Sign Up

Privacy Policy

Our privacy policy and how we use your data

Effective Date: December 9, 2024

1. Introduction

ReviewSense.ai Ltd ("ReviewSense.ai", "we", "us", or "our"), a company registered in England and Wales, is committed to protecting your privacy and ensuring the security of your personal data.

This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you use our website at www.reviewsense.ai (the "Website") and our AI-powered review response platform, including related applications, APIs, and services (the "Platform", and together with the Website, the "Services").

We process personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the Privacy and Electronic Communications Regulations (PECR).

Please read this Privacy Policy carefully. By accessing or using our Services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our practices, please do not use our Services.

2. Data Controller Information

ReviewSense.ai Ltd is the data controller responsible for your personal data. If you have any questions about this Privacy Policy or our data practices, please contact us at:

ReviewSense.ai Ltd
Email: info@reviewsense.ai
Website: www.reviewsense.ai

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK supervisory authority for data protection:

Information Commissioner's Office
Website: ico.org.uk
Helpline: 0303 123 1113

3. Our Role: Controller and Processor

3.1 When We Act as a Controller

We act as a data controller for personal data we collect and process for our own purposes, including:

  • Account registration and management data (names, email addresses, billing information)
  • Website visitor data and analytics
  • Marketing communications (where you have opted in)
  • Customer support interactions
  • Security and audit logs

3.2 When We Act as a Processor

When you use our Platform to manage customer reviews and generate responses, we act as a data processor on your behalf. You (or your organisation) remain the data controller for:

  • Customer review data you import or sync to the Platform
  • Personal data contained within reviews (e.g., reviewer names, comments)
  • AI-generated responses before you publish them

Where we process personal data on your behalf as a processor, such processing is governed by our Data Processing Agreement (DPA), available upon request. If there is any conflict between this Privacy Policy and the DPA regarding data we process on your behalf, the DPA shall prevail.

4. Personal Data We Collect

4.1 Data You Provide Directly

Account and Registration Data

  • - Name and business name
  • - Email address
  • - Password (stored in encrypted form)
  • - Business address
  • - Phone number (optional)
  • - Job title or role
  • - Account preferences and settings

Billing and Payment Data

  • - Billing name and address
  • - Payment card details (processed securely by our payment provider; we do not store full card numbers)
  • - VAT number (where applicable)
  • - Transaction history

Communications Data

  • - Support tickets and enquiries
  • - Feedback and survey responses
  • - Email correspondence

Platform Content Data

  • - Business information you provide for AI response generation
  • - Brand guidelines and tone preferences
  • - Response templates you create
  • - Integration credentials for third-party review platforms

4.2 Data We Collect Automatically

Technical and Usage Data

  • - IP address
  • - Browser type and version
  • - Device type and operating system
  • - Referring website
  • - Pages visited and features used
  • - Date and time of access
  • - Session duration and interactions
  • - Error logs and performance data

Cookie and Tracking Data

We use cookies and similar technologies to collect data about your use of our Services. See Section 11 (Cookies and Similar Technologies) for more information.

4.3 Data from Third-Party Sources

  • Third-party review platforms: When you connect integrations (e.g., Google Business Profile, Facebook, Trustpilot), we receive review data including reviewer names (where public), review content, ratings, and timestamps
  • Authentication providers: If you sign in using third-party authentication (e.g., Google Sign-In), we receive basic profile information as permitted by your settings
  • Analytics providers: Aggregated usage statistics

4.4 Special Category Data

We do not intentionally collect special category data (such as data revealing racial or ethnic origin, political opinions, religious beliefs, health data, or sexual orientation). Customer reviews may occasionally contain such information; you are responsible for ensuring your use of any such data complies with applicable law.

5. Lawful Basis for Processing

Under the UK GDPR, we must have a lawful basis for processing your personal data. The lawful bases we rely on depend on the type of data and purpose of processing:

PurposeLawful Basis
Providing our Services and fulfilling our contract with youContract (Article 6(1)(b))
Processing payments and billingContract (Article 6(1)(b))
Account management and customer supportContract (Article 6(1)(b))
Sending service-related communicationsContract (Article 6(1)(b))
Sending marketing communicationsConsent (Article 6(1)(a))
Website analytics and improvementLegitimate Interests (Article 6(1)(f))
Platform analytics, diagnostics, and improvementLegitimate Interests (Article 6(1)(f))
Security, fraud prevention, and abuse detectionLegitimate Interests (Article 6(1)(f))
Compliance with legal obligationsLegal Obligation (Article 6(1)(c))
Establishing, exercising, or defending legal claimsLegitimate Interests (Article 6(1)(f))

5.1 Legitimate Interests

Where we rely on legitimate interests as our lawful basis, we have conducted a balancing test to ensure our interests do not override your fundamental rights and freedoms. Our legitimate interests include:

  • Operating, maintaining, and improving our Services
  • Understanding how our Services are used
  • Protecting our Services and users from security threats
  • Ensuring network and information security
  • Preventing fraud and enforcing our terms

You have the right to object to processing based on legitimate interests. See Section 8 (Your Rights) for more information.

6. How We Use Your Personal Data

6.1 To Provide and Operate Our Services

  • Creating and managing your account
  • Authenticating your access to the Platform
  • Processing and responding to your requests
  • Generating AI-powered review responses
  • Syncing with third-party review platforms
  • Processing payments and subscriptions
  • Providing customer support

6.2 To Communicate With You

  • Sending service-related notifications and updates
  • Responding to your enquiries and support requests
  • Sending marketing communications (only with your consent, and you can opt out at any time)
  • Notifying you of changes to our Services or policies

6.3 To Improve and Develop Our Services

  • Analysing usage patterns and trends
  • Diagnosing technical issues
  • Developing new features and functionality
  • Conducting research and analytics

6.4 To Ensure Security and Compliance

  • Detecting and preventing fraud, abuse, and security threats
  • Enforcing our Terms of Service
  • Complying with legal obligations
  • Responding to legal requests and protecting our rights

7. How We Share Your Personal Data

We do not sell your personal data. We may share your personal data in the following circumstances:

7.1 Service Providers and Processors

We engage trusted third-party service providers to help us operate our Services. These providers process personal data on our behalf and under our instructions, subject to appropriate data processing agreements. Categories include:

  • - Cloud hosting and infrastructure providers
  • - Payment processors
  • - Email and communication services
  • - Analytics providers
  • - Customer support tools
  • - Security and monitoring services

7.2 Third-Party Integrations

When you connect third-party review platforms (e.g., Google, Facebook, Trustpilot), we share necessary data to enable the integration as you have instructed. These third parties operate under their own privacy policies.

7.3 Legal Requirements

We may disclose your personal data if required to do so by law or if we believe in good faith that such disclosure is necessary to:

  • Comply with a legal obligation, court order, or legal process
  • Protect and defend our rights or property
  • Prevent or investigate possible wrongdoing
  • Protect the personal safety of users or the public

7.4 Business Transfers

In the event of a merger, acquisition, reorganisation, or sale of assets, your personal data may be transferred as part of that transaction. We will notify you of any such change and any choices you may have regarding your personal data.

7.5 With Your Consent

We may share your personal data with other parties where you have given us your explicit consent to do so.

8. Your Rights Under UK GDPR

Under the UK GDPR and Data Protection Act 2018, you have the following rights regarding your personal data:

8.1 Right of Access (Article 15)

You have the right to request a copy of the personal data we hold about you and information about how we process it.

8.2 Right to Rectification (Article 16)

You have the right to request that we correct any inaccurate personal data or complete any incomplete personal data.

8.3 Right to Erasure (Article 17)

You have the right to request that we delete your personal data in certain circumstances, such as when the data is no longer necessary for the purposes for which it was collected, or you withdraw your consent. For detailed instructions on how to remove your data, please see our Data Deletion Instructions.

8.4 Right to Restriction of Processing (Article 18)

You have the right to request that we restrict the processing of your personal data in certain circumstances, such as when you contest the accuracy of the data.

8.5 Right to Data Portability (Article 20)

You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another controller where technically feasible.

8.6 Right to Object (Article 21)

You have the right to object to processing of your personal data based on legitimate interests or for direct marketing purposes. Where you object to processing for direct marketing, we will stop processing your data for that purpose immediately.

8.7 Rights Related to Automated Decision-Making (Article 22)

You have the right not to be subject to decisions based solely on automated processing that produce legal or similarly significant effects. We do not currently use automated decision-making that produces such effects.

8.8 Right to Withdraw Consent

Where we rely on consent as the lawful basis for processing, you have the right to withdraw your consent at any time. This will not affect the lawfulness of processing carried out before your withdrawal.

8.9 How to Exercise Your Rights

To exercise any of these rights, please contact us at info@reviewsense.ai. We will respond to your request within one month. This period may be extended by up to two further months for complex requests, in which case we will inform you of the extension and the reasons for it.

We may need to verify your identity before processing your request. If your request is manifestly unfounded or excessive, we may charge a reasonable fee or refuse to act on it.

8.10 Right to Complain

If you are not satisfied with how we handle your request or have concerns about our data processing, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk/make-a-complaint.

9. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements.

9.1 Retention Periods

  • Account data: Retained for the duration of your account and for up to 6 years after account closure (to comply with legal and tax obligations)
  • Billing and transaction data: Retained for 7 years (as required by UK tax law)
  • Platform usage data: Retained for up to 2 years for analytics purposes, then anonymised or deleted
  • Marketing consent records: Retained for as long as you remain subscribed, plus 2 years after unsubscription
  • Support tickets: Retained for up to 3 years after resolution
  • Security logs: Retained for up to 1 year

9.2 Anonymisation

Where possible, we anonymise personal data that we no longer need to identify you. Anonymised data is not personal data and may be retained and used indefinitely for analytics, research, and service improvement.

10. International Data Transfers

ReviewSense.ai Ltd is based in England. However, some of our service providers may be located outside the United Kingdom and European Economic Area (EEA).

When we transfer personal data internationally, we ensure appropriate safeguards are in place in accordance with UK GDPR requirements, including:

  • - Transfers to countries with an adequacy decision from the UK Government
  • - UK International Data Transfer Agreement (IDTA) or UK Addendum to EU Standard Contractual Clauses
  • - Binding Corporate Rules (where applicable)

You may request a copy of the safeguards we use by contacting us at info@reviewsense.ai.

11. Cookies and Similar Technologies

11.1 What Are Cookies?

Cookies are small text files placed on your device when you visit our Website. They help us provide functionality, remember your preferences, and understand how you use our Services.

11.2 Types of Cookies We Use

Strictly Necessary Cookies

These cookies are essential for the Website to function and cannot be disabled. They include cookies for authentication, security, and load balancing.

Functional Cookies

These cookies enable enhanced functionality and personalisation, such as remembering your preferences and settings.

Analytics Cookies

These cookies help us understand how visitors use our Website by collecting information such as pages visited, time spent, and navigation patterns. We use this information to improve our Services.

Marketing Cookies

These cookies may be set through our Website by advertising partners to build a profile of your interests and show you relevant advertisements on other sites.

11.3 Your Cookie Choices

When you first visit our Website, you will be presented with a cookie consent banner where you can choose which categories of cookies to accept (except strictly necessary cookies, which cannot be disabled).

You can also manage cookies through your browser settings:

Please note that disabling certain cookies may affect the functionality of our Services.

11.4 Do Not Track

Our Website does not currently respond to "Do Not Track" browser signals. However, we respect Global Privacy Control (GPC) signals where applicable.

12. Security

We take the security of your personal data seriously and implement appropriate technical and organisational measures to protect it, including:

  • Encryption of data in transit (TLS/HTTPS) and at rest
  • Access controls and authentication mechanisms
  • Regular security assessments and vulnerability testing
  • Employee training on data protection and security
  • Incident response procedures
  • Regular backups and disaster recovery capabilities

While we strive to protect your personal data, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security.

13. Children's Privacy

Our Services are not intended for individuals under 18 years of age. We do not knowingly collect personal data from children. If we become aware that we have collected personal data from a child without appropriate consent, we will take steps to delete that information as soon as possible.

If you believe we have collected personal data from a child, please contact us at info@reviewsense.ai.

14. Third-Party Links and Services

Our Services may contain links to third-party websites, services, or integrations. This Privacy Policy does not apply to those third-party services, which operate under their own privacy policies. We encourage you to review the privacy policies of any third-party services you use.

We are not responsible for the privacy practices or content of third-party websites and services.

15. AI and Automated Processing

15.1 How We Use AI

Our Platform uses artificial intelligence to generate suggested responses to customer reviews. This involves:

  • Analysing review content to understand sentiment and context
  • Using your business information and preferences to tailor responses
  • Generating draft responses for your review and approval

15.2 No Automated Decision-Making

We do not use AI or automated processing to make decisions that produce legal or similarly significant effects on you. All AI-generated responses are suggestions for your review, and you maintain full control over whether to use, edit, or discard them.

15.3 AI Model Training

We do not use your personal data or customer data to train third-party AI models. We may use anonymised and aggregated data to improve our own AI capabilities, but such data cannot be used to identify you or your customers.

15.4 Google Limited Use Disclosure

ReviewSense's use and transfer to any other app of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.

15.5 Meta Limited Use Disclosure

ReviewSense's use and transfer to any other app of information received from Meta APIs will adhere to the Meta Platform Terms and Developer Policies, including the requirements regarding the limited use of user data.

16. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, Services, or legal requirements. When we make material changes, we will:

  • Update the "Effective Date" at the top of this Policy
  • Notify you by email or through a prominent notice on our Services (for significant changes)
  • Provide you with the opportunity to review changes before they take effect, where required by law

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your personal data.

17. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

ReviewSense.ai Ltd
Email: info@reviewsense.ai
General Enquiries: info@reviewsense.ai
Website: www.reviewsense.ai

For data protection enquiries or to exercise your rights, please email info@reviewsense.ai with the subject line "Data Protection Request".