Trust center
Transparency, security practices, and how to reach us for privacy and compliance questions. RevvTik is established in the United Kingdom and operates under the UK GDPR. For EU/EEA use of the Services, we assess Article 27 EU GDPR obligations and will appoint an EU representative where required.
Security overview
Encryption, access controls, retention, and operational practices.
Sub-processors
Who helps us run RevvTik and how we notify you of changes.
Support
Product help, integrations, and account questions.
Privacy Policy
How we process personal data and your rights.
DPA
Article 28 processor terms for business customers.
Highlights at a glance
Encryption
TLS encryption in transit; encryption at rest for transcripts, scores, coaching insights, and integration credentials. Encryption controls are required in production deployments.
Audio deletion
Raw audio is deleted automatically immediately after transcription. Only the text transcript is retained.
Retention & growth tracking
Default 24 months for transcripts, scores, and coaching insights, so users can compare past and current performance and see growth. Org-configurable shorter periods supported.
Data deletion
On verified account or organisation deletion, primary deletion within 30 days; backup copies typically within a further 30 days. Individual erasure requests are handled within applicable legal timeframes.
Breach notification
Affected customers notified within 72 hours of becoming aware (Art. 33-aligned).
ICO registration
Registered with the Information Commissioner's Office · reference ZC160387.
Art. 22 safeguards
Onboarding explains coaching-only use; call detail links to how scoring works and an optional help path for reps and managers to involve their admin. No standalone "dispute" button on every score tile.
Contacts
Support, privacy & compliance
support@revvtik.comEU / EEA representative (Art. 27)
EU / EEA representative: RevvTik has not yet appointed an EU representative. We are assessing our Article 27 EU GDPR obligations for EU/EEA use of the Services. Where an EU representative is required for a customer deployment or market expansion, we will appoint an EU-based representative and update this policy with the representative's legal name, address, and contact details.
Lead supervisory authority
Information Commissioner's Office (ICO)RevvTik’s lead authority under the UK GDPR. EU/EEA users may also lodge a complaint with their local supervisory authority.
Data Protection Officer
RevvTik is not required to appoint a DPO under Art. 37 GDPR. Privacy matters are handled by our internal privacy team — support@revvtik.com.
Certifications
We are building toward SOC 2 Type II and ISO 27001-aligned controls. This section will list completed audits and report availability under NDA for enterprise customers.