Privacy Policy

Last updated: January 19, 2025

At RevenuePilot, we take your privacy seriously. This Privacy Policy explains how we collect, use, protect, and share your personal information when you use our service.

1. Information We Collect

1.1 Account Information

When you create an account, we collect:

  • Email address
  • Full name (optional)
  • Password (encrypted)

1.2 Payment Platform Connections

When you connect payment platforms (Stripe, Razorpay), we collect:

  • OAuth access tokens (encrypted and stored securely)
  • Payment platform account IDs
  • Revenue and transaction data for analytics

Note: We use read-only OAuth access and never have access to process payments or withdraw funds from your payment platform accounts.

1.3 Usage Data

We automatically collect:

  • Device information (browser type, operating system)
  • IP address
  • Pages visited and features used
  • Date and time of access

2. How We Use Your Information

We use your information to:

  • Provide and maintain the RevenuePilot service
  • Fetch and analyze revenue data from your connected payment platforms
  • Process your subscription payments
  • Send important service updates and notifications
  • Improve our service and develop new features
  • Respond to your support requests
  • Detect and prevent fraud or abuse

3. Data Protection & Security

We implement industry-standard security measures:

  • Encryption: OAuth tokens and sensitive data are encrypted at rest
  • HTTPS: All data transmission uses SSL/TLS encryption
  • Access Control: Row-level security (RLS) policies protect your data
  • Regular Audits: We regularly review our security practices

4. Third-Party Services

We use the following third-party services:

  • Supabase: Database and authentication (USA, GDPR-compliant)
  • Razorpay: Payment processing for subscriptions (India)
  • Vercel: Application hosting (Global CDN)
  • PostHog: Privacy-focused analytics (optional, can be disabled)
  • Stripe & Razorpay APIs: Revenue data fetching (read-only access)

5. Your Rights (GDPR)

You have the right to:

  • Access: Request a copy of your personal data
  • Correction: Update inaccurate or incomplete data
  • Deletion: Request deletion of your account and data
  • Export: Download your data in a portable format
  • Object: Opt-out of analytics tracking
  • Withdraw Consent: Disconnect payment platforms at any time

To exercise these rights, contact us at support@revenuepilot.me

6. Cookies & Tracking

We use cookies for:

  • Authentication: Keep you logged in securely
  • Preferences: Remember your settings
  • Analytics: Understand how you use RevenuePilot (via PostHog)

You can disable cookies in your browser settings, but some features may not work properly.

7. Data Retention

We retain your data as long as your account is active. When you delete your account:

  • Personal data is deleted within 30 days
  • OAuth tokens are immediately revoked
  • Billing records are retained for 7 years (legal requirement)

8. Children's Privacy

RevenuePilot is not intended for users under 18 years old. We do not knowingly collect personal information from children.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or through the service. Continued use of RevenuePilot after changes constitutes acceptance of the updated policy.

10. Contact Us

If you have questions about this Privacy Policy or how we handle your data, please contact us:

Email: support@revenuepilot.me

Privacy Policy - RevenuePilot