Privacy
Privacy Policy
Last updated: 2026-05-28
This Privacy Policy explains how Revue (“we,” “us,” or “Revue”) collects, uses, and shares information when you use revue.today, our merchant onboarding flow at /signup, or the customer review experience at /r/[shortCode].
Revue currently operates only in the United States. If you are located outside the United States, this service is not directed to you and we ask that you not use it. The California Consumer Privacy Act (CCPA) governs our handling of personal information. The GDPR, UK DSA, and EU AI Act do not apply to V1; we will revisit our compliance posture before any international rollout.
What we collect
We collect two categories of information, depending on whether you are using Revue as a merchant or as a diner.
Merchant information
- Email address (for receipts, support, and product updates)
- Business name, Google Place ID, business address, phone number
- Shipping name and address (for Counter Sign + Sticker Pack delivery)
- Payment information — processed by Stripe. We do not store card numbers or full payment credentials on our servers.
- IP address, browser type, device type, and basic request metadata
Diner (customer) information
The diner flow is designed to be anonymous. Diners do not create accounts. We do not require any personal identifier to submit a review.
- Star rating (1–5)
- Selected highlight chips (e.g. “Friendly staff”)
- Selected dishes (if provided)
- Optional free-text personal note (if provided)
- Generated and edited review draft text
- Hashed IP address (used only for rate-limiting and abuse detection)
- Language preference and visit-time metadata (in local time)
If a diner chooses the “Send privately to owner” path and voluntarily provides a name, email, or phone number, that information is forwarded to the merchant and stored alongside their feedback.
Why we collect it
- Service operation. To provision your merchant short link, generate AI review drafts, fulfill hardware orders, and route private feedback to you.
- Payment. To bill the Pro subscription and one-time hardware purchases via Stripe.
- Customer support. To respond to questions, refund requests, and abuse reports at support@revue.today.
- Product analytics. To understand which steps of the diner flow convert and which drop off (via PostHog).
- Error tracking. To detect and diagnose bugs in production (via Sentry).
- Abuse prevention. Hashed IP addresses let us rate-limit review submissions and detect bots without identifying any individual diner.
How we share it
We do not sell personal information. We share information only with the subprocessors listed below, and only to the extent necessary to operate Revue.
Subprocessors
| Provider | Purpose | Policy |
|---|---|---|
| Stripe | Payment processing (cards, subscriptions, refunds) | Privacy |
| Resend | Transactional email (receipts, shipping, support) | Privacy |
| Google (Places API) | Restaurant address resolution, review pull-back | Privacy |
| Google (Gemini API) | AI review draft generation (primary) | Privacy |
| Anthropic | AI review draft generation (fallback model) | Privacy |
| Vercel | Application hosting, CDN, edge runtime | Privacy |
| Upstash (Vercel KV) | Merchant + order data store (encrypted at rest) | Privacy |
| PostHog | Product analytics (event-level, no PII by default) | Privacy |
| Sentry | Server-side error tracking | Privacy |
| hCaptcha | Bot detection on signup and review submission | Privacy |
Data retention
- Merchant account data: retained while your account is active and for twelve (12) months after cancellation, then deleted or anonymized.
- Customer review submissions: retained for twenty-four (24) months in aggregate analytics form. We do not attempt to re-identify diners from submission data.
- Payment records: retained as required by US tax and accounting rules (currently seven (7) years).
- Error logs: retained for ninety (90) days in Sentry.
Your rights under CCPA
California residents have the following rights regarding their personal information:
- Right to know what personal information we have collected about you.
- Right to delete personal information we have collected about you.
- Right to correct inaccurate personal information.
- Right to data portability — receive a copy in a portable, machine-readable format.
- Right to opt out of sale — we do not sell personal information, so there is nothing to opt out of, but the right exists.
- Right to non-discrimination — we will not refuse service, charge different prices, or provide a different quality of service if you exercise any of these rights.
To exercise any of these rights, email support@revue.today. We will verify your request and respond within forty-five (45) days. If we need an extension, we will tell you why and when to expect a response.
Children
Revue is a B2B product for restaurant operators. We do not knowingly collect personal information from children under the age of 13. If you believe a child has provided us information, email support@revue.today and we will delete it.
Security
We use industry-standard practices to protect the data we hold: TLS in transit, at-rest encryption on Upstash (our KV store), principle-of-least-privilege access to production systems, and we do not store full payment card numbers (Stripe holds those). No system is fully secure; we make no guarantee that data will never be exposed.
Changes to this policy
If we make material changes to this policy, we will email all active merchant accounts at least thirty (30) days before the change takes effect. The “Last updated” date at the top of this page always reflects the most recent revision.
Contact
Questions, requests, or complaints: email support@revue.today. Mailing address available on request.
Cookies and similar technologies
Revue uses only first-party cookies and similar storage strictly necessary for the application to function (e.g. session state, rate-limit tokens, language preference). PostHog is configured in opt-out mode for product analytics; you can disable it from the footer toggle on every public page. We do not use third-party advertising cookies.
How we handle CCPA requests
- Email support@revue.today with the subject line “CCPA request” and tell us what you want to do (know, delete, correct, port).
- We verify your identity. For merchants, we match against the email on file. For diners (who do not have accounts), we match against information you can independently verify (the merchant short code, approximate time of submission, the review text).
- We respond within forty-five (45) days. We may extend once by another forty-five (45) days for genuinely complex requests; we will tell you in writing.