Privacy Policy

Information we collect

We collect the following categories of personal information:

Account information: name, email address, business name, password (stored as a hash by our authentication provider).

Business settings: service area, business hours, sender name, review link, and other workspace configuration.

Customer contact records: contact names, phone numbers, email addresses, stage, message history, consent records, and opt-out status that RevenuePilot customers upload or enter.

Message content: drafts, approved messages, delivery status, replies, and bounce or complaint events.

Billing information: subscription plan, billing status, and Stripe customer identifiers. Card numbers are handled directly by Stripe and are not stored by RevenuePilot.

Support and operational data: emails to support, system logs, and abuse signals.

How we use information

We use information to provide RevenuePilot accounts, prepare follow-up drafts, send approved messages, manage subscriptions, prevent abuse, and improve reliability.

Text messages are sent only after a business has confirmed it has permission to contact the customer or the customer has otherwise requested follow-up.

SMS consent records, opt-out status, and delivery events are used to honor customer choices and to send only approved service-related follow-up.

SMS terms and data sharing

Program name: RevenuePilot customer follow-up.

Message types: appointment follow-up, quote follow-up, missed lead replies, booking reminders, review requests, and related customer service communication.

Message frequency: message frequency varies based on the customer relationship and the configured follow-up plan.

Message and data rates: message and data rates may apply.

Help and opt-out: customers can reply HELP for help and STOP to opt out at any time. After STOP, no further SMS will be sent unless the customer replies START where supported.

No mobile-data sharing: mobile opt-in data, phone numbers, and SMS consent records are not sold or shared with third parties or affiliates for their marketing or promotional purposes. This restriction applies even if the underlying business chooses to share information for its own purposes.

Service providers we share data with

We share limited data with the following service providers to deliver the service. None of these providers receive mobile opt-in data for their own marketing.

Vercel — web hosting and edge delivery.

Supabase — database, authentication, and account storage.

Stripe — subscription billing and payment processing.

Twilio — SMS delivery, opt-out tracking, and inbound messaging.

Telnyx — backup SMS delivery, where configured.

Resend — transactional and follow-up email delivery.

OpenAI — AI message drafting and reply suggestions, where the customer enables AI features. Customer message content sent to OpenAI is governed by OpenAI's no-training policy for API usage.

We do not sell personal information.

Your choices and rights

Customers can reply HELP for help, STOP to opt out, and START to resume where supported.

You can request access to, correction of, or deletion of your account information by emailing support@tryrevenuepilot.com. We will respond within 30 days.

You can export or remove customer records in your RevenuePilot account at any time. You are responsible for keeping your customer consent records accurate.

If you are in a jurisdiction with privacy rights such as the EU, UK, California, Colorado, Connecticut, Utah, Virginia, or other state-level privacy laws, you have additional rights including the right to know, delete, correct, port, and opt out of the sale or sharing of your personal information. We do not sell personal information; you may exercise the other rights by contacting us.

Data retention

We retain account, business settings, and customer contact records for as long as your account is active.

Provider event logs (delivery status, bounce, complaint, opt-out) are retained for at least 24 months to support compliance audits.

Opt-out records and unsubscribe events are retained indefinitely so we never re-message a customer who said no.

Account-level data is deleted within 30 days of a verified deletion request, except for records we are required to keep to meet legal obligations or resolve disputes.

Contact us

For privacy, account, or support requests, email support@tryrevenuepilot.com.

For security disclosures, email security@tryrevenuepilot.com.

General questions can be sent to hello@tryrevenuepilot.com.

Security

We use access controls, encrypted transport, encrypted storage, and operational safeguards to protect account and message data. Despite these measures, no service can be fully secure. Report suspected vulnerabilities to security@tryrevenuepilot.com.

Updates to this policy

We will post material updates to this policy on this page. Continued use of RevenuePilot after a posted update constitutes acceptance of the updated policy.