ReVu Back to Home

Legal

Privacy Policy

Last updated: 16 June 2026

1. Introduction

ReVu Systems ("ReVu", "we", "us" or "our") operates a customer experience platform that helps businesses collect reviews, receive private feedback, recognise repeat customers, manage loyalty activity and communicate with customers where lawful consent has been provided.

This Privacy Policy explains how we collect, use, store, share and protect personal information when people use ReVu, visit our website, request a demo, use a business review link, submit feedback, check in, receive loyalty rewards, use a business dashboard or interact with our platform.

ReVu is based in South Africa and aims to process personal information in line with the Protection of Personal Information Act, 4 of 2013 ("POPIA"), the Electronic Communications and Transactions Act, 25 of 2002 ("ECTA"), the Consumer Protection Act, 68 of 2008 ("CPA") where applicable and other applicable South African laws.

2. Who this policy applies to

This policy applies to:

  • website visitors;
  • people who request a demo or contact ReVu;
  • businesses that use or test ReVu;
  • business owners, managers and authorised users;
  • customers who use a ReVu review, feedback, check-in, loyalty or promotion link;
  • people who receive communications through ReVu-enabled systems;
  • suppliers, service providers and partners who interact with ReVu.

3. Our role under POPIA

Depending on the situation, ReVu may act as either a responsible party or an operator.

When we collect information directly for our own purposes, such as demo requests, account management, billing, platform security and support, ReVu acts as a responsible party.

When a business uses ReVu to collect customer feedback, check-ins, reviews, loyalty activity or marketing consent, the business may be the responsible party and ReVu may act as an operator that processes personal information on behalf of that business.

Businesses using ReVu remain responsible for ensuring that their own use of customer data, promotions, offers and marketing communications is lawful.

4. Personal information we collect

We may collect the following categories of personal information:

Website and demo request information

  • name;
  • business name;
  • email address;
  • phone number;
  • message or enquiry details;
  • preferred contact method;
  • website usage information.

Business account information

  • business name;
  • business location;
  • business contact details;
  • owner or staff user details;
  • login and authentication information;
  • billing and subscription status;
  • plan, feature and account settings;
  • support requests;
  • uploaded business logos or branding.

Customer review and loyalty information

  • mobile number;
  • rating selected;
  • private feedback or comments submitted;
  • check-in and visit activity;
  • consent and opt-in status;
  • date and time of interaction;
  • business linked to the interaction;
  • reward, loyalty or campaign participation information;
  • source information such as NFC tap, QR code or web link where available.

Messaging and campaign information

  • campaign name and content;
  • message status;
  • opt-out information;
  • communication history where stored;
  • SMS or WhatsApp credit usage and order information.

Finance and administration information

  • payment/order records;
  • invoices or proof of payment where uploaded;
  • finance transaction records;
  • receipts and supporting documents uploaded by platform admin;
  • internal records needed for accounting, support and security.

Technical and security information

  • IP address;
  • browser and device information;
  • timestamps;
  • session and login activity;
  • audit logs;
  • rate-limit and security events;
  • error logs;
  • metadata needed to detect abuse, protect accounts and operate the service.

5. Information we do not intentionally collect

ReVu is not designed to collect special personal information such as health information, biometric information, religious beliefs, political opinions, race, trade union membership or children's information.

Businesses and customers should not submit sensitive personal information through review comments, support messages or campaign forms unless specifically requested and legally justified.

6. How we collect personal information

We collect personal information when:

  • a person visits our website;
  • a person completes a demo or contact form;
  • a business creates or uses an account;
  • a customer enters a mobile number;
  • a customer submits a rating, feedback or check-in;
  • a customer consents to future offers or updates;
  • a business sends or drafts campaigns;
  • an admin uploads receipts, logos or business documents;
  • users interact with ReVu dashboards;
  • our systems automatically log security, usage and technical events.

7. Why we process personal information

We process personal information for the following purposes:

  • to operate the ReVu platform;
  • to provide review, feedback and check-in functionality;
  • to identify repeat customers for loyalty and reward purposes;
  • to help businesses understand customer sentiment and service issues;
  • to route satisfied customers to Google Reviews where appropriate;
  • to capture private feedback from unhappy customers;
  • to send offers, promotions or updates where consent or another lawful basis applies;
  • to manage SMS, WhatsApp or other communication credits;
  • to manage business accounts, plans, billing and support;
  • to process demo requests and enquiries;
  • to generate business dashboard insights and estimated impact metrics;
  • to keep the platform secure;
  • to prevent fraud, abuse and unauthorised access;
  • to comply with legal, tax, accounting and regulatory obligations;
  • to improve the service.

8. Lawful basis for processing

We process personal information only where we have a lawful basis to do so. Depending on the context, this may include:

  • consent;
  • performance of a contract;
  • compliance with a legal obligation;
  • protection of a legitimate interest of ReVu, a business client or a customer;
  • processing necessary for operating the service requested by the user;
  • processing required for security, fraud prevention and audit purposes.

Where consent is required, we aim to collect clear consent and keep a record of that consent.

9. Customer consent and marketing communications

When a customer enters a mobile number through a ReVu-powered review or check-in page, we may ask the customer to accept ReVu's Privacy Policy and Terms and to consent to their mobile number being used to process the review or check-in, recognise repeat visits, manage rewards and send future offers, promotions or updates from the relevant business via SMS or WhatsApp.

Customers can opt out of marketing communications at any time.

Marketing communications should only be sent where the customer has consented or where another lawful basis applies. Businesses using ReVu are responsible for ensuring that their marketing content, timing and customer targeting comply with POPIA, the CPA and other applicable laws.

10. Google Reviews and third-party platforms

For positive experiences, ReVu may redirect customers to a business's Google Review page.

Once a customer leaves ReVu and interacts with Google, Google's own terms and privacy policies apply. ReVu does not control Google's review interface, Google account requirements, Google's display of reviews or whether Google publishes, removes or filters a review.

ReVu does not guarantee that a customer will post a Google review or that Google will display it.

11. Estimated impact and analytics

ReVu may calculate estimated business impact, such as estimated recovered value, protected revenue, review growth value, loyalty activity, retention trends or customer sentiment.

These figures are estimates based on business-provided settings, customer activity and platform data. They are not guaranteed revenue, accounting records, tax advice or proof of actual sales.

12. Sharing of personal information

We may share personal information with:

  • the business that owns the customer relationship;
  • authorised business users linked to that business;
  • service providers who help us operate the platform;
  • hosting, database, authentication and storage providers;
  • SMS, WhatsApp, email and communication providers;
  • payment and billing providers where applicable;
  • support, security, analytics and monitoring providers;
  • professional advisers, accountants or legal advisers where needed;
  • regulators, courts or authorities where required by law.

We do not sell personal information.

13. Operators and service providers

We use trusted service providers to host and operate ReVu. These providers may process information on our behalf.

We require service providers to process information only for authorised purposes and to take reasonable measures to protect it.

14. International transfers

Some service providers may store or process information outside South Africa.

Where personal information is transferred outside South Africa, we will take reasonable steps to ensure appropriate protection, contractual safeguards or another lawful basis for the transfer.

15. Data security

We use reasonable technical and organisational measures to protect personal information, including:

  • access controls;
  • authentication;
  • role-based permissions;
  • row-level security and server-side access controls where applicable;
  • audit and security logging;
  • rate limiting and abuse prevention;
  • storage access controls;
  • environment secrets for sensitive configuration;
  • review of public and private data paths;
  • administrative restrictions for sensitive information.

No system is completely secure. Users and businesses must also protect their own login details, devices and staff access.

16. Data retention

We keep personal information only for as long as reasonably needed for the purposes described in this policy, unless a longer retention period is required or allowed by law.

Retention may depend on:

  • the business relationship;
  • legal, accounting or tax requirements;
  • support and dispute needs;
  • security investigation needs;
  • customer opt-out or deletion requests;
  • active subscriptions or service records.

When information is no longer required, we will delete, de-identify or restrict it where reasonably possible.

17. Customer opt-out and deletion requests

Customers may request that they stop receiving marketing communications.

Customers may also request access, correction or deletion of their personal information, subject to legal, security and operational requirements.

Some requests may need to be handled by the business that collected the customer data through ReVu. Where ReVu acts as an operator, we may refer the request to the relevant business.

18. Data subject rights

Subject to POPIA and applicable law, data subjects may have the right to:

  • know what personal information is being collected;
  • request access to personal information;
  • request correction or deletion of personal information;
  • object to certain processing;
  • withdraw consent where processing is based on consent;
  • object to direct marketing;
  • complain to the Information Regulator.

19. Information Regulator

Complaints relating to personal information may be submitted to the Information Regulator of South Africa.

Users should first contact ReVu or the relevant business so that the issue can be reviewed and addressed.

20. Cookies and similar technologies

ReVu may use cookies, local storage or similar technologies to:

  • keep users signed in;
  • operate the website and dashboards;
  • remember preferences;
  • improve security;
  • understand general usage;
  • support performance and error monitoring.

Users can manage cookies through their browser settings, but some features may not work correctly if cookies are disabled.

21. Children

ReVu is not intended for children under 18. Businesses should not knowingly collect children's personal information through ReVu without appropriate legal basis and parental or guardian consent where required.

22. Business responsibilities

Businesses using ReVu must:

  • use customer information lawfully;
  • provide accurate business information;
  • honour valid opt-outs;
  • avoid sending unlawful spam;
  • avoid uploading unnecessary sensitive information;
  • ensure authorised staff use the dashboard responsibly;
  • comply with POPIA, CPA and other applicable laws;
  • ensure their offers, rewards and promotions are accurate and lawful.

23. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. The updated version will be posted on this page with a new "Last updated" date.

Continued use of ReVu after changes means the updated policy applies.

24. Contact

Questions about this Privacy Policy can be sent to support@revu.sh.

Questions about this policy can be sent to support@revu.sh.

ReVu Systems is based in South Africa. These pages are intended to explain ReVu's platform rules, privacy practices and refund approach.