PERSONAL DATA PROTECTION POLICY
Review-Collect.com
Last updated: July 17, 2025
βReview-Collect is committed to protecting your personal data in accordance with the RGPD and French regulations. This policy informs you transparently about our data protection practices.
β
1. DATA CONTROLLER
REVCOL TECHNOLOGY LLC (dba Review Collect)
Head Office: 1309 Coffeen Ave Ste 1200, Sheridan, WY 82801, United States
EIN: 352846891
Contact: karim@review-collect.com
Telephone: +33 7 56 90 25 83
βData Protection Officer (DPO):
π§ dpo@review-collect.com
2. DATA COLLECTED AND PURPOSES
2.1 Business customer data
Data collected:
βName, first name, professional email
Company name and function
Business phone
Billing data
βPurposes:
βProvision of Review-Collect services
Invoicing and commercial follow-up
Technical support
βLegal basis: Execution of the contract
β2.2 End consumer data
ββ οΈ Legal status: Review-Collect acts like subcontractor for its customers
β
βData processed on behalf of our customers:
βName, first name, consumer email
Reviews and comments
Order references
Phone number (if SMS/Whatsapp)
βPurpose: Customer feedback collection only
βResponsibility: Our customers are responsible for processing and must obtain the appropriate legal bases
3. DATA SECURITY
3.1 Technical measures
Secure hosting : AWS Paris region (France)
βEncryption : AES-256 for all sensitive data
βAuthentication : Multi-factor mandatory
βBackups : Daily and numerical
β3.2 Organizational measures
βAccess limited to authorized persons only
RGPD team training
Documented security procedures
Access monitoring
β3.3 Certificates
ISO 27001 : Information Security
βSOC 2 Type II : Security checks
Regular security audits
β
4. DATA RETENTION
β
Data type
Duration
βBusiness customer data
Contract duration + 5 years
End consumer data: 6 months maximum
Anonymized reviews up to 24 months
12-month security logs
βAutomatic removal according to the durations defined above.
β
5. YOUR RGPD RIGHTS
βYou have the following rights:
β
β5.1 Rights available
Access : Know your processed data
βRectification : Correct your data
βErasure : Delete your data
βPortability : Recover your data
βOpposition : Oppose the treatment
β5.2 Exercising your rights
E-Mail: dpo@review-collect.com
Response time: 30 days maximum
β
6. DATA SHARING
β
6.1 Subcontractors
AWS : Accommodation (France)
βStripe : Secure payments
Brevo: Sending transactional emails and SMS (France)
Meta : Sending what's app transactional messages (Ireland)
All with RGPD subcontracting agreements
β
β6.2 No sale
βWe never sell your personal data.
β
7. INTERNATIONAL TRANSFERS
β
Principle: All data is hosted in France (EU)
βGuarantees: In the event of an exceptional transfer, European Commission standard contractual clauses
8. COOKIES
8.1 Cookies used
essentials : Operation of the site
βAnalytics : Usage statistics (Google Analytics)
βPreferences : User settings
β8.2 Management
βConfiguration possible in your browser or via our consent banner.
9. DATA BREACHES
9.1 Procedure
βIn the event of a security incident:
Detection and qualification within 4 hours
CNIL notification within 72 hours if applicable
Information for those concerned if there is a high risk
β
β9.2 Remedial actions
βImmediate correction of faults
Reinforcement of security measures
Detailed report to affected customers
β
10. CONTACT
10.1 GDPR questions
βπ§ DPO: dpo@review-collect.com
π§ Bracket: support@review-collect.com
π Phone: +33 7 56 90 25 83
β10.2 Complaints
Mediation: Contact our DPO first
Supervisory authority: CNIL - www.cnil.fr
11. EVOLUTION OF THIS POLICY
Changes: Email notification 30 days before major change
βVersions: History available on request
This policy is in accordance with the RGPD (EU 2016/679) and the French law βInformatique et LibertΓ©sβ.
βVersion 2.0 - July 2025ββ