This policy explains what personal data Reven.eu collects, why, and what rights you have over it. Reven.eu is operated by Idea Imp BV, registered in Belgium (VAT BE0563664030, registered office at Broekveld 28, 1840 Londerzeel). We'll refer to Idea Imp BV as "Reven.eu", "we", or "us" below. This entity may in future be replaced by a dedicated Reven.eu operating company; if that happens, we'll update this notice.
Two kinds of data we handle
It matters who's the "controller" of a given piece of data, so we split this in two:
- Your account and usage data, as a Reven.eu customer or trial user (name, work email, login activity, billing contact). Here, Reven.eu is the data controller and this policy governs it directly.
- Your CRM's pipeline data (deals, contacts, stages, and change history) that we read from HubSpot or Pipedrive once you connect your account. Here, you (or your company) remain the data controller and Reven.eu acts as a data processor on your instructions, under a data processing agreement available on request. If you're an end customer of one of our customers and have questions about your own data inside their CRM, please contact that company directly.
What we collect
Account data
- Name, work email address, and company you provide when signing up or starting a trial
- Login and session activity within the app
- Support and sales communications, including trial onboarding calls
- Billing contact details and invoice history
CRM data (processed on your behalf)
- Deals, contacts, pipeline stages, and their change history, read with read-only access from your connected CRM (HubSpot today, Pipedrive in progress)
- We never write back to your CRM and never modify the source records
Website data
- Aggregate, cookieless analytics on reven.eu via a self-hosted analytics tool, used only to understand traffic and page performance
Why we process it
- To provide the service: reading and recording your CRM's pipeline history so you can review, diagnose, and plan against it (performance of our contract with you)
- To run your account: authentication, billing, and support (performance of our contract, and our legitimate interest in operating the service)
- To communicate with you: onboarding, product updates, and, if you've signed up for them, occasional weekly digest emails (legitimate interest, or consent where required; you can unsubscribe from non-essential emails at any time)
- To improve the site and product: aggregate, non-identifying usage statistics (legitimate interest)
- To meet legal obligations, such as tax and accounting records
Where your data is stored
Reven.eu runs on our own infrastructure, hosted on Hetzner Cloud servers located in the European Union. We don't transfer personal data outside the EU/EEA. Data in transit is encrypted (TLS), and your CRM's integration credentials (OAuth tokens) are encrypted with AES-256-GCM before we store them. More detail is on our security page.
Who we share it with
We don't sell personal data, and we don't share it for advertising. We share data with:
- Hetzner, our EU-based infrastructure provider, which hosts our servers and databases
- HubSpot and Pipedrive, as the source CRMs you choose to connect (we read from them; we don't send your Reven.eu data to them)
- Our email delivery provider, to send transactional and account-related emails
- Professional advisors (accountants, auditors, lawyers) and authorities, where required by law
How long we keep it
We keep account data for as long as your account is active, plus a reasonable period afterward for legal, accounting, and dispute-resolution purposes. We keep CRM pipeline history for as long as your subscription requires it, per the deal-history limits of your plan. If you cancel or request deletion, we remove your data from our systems within a reasonable period, except where we're legally required to retain it (e.g. invoices).
Your rights
Under the GDPR, you have the right to:
- Access the personal data we hold about you
- Correct inaccurate data
- Request deletion of your data
- Restrict or object to certain processing
- Receive your data in a portable format
- Withdraw consent at any time, where processing is based on consent
- Lodge a complaint with your local data protection authority, or with Belgium's Gegevensbeschermingsautoriteit
To exercise any of these, email info@reven.eu.
Cookies
reven.eu uses a self-hosted, cookieless analytics tool that doesn't track you across sites or build an individual profile. The Reven.eu app itself uses strictly necessary cookies or local storage to keep you signed in; these aren't used for tracking or advertising.
Children
Reven.eu is a B2B product intended for business use and isn't directed at children. We don't knowingly collect personal data from anyone under 16.
Changes to this policy
We may update this policy as the product or our processes change. We'll update the date at the top of this page, and for material changes, we'll notify active account holders by email.
Contact
Questions about this policy or how we handle your data: email info@reven.eu, or see our security page for more on how we handle your CRM data.