technical diagnostics, platform improvement and user experience personalization purposes, all based on the legal basis of legitimate interest in accordance with article 6.1.f) of the GDPR.

Personal data may be used to identify the user, properly manage their account, send informational or promotional communications (when consent has been given), resolve queries about products or stores, and improve our services through aggregate analysis.

Data linked to the user's profile, such as their ratings, responses or interactions, may be publicly displayed in search engines or on the profiles of the reviewed businesses, in fulfillment of the legitimate purpose of transparency of the review system.

Data retention is limited to the time strictly necessary to fulfill the aforementioned purposes or to meet legal obligations. Subsequently, data will be deleted or anonymized. In the event of account cancellation, Revi will retain only a minimal record of the deletion event, for traceability and regulatory compliance purposes.

Revi applies adequate technical and organizational security measures to protect personal data against unauthorized access or improper processing. However, it is noted that it is not possible to guarantee the absolute security of information transmitted through unencrypted means, such as email.

13. Electronic Newsletter and Commercial Communications

If you subscribe to our newsletter, or provide your details to download free content from our website or from our social media pages (such as Facebook or LinkedIn), we will use your email address and associated data to send you periodic communications with news, tips and content related to our services. This processing is based on your express consent, in accordance with article 6.1.a) of the GDPR.

The newsletter may be sent through service providers contracted by Revi, who will act as data processors and with whom we maintain contracts that guarantee confidentiality, security and legality in the use of your data.

You may unsubscribe at any time through the link available in each email or by writing to the contact address indicated in this policy.

14. Advertising by Email Without Prior Newsletter Subscription and Right to Object

In the event that we have obtained your email address in the context of a prior contractual relationship —for example, following the purchase of a product or contracting of a service— and provided that you have not expressly objected, we reserve the right to send you commercial communications by electronic means relating to products or services similar to those already purchased. This processing is based on our legitimate interest in maintaining a commercial relationship with our clients in accordance with article 6.1.f) of the GDPR.

Such communications may be sent through external service providers, who act as data processors under our instructions and with the relevant legal safeguards.

You have the right to object at any time to the processing of your data for promotional purposes. You may easily exercise this right by using the unsubscribe link included in each email or by writing directly to the contact address found in this policy.

15. Cookies and Web Analytics Technologies

In order to offer you an optimized browsing experience, enable the use of essential functionalities, display content tailored to your interests and carry out statistical analysis or market research, we use cookies and similar technologies that store or retrieve information on your device (hereinafter, "cookies").

What are cookies?
Cookies are small text files that are saved on your device when you visit our website. Some of them are necessary for the basic functioning of the site (technical or functional cookies), while others help us improve performance, personalize content, or carry out measurements and statistical analysis.

There are different types:

Session cookies, which are deleted when the browser is closed.
Persistent cookies, which remain on your device to recognize it on future visits.
First-party cookies, managed directly by Revi.
Third-party cookies, such as those used by analytics or advertising services (for example, Google Analytics).

Consent management
Available at the bottom of the page at all times, you can accept or reject the use of non-essential cookies. This panel provides you with detailed information about:

The cookies used
Their purpose
Their duration
The corresponding legal basis (consent, legitimate interest, etc.)

The choices you make are stored in your local browser. If you change your device or browser, or clear your browsing data, you will need to reconfigure your preferences.

Please note that if you choose to reject some cookies, certain website functions may not be available or browsing may not be optimal.

For more information, please consult our Cookie Policy.

16. Social Media Presence

Revi maintains active profiles on various social media platforms (such as Facebook, Instagram, LinkedIn, among others) with the aim of facilitating communication with our clients, offering direct support, and disseminating information about our products, services and promotions.

When you access our social media profiles, the respective platform operators may collect and process your personal data, even if you are not registered or authenticated on them. This data collection is usually carried out through cookies or similar technologies, and may include information such as your browsing behavior, interests, interactions with our content, approximate location, or the device used.

The purpose of this data processing is the analysis of usage and the creation of advertising profiles (also known as "pseudonymized profiles"), which allow the display of personalized advertisements within and outside the platforms. This activity is based on Revi's legitimate interest, in accordance with article 6.1.f of the GDPR, consisting of optimizing the visibility of our brand and improving communication with users and potential clients.

If the social network provider requests your express consent for certain processing activities (for example, through a checkbox), the legal basis will be article 6.1.a of the GDPR.

Joint responsibility on social media
On certain social networks, such as Facebook (Meta), we share responsibility for data processing with the platform operator, in accordance with article 26 of the GDPR. This means that if you interact with our content, both we and the platform may have access to aggregated or statistical data about the interaction.

International data transfers
Some social media platforms are headquartered outside the European Economic Area (for example, in the United States). In these cases, the adequate safeguards established in articles 44 to 49 of the GDPR apply, in particular the standard contractual clauses approved by the European Commission, in order to ensure an adequate level of protection for your personal data.

17. Sending Review Invitations by Email

We may use your email address to send you invitations to rate products or services purchased, provided one of the following conditions is met:

Express consent: If you have given your consent explicitly during the purchasing process or at a later time, in accordance with article 6.1.a of the General Data Protection Regulation (GDPR), we will send these invitations as part of our customer service. You may withdraw such consent with future effect at any time by writing to the contact address indicated at the end of this policy.
Contractual relationship: In the case of clients registered with Revi through free or paid membership, the sending of review requests forms part of the contracted service and is necessary for its proper execution, in accordance with article 6.1.b of the GDPR. This processing is essential for the provision of the verified review collection and management system we offer to our clients.

In all cases, the processing of data is strictly limited to this purpose and is carried out under adequate security and confidentiality conditions.

18. Policy Modifications

Revi reserves the right to modify this policy to adapt it to legislative or case-law developments. In the event of substantial changes, users will be notified before they take effect. Continued use of the platform after such changes will be considered as acceptance of them.

cookies.cookie	Description	Domain	Expiration
cor_session	Website-owned cookie. Essential for its functioning	revi	at the end of session
revi_cookie	Website-owned cookie. Essential for its functioning	revi	10 year

cookies.cookie	Description	Domain	Expiration
1P_JAR	cookies.cookie_stats_2	google.com	1 month
_gid	cookies.cookie_stats_3	google.com	24 hours
__Secure-3PSIDCC	cookies.cookie_stats_4	google.com	1 year
__Secure-1PSID	cookies.cookie_stats_5	google.com	2 years
SID Terceros	cookies.cookie_stats_6	google.com	2 years
__Secure-1PAPISID	cookies.cookie_stats_5	google.com	2 years
HSID	cookies.cookie_stats_6	google.com	2 years
__Secure-3PSID	cookies.cookie_stats_4	google.com	2 years
SSID	cookies.cookie_stats_9	google.com	2 years
SIDCC	cookies.cookie_stats_10	google.com	1 year
__Secure-1PSIDCC	cookies.cookie_stats_11	google.com	1 year
__Secure-3PAPISID	cookies.cookie_stats_12	google.com	2 years
SAPISID	cookies.cookie_stats_6	google.com	2 years
APISID	cookies.cookie_stats_6	google.com	2 years
1P_JAR	cookies.cookie_stats_14	google.com	30 cookies.cookie_time_days
DV	cookies.cookie_stats_15	google.com	variable
OGPC	cookies.cookie_stats_16	google.com	variable
CONSENT	cookies.cookie_stats_17	gstatic.com	permanent
SEARCH_SAMESITE	cookies.cookie_stats_18	google.com	5 months
NID	cookies.cookie_stats_19	gstatic.com	6 months
OTZ	cookies.cookie_stats_20	google.com	1 month