Trust center

Transparency, security practices, and how to reach us for privacy and compliance questions. RevvTik is established in the United Kingdom and operates under the UK GDPR. For EU/EEA use of the Services, we assess Article 27 EU GDPR obligations and will appoint an EU representative where required.

Highlights at a glance

  • Encryption

    TLS encryption in transit; encryption at rest for transcripts, scores, coaching insights, and integration credentials. Encryption controls are required in production deployments.

  • Audio deletion

    Raw audio is deleted automatically immediately after transcription. Only the text transcript is retained.

  • Retention & growth tracking

    Default 24 months for transcripts, scores, and coaching insights, so users can compare past and current performance and see growth. Org-configurable shorter periods supported.

  • Data deletion

    On verified account or organisation deletion, primary deletion within 30 days; backup copies typically within a further 30 days. Individual erasure requests are handled within applicable legal timeframes.

  • Breach notification

    Affected customers notified within 72 hours of becoming aware (Art. 33-aligned).

  • ICO registration

    Registered with the Information Commissioner's Office · reference ZC160387.

  • Art. 22 safeguards

    Onboarding explains coaching-only use; call detail links to how scoring works and an optional help path for reps and managers to involve their admin. No standalone "dispute" button on every score tile.

Contacts

  • Support, privacy & compliance

    support@revvtik.com
  • EU / EEA representative (Art. 27)

    EU / EEA representative: RevvTik has not yet appointed an EU representative. We are assessing our Article 27 EU GDPR obligations for EU/EEA use of the Services. Where an EU representative is required for a customer deployment or market expansion, we will appoint an EU-based representative and update this policy with the representative's legal name, address, and contact details.

  • Lead supervisory authority

    Information Commissioner's Office (ICO)

    RevvTik’s lead authority under the UK GDPR. EU/EEA users may also lodge a complaint with their local supervisory authority.

  • Data Protection Officer

    RevvTik is not required to appoint a DPO under Art. 37 GDPR. Privacy matters are handled by our internal privacy team — support@revvtik.com.

Certifications

We are building toward SOC 2 Type II and ISO 27001-aligned controls. This section will list completed audits and report availability under NDA for enterprise customers.