If there is a discrepancy, conflict or inconsistency with this Privacy Notice and your Terms of Service Agreement with Us, the Data Privacy provisions in your Agreement with us will take precedence over the Data Privacy terms in this Privacy Notice.
This Privacy Notice does not apply to data that Revnue processes on behalf of our Customers’ “Personal Data” in our capacity as our Customer’s data processor.
We take your privacy very seriously. We acknowledge that data privacy is an ongoing responsibility. Thus, from time to time we will update this Privacy Notice as our business expands, and we undertake new business opportunities that involve your personal data. Therefore, we strive to adhere to the following principles laid out in this Privacy Notice:
DATA PROTECTION OFFICER
Revnue is headquartered in West Covina, California in the United States. Our company has appointed an internal data protection officer for all questions and concerns regarding this Privacy Notice or our privacy policies regarding the collection of your personal data. Our data protection officer’s name and contact information appear below:
John Cortez – Revnue
- Notice – We tell you what information we collect, how we use it, how our users and Customers use it and when and how we share it.
- Choice –We will offer individuals the opportunity to choose (opt-out) whether their Personal Data is (a) to be disclosed to a third party (other than our third party processors), or (b) to be used for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual.
- Accountability for Onward Transfers – We take steps to gain assurances from our processors that they will safeguard Personal Data consistent with this policy and take steps against to stop disclosure in violation of this policy. In cases of onward transfer to third parties of Personal Data received pursuant to the EU-U.S. Privacy Shield and the Swiss-U.S. Privacy Shield, Revnue is potentially liable.
- Security – We will take reasonable precautions to protect Personal Data in our possession from loss, misuse and unauthorized access, disclosure, alteration, and destruction.
- Data Integrity & Purpose Limitation. We will use Personal Data only in ways that are compatible with the purposes for which it was collected or subsequently authorized by the individual. We will take reasonable steps to ensure that Personal Data is relevant to its intended use, accurate, complete, and current.
- Personal Data Requests Upon request, we will grant individuals reasonable access to Personal Data that we hold about them, and we will take reasonable steps to permit individuals to correct, amend, or delete information that is demonstrated to be inaccurate or incomplete.
PERSONAL DATA WE COLLECT
Personal Data, or Personally Identifiable Information or “PII” means any information relating to or which can be reasonably connected to an identified or identifiable natural person. We collect Personal Data from users of the Services (“Customers”), our website, marketing efforts, in-person events and trade shows and other means.
- Contact information – such as your first and last name, email address, phone number, business name and physical address when you contact US through our website, social media or other means. We collect some of this information using various third-party vendors.
- Online data – such as IP address, personal information contained in cookies (see below regarding detailed information regarding cookie collection. We also track usage information about how you interact with our website and other internet accessible sites that we use to interact with you, such as Twitter, Facebook, LinkedIn and Youtube.
- Website and Server Logs – When you visit our website and/or use our online Revnue platform, our servers capture your activity, your Internet Protocol (IP) address, computer settings, which browser you use, what language your browser is using, the date/time of your usage, any referring URL (the website that sent you to us), and additional information contained in cookes. (see detailed cookie information below)
- Correspondence If you contact us by email, postal mail, or other form of communication that reveals your personal data, we may store such information and use it to respond to you; to notify you of additional services, or to keep a record of your comment or complaint, accommodation request, or similar issues. As with other forms of data collection, if you desire to have your personal data “erased” please contact us at email@example.com
- Customer feedback, from time to time, we may ask you to provide feedback either directly, over the phone, through our software or through our support team. You are not required to provide feedback, but if you do, your name and comments will be stored and used to improve the services we deliver to you through our platform.
- Revnue Services Platform
- Data Collected through the Revnue Services via uploading of their contracts (“Content”) may include third party personally identifiable information collected and processed under the direction of our Customers, who are the controllers of that data.
- Revnue processes Customer Data, which may contain Personal Data, under the control of our Customer, and Revnue has no direct control or ownership of the Personal Data that we process on behalf of our customers. Customers are fully responsible for complying with any applicable data protection laws or regulations that require notice, disclosure, and/or obtaining consent prior to transferring the Personal Data to Revnue for processing. Terms that are not otherwise defined in this notice shall have the meaning as set forth in the Revnue Terms of Service or Data Processing Agreement addendum, if any. In the event of a conflict between this Privacy Notice and the Customer Terms of Service and/or Customer Data Processing Agreement, the terms of the Customer Terms of Service and Customer Data processing Agreement will control.
- An individual who seeks access to their data, seeks to correct, amend or delete inaccurate data or wishes to opt-out of or remove Personal Data provided by a Revnue Customer should direct his/her query to the Revnue Customer he/she interacts with directly (the data controller). If a third party requests that we remove personally identifiable information on their behalf, we will attempt to redirect their demand/inquiry to the relevant Revnue Customer.
- Revnue may transfer personal information to other companies that help us provide our Services. Transfers to subsequent third parties are covered by the provisions in this policy regarding notice and choice and the service agreements with our Customers.
- Customers who use Revnue.com (or dashboard.revnue.com) will have their Content stored in the United States. In the future, we may expand Revnue into Europe and Asia, and will provide guidance on where customer data and content is stored.
- Detailed information on our collection of Cookies
- Disabling Cookies Most web browsers automatically accept cookies, but if you prefer, you can edit and manage your browser options to block them in the future. The Help portion of the toolbar on most browsers will tell you how to disable and manage your cookies settings. If you disable cookies you may still browse public areas of the Site, but some features and Services may not function.
HOW DO WE USE YOUR PERSONAL DATA?
Revnue will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
- Websites, Social Media, Events and other Marketing means
- We collect your personal data to administer our Website, for marketing purposes, to continuously improve your experience in using our website and services, to insure that our website and social media content displays in the most efficient and effective manner, for usage trend monitoring and advertising.
- We also collect your information and use it to improve our network and information security practices.
- We also collect your personal data that you provide to us to inform you of additional services, to schedule meetings, or simply to reply to you based on your inquiry.
- Revnue Platform
- Revnue collects and uses your personal information to operate the Revnue Site and deliver the services you have requested. Revnue may also use your personally identifiable information to inform you of other products or services available from Revnue and its affiliates with your prior consent. Revnue may use the personal data it collects for the following additional reasons:
- Manage your usage of Revnue, respond to inquiries and comments, and provide customer service and support.
- Send customers alerts, updates, security notifications and other administrative communications.
- Customer Support – Revnue both directly and through its third-party processors Intercom and Hubspot, collect site analytics information detailed below and combine it with your email address and other information you provide using fields or sign-in for the purpose of providing customer service and follow up on the Services. Revnue may also access content solely for the purpose of providing Customer Support.
Passwords and Logins (Unique Identifier)
Passwords and usernames are used for user authentication.
Direct Marketing and Opt-Out
We use User Personal Data to communicate with you regarding the provision of the Services, but also to let you know about additional features and services we provide that may be of interest to you. If you do not wish to receive marketing communications, you may opt out at any time.
You may also sign up for blog updates from our Web site. In both of these cases, we will use your name and email address to send these materials to you. You may choose to stop receiving these communications by following the unsubscribe instructions included in these emails, via our webform or you can contact us at:
Mail: 1050 Lakes Drive Ste 225 West Covina, CA 91790
Revnue will not otherwise transmit, disclose or share your personal data to non-Revnue persons or businesses for their independent use unless: 1. You specifically authorize it; 2. The information is given to comply with the law, such as a search warrant, court order or subpoena, to enforce an agreement with have with you, or to protect our rights, property or safety, or the rights, property or safety of our employees or others; 3. The information is given to our agents, vendors, affiliates or service providers who perform functions on our behalf; 4. To address emergencies or acts of God; 5. To address disputes, claims, or to persons who are your agents or representatives purporting to have legal authority to act on your behalf. We may also collect aggregated data about our customers and Site visitors and transmit the results of such aggregated (but de-identified) information to our partners, vendors, service providers, advertisers, and third parties for purposes of marketing and promotions.
Processing your payment
Revnue does not store your payment information. Customer subscription level is recorded in our application and passed to Intercom only to verify the account for customer support purposes.
Assisted credit card transactions, used when Customers provide us with their credit card payment; Revnue will record the subscription level and provide the subscription level to Stripe, which processes the payment and renewals. Revnue does not store credit card information separately from Stripe. Access to Stripe is limited to key Revnue personnel; such access is personally identifiable to specific individuals and password protected to maintain control over access and preserve accountability for misuse.
Payments information is collected by our banking service provider, Bank of America, in the course of receiving payments made by check/ACH.
Law Enforcement and Internal Operations
Personal Data may be provided where we are required to do so by law, or if we believe in good faith that it is reasonably necessary
- to respond to claims asserted against Revnue or to comply with the legal process (for example, discovery requests, subpoenas or warrants);
- to enforce or administer our policies and agreements with users;
- for fraud prevention, risk assessment, investigation, customer support, product development and de-bugging purposes;
- or to protect the rights, property or safety of Revnue’s users or members of the general public.
Third-Party Data Processors or Service Providers
We engage Service Providers or “Data Processors” to perform services on our behalf to help us provide services to you. Additionally, we engage third-party Data Processors to assist us in processing of credit cards, marketing, IT infrastructure, cloud computing, SaaS, data enhancement and other services to enhance your experience with our subscription services as well as our website and business in general.
These third-party Data Processors may have access to your personal data in order to provide such functions.
We require all Data Processors to agree to take reasonable steps to keep Personal Data that we provide to them secure. We never authorize them to use or disclose your Personal Data except in connection with providing their services.
In addition, Revnue may share data with trusted partners as data processors to help us perform statistical analysis, send you email or postal mail, provide customer support, or to deliver our services to you. All such third parties are prohibited from using your personal information except to perform data processing according to Revnue’s instructions in order to provide our services to you, our customer.
The following third party processors collect personal data directly on our behalf:
We use AWS Textract (Amazon Web Services) to collect your Content and transmit it to be analyzed and stored by us as part of the Services. AWS Textract (Amazon Web Services) does not store your Content. Processing takes place in the United States.
We use AWS (Amazon Web Services) to host our infrastructure. Some or all of your data may be stored on AWS systems. As a data processor acting on our behalf, AWS will only process your Personal Data according to Revnue’s instructions, and Revnue will only request processing by AWS that is in conformity with this Privacy Notice. For more information on AWS’s Data Privacy practices, please visit their data privacy center. At this time, Revnue’s data is only hosted in the United States.
We use Mailchimp for email and marketing campaigns. This service requires that you opt in before your Personal Data is shared with Mailchimp for marketing and email purposes. You can opt out at any time. Information collected includes your email address and full name. To learn more about Mailchimp’s privacy practices please visit their privacy webpage.
We use Calendly to permit you to schedule meetings with us. When you schedule a meeting with us, your Personal Data is collected to perform this service. Your name and email address is collected and is required for a meeting to be scheduled. To learn about Calendly’s privacy practices, please visit their privacy page.
We utilize Stripe as a payment gateway for payments. Data Processing takes place in the United States and Stripe is self-certified under the EU-U.S. and Swiss-US Privacy Shield. Users should review Stripe’s security policy before initiating transactions on the Site.
SECURITY OF YOUR PERSONAL INFORMATION
How is my data protected?
Revnue secures your personal information from unauthorized access, use or disclosure. We follow generally accepted standards to protect the personal information submitted to us, both during transmission and once we receive it. When sensitive information (such as log-in credentials) is submitted, it is protected through the use of encryption. We restrict access to your personal data to those employees who require that information in connection with Revnue’s services to you. Furthermore, our employees are instructed regarding the importance of confidentiality and maintaining the privacy and security of your information.
Reasonable administrative, technical, and physical security measures taken, include but are not limited to:
- Restricting access to Personal Data protected by passwords, which are restricted and revoked when staff departs
- Restricting access to Personal Data to authorized staff
- Staff privacy and security instruction
- Requiring key contractors sign non-disclosure agreements (NDA’s)
- Intrusion detection
- Vulnerability scans
- Penetration testing
- Backups at offsite location
- Web application firewall
- Data and password are encryption
- Data is only available via SSL
- Data centers that are certified for ISO 27001, FedRAMP, DoD CSM.
- Malware detection
No method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, we cannot guarantee the security of any information we store, process, or transmit.
Data Storage and retention
Your personal data is stored on Revnue’s servers as well as the servers of Revnue’s cloud and SaaS based systems, located in the United States. Revnue keeps your data for as long as you are a Revnue subscriber. However, upon termination of your subscription to our services, your personal data will be removed after 6 months if there is no subscription renewal. For more specific information on where and how long your personal data is stored, please contact Revnue’s data protection officer at firstname.lastname@example.org.
Right to Review or Change Your Data
If your personal information changes, you may correct, update, amend, remove, or ask to have it removed by making the change on your user account settings page or by contacting us by phone or email at the contact information available on our Web site.
We will retain your information for as long as your account is active, as needed to provide you the Services and as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
If you are located in the European Economic Area (EEA) or the United Kingdom and you would like to review or change Personal Data that is not available through your profile, please contact us via at:
Right to Withdraw Consent
You have the right to withdraw consent where such consent is required to share or use data and you may request that we delete your Personal Data.
If you receive communications from us and no longer wish to receive them, please follow the removal instructions in the email or change your account settings.
Right to Remove
You can delete your Personal Data by logging into your account and deleting your account. However, since your Personal Data is required for us to provide the Services to you, deleting it will also terminate your access to the services. Deleting your Personal Data does not mean that all of it will be removed. We take steps to delete Personal Data and Content that is no longer necessary in relation to provide the Services by deleting it within 12 months of you terminating your account.
If you are located in the EEA and wish to make a request for removal (Right to Be Forgotten), you may contact us via:
If we are legally required to comply with such a request, we will confirm your identity and delete your personal data in such time frame as required by law.
We may be required by law or to retain it to exercise or defend legal claims, or contractual obligations with our customers to retain some information in connection with our obligation to provide the Services. We may de-identify and anonymize some data for purposes of retaining it.
If you are located in the EEA and you would like us to transmit your Personal Data to another company providing similar services, we will work with them to do so upon request and verification of such request with both the requestor and the company receiving the Personal Data.
Right to Redress
If you are located in the European Economic Area (EEA) or United Kingdom and you believe we have violated any data protection laws, please contact us immediately at email@example.com We will investigate and attempt to resolve complaints and disputes regarding use and disclosure of Personal Data in accordance with the principles contained in this policy within forty-five (45) days of receiving a complaint. For complaints that cannot be resolved between us and the complainant, we have agreed to participate in the dispute resolution procedures pursuant to the Privacy Shield Principles, which includes dispute resolution through means such as FTC enforcement, alternative dispute resolution process and binding arbitration.
We have further committed to refer unresolved privacy complaints under the EU-US and Swiss-US Privacy Shield Principles JAMS, Inc., a non-profit alternative dispute resolution provider located in the United States. Click on the link to file an EU-U.S. Privacy Shield or Swiss-U.S. Privacy Shield Claim with JAMS.
Please be advised that individuals may have the option to seek binding arbitration to resolve disputes regarding our privacy and data protection practices. An individual who decides to invoke this arbitration option must take the following steps prior to initiating an arbitration claim: (1) raise the claimed violation directly with the organization and afford the organization an opportunity to resolve the issue within the timeframe set forth in Section III.11(d)(i) of the Principles (2) make use of the independent recourse mechanism under the Principles, which is at no cost to the individual; and (3) raise the issue through their Data Protection Authority to the Department of Commerce and afford the Department of Commerce an opportunity to use best efforts to resolve the issue within the timeframes set forth in the Letter from the International Trade Administration of the Department of Commerce, at no cost to the individual.
We are subject to the investigatory and enforcement powers of the Federal Trade Commission (“FTC”). Should an individual be unable to resolve a complaint with us, they may contact the FTC at the following address:
Federal Trade Commission
Attn: Consumer Response Center 600 Pennsylvania Avenue NW , Washington, DC 20580 or www.ftc.gov
European Economic Area and United Kingdom data subjects may also have the right to file complaints with the Data Protection Authorities located in the jurisdiction they are located in.
Transnational Transfer of Data
If you are using the Revnue.eu service, your Content will be stored in Ireland but may be processed in the United States. If you are providing your Personal Data to us directly to use our Services, we will transmit your data, including your Personal Data, to the United States in order to fulfill our contractual obligations to you.
US-EU Privacy Shield Certification Information
The United States Department of Commerce has worked with the European Commission to develop the EU-U.S. Privacy Shield Framework and Swiss-US Privacy Shield Framework (“Privacy Shield”) to allow U.S. companies to meet the European Union (“EU”) and United Kingdom law requirements that Personal Data transferred from the EU or United Kingdom to the United States be adequately protected. Consistent with its pledge to protect personal privacy, we adhere to the Privacy Shield Principles. If there is any conflict between the policies in this Personal Data Protection Policy (this “Policy”) and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield Principles, and to view our certification page, please visit https://www.privacyshield.gov.
This policy may be amended from time to time, consistent with applicable data protection and privacy laws and principles including, but not limited to the requirements of English law, the EU General Data Protection Directive and/or Privacy Shield Principles. We will notify you of changes to this policy either through email, posting on our website, via our Services, or other means. We will notify Customers if we make changes that materially affect the way we handle Personal Data that we previously collected, and we will allow them to choose whether their Personal Data may be used in any materially different manner.
This section solely applies to residents of Nevada and California.
We do not knowingly collect the Personal Data of consumers, as defined in the California Consumer Privacy Act (CCPA). As a “Service Provider” under CCPA, we may come into possession of consumer Personal Data and will treat such data in accordance with the CCPA to the extent we are required to do so.
Categories of California Data Collected
We collect the following categories of Personal Data from the customers and authorized users of our Service and website:
- First name
- Last name
- Institutional affiliation
- Email address
- Phone number
- User history
- Location (beacon)
- Time zone
- IP address
- User actions
- Credit card information by our third party processors for billing and invoice purposes
- Device ID
Categories of Sources from Which We Collect Personal Data
The sources from which we may have collected personal information about you or your use of the Services are listed above in this Privacy Notice:
More details concerning the business and commercial purposes are set forth in the “How We Use Your Personal Information” section. We may disclose the categories of personal information identified in this California Privacy Notice about our California consumers for our operational purposes where the use of such personal information is reasonably necessary and proportionate to achieve the operational purpose for which the personal information was collected or processed or for another operational purpose that is compatible with the context in which the personal information was collected.
Categories of Third Parties with Whom We Shared the Personal Information
The categories of third parties, as defined by the CCPA, with whom we share personal information include our business partners, data analytics and the third parties doing business with you.
Categories of Personal Information sold, shared or Disclosed for a Business Purpose
We may disclose for a business purpose (each as defined under CCPA) any or all of the personal information collected from and about you as set forth in the How Do We User Your Personal Data and Shared Information sections.
Your California Privacy Data Subject Rights
If you are a California resident who is considered a “consumer” in your dealings with us, you may have certain rights. California law may permit you to request that we:
- Provide you the categories of personal information we have collected or disclosed about you in the last twelve months; the categories of sources of such information; the business or commercial purpose for collecting or selling your personal information; and the categories of third parties with whom we shared personal information.
- Provide access to and/or a copy of certain information we hold about you.
- Delete certain information we have about you.
You may have the right to receive information about the financial incentives that we offer to you (if any). You also have the right to not be discriminated against (as provided for in applicable law) for exercising certain of your rights. Certain information may be exempt from such requests under applicable law. For example, we need certain types of information so that we can provide the Services to you and for compliance with applicable law. If you ask us to delete certain information, you may no longer be able to access or use the Services.
If you would like to exercise any of these rights, please visit our “Do Not Sell My Information” webform or contact us at phone number. You will be required to verify your identify before we fulfill your request. You can also designate an authorized agent to make a request on your behalf. To do so, you must provide us with written authorization or a power of attorney, signed by you, for the agent to act on your behalf. You will still need to verify your identity directly with us.
If you are a consumer who has provided Personal Data to us, you also have the right to opt out of the sale of your personal information. California law broadly defines sale such that it may include allowing third parties to receive certain information, such as cookies, IP address (combined with other Personal Data) and/or browsing behavior, to deliver targeted advertising. If you would like to opt out, you may do so through our webform or by emailing us firstname.lastname@example.org.
YOUR CALIFORNIA PRIVACY RIGHTS UNDER THE SHINE THE LIGHT LAW
California residents who have an established business relationship with Revnue may make a written request to Revnue about whether Revnue has disclosed any Personal Information to any third-parties for the third-parties’ direct marketing purposes during the prior calendar year. To make such a request, please send an email, call or write us:
Mail: 1050 Lakes Drive Ste 225 West Covina, CA 91790
NOTICE FOR NEVADA RESIDENTS
Under Nevada law, certain Nevada consumers may opt out of the sale of “personally identifiable information” for monetary consideration to a person for that person to license or sell such information to additional persons. “Personally identifiable information” includes first and last name, address, email address, phone number, Social Security Number, or an identifier that allows a specific person to be contacted either physically or online.
We do not engage in such activity; however, if you are a Nevada resident who has purchased or leased goods or services from us, you may submit a request to opt out of any potential future sales under Nevada law by email to: support@Revnue.com Please note we will take reasonable steps to verify your identity and the authenticity of the request. Once verified, we will maintain your request in the event our practices change.
If you believe that Revnue has not adhered to this Statement or have questions, please contact us at:
Mail: 1050 Lakes Drive Ste 225 West Covina, CA 91790
UPDATED: July 13, 2021
- Revnue Corp.
- 1050 Lakes Drive
- STE 225
- West Covina, CA 91790
+1 866-4-REVNUE (473-8683)