Introduction & Data Questions
Common questions about ReviveAI's data handling and security policies and processes.
Data Integrity and Storage in ReviveAI
ReviveAI places the utmost importance on data integrity, privacy, and compliance with data protection regulations. This document explains how ReviveAI handles data in relation to Data Questions, ensuring that all collected information is stored securely and processed in accordance with data protection laws. Additionally, it clarifies the roles of the Data Processor and Data Controller in handling customer data within the ReviveAI ecosystem.
Data Controller and Data Processor Roles
In the context of data management, it is important to understand the distinction between a Data Controller and a Data Processor:
-
Data Controller: The entity (typically the client or customer) that determines the purposes and means of processing personal data. As the Data Controller, you are responsible for ensuring that all data collection and processing complies with applicable data protection laws.
-
Data Processor: ReviveAI acts as a Data Processor, meaning that we process personal data on behalf of the Data Controller (you, the customer). As the Data Processor, we adhere to your instructions regarding how data should be collected, stored, and processed.
ReviveAI does not control how the data is used or make decisions on its collection beyond the scope of the agreed-upon contractual arrangements. Our role is limited to processing the data as directed by the Data Controller.
Ensuring Data Integrity
ReviveAI is committed to maintaining data integrity to ensure that the data collected during interactions remains accurate, consistent, and up to date. This is crucial for driving successful AI-agent interactions, lead qualification, and providing the best user experiences.
Key Data Integrity Practices:
-
Accurate Data Collection: ReviveAI ensures that the data collected via Data Questions is captured in real-time and is relevant to the interaction context. The AI agent will prompt the user for any missing or critical information during the conversation.
-
Data Validation: As part of our system, ReviveAI includes built-in validation checks to ensure that the data provided by users conforms to the required format (e.g., email addresses, phone numbers, dates) and meets the necessary quality standards.
-
Error Handling: If incorrect or inconsistent data is collected, the system prompts users to correct it, ensuring that data accuracy is maintained throughout the conversation.
Data Storage and Security
ReviveAI adheres to industry-leading standards for the storage and security of personal data. All collected data is stored in secure databases, with multiple layers of protection to prevent unauthorized access, tampering, or loss of data.
Key Data Storage Practices:
-
Data Encryption: All sensitive data is encrypted both in transit and at rest, ensuring that it remains protected while being transferred or stored.
-
Access Controls: We enforce strict access controls to ensure that only authorized personnel have access to the data. This minimizes the risk of unauthorized access or accidental data breaches.
-
Data Retention Policies: ReviveAI follows data retention policies that dictate how long data is stored, ensuring compliance with your requirements and any applicable data protection laws. You can configure data retention periods based on the needs of your business or specific regulatory requirements.
Data Storage Locations
ReviveAI stores data using Microsoft Azure using UK South (London) and UK West (Cardiff) Data Centres.
If clients are based outside the UK then a region specific data centre, within the Azure infrastructure, will be used in place of UK based data centres.
Data Processing Under GDPR and Compliance
As a Data Processor, ReviveAI is fully committed to complying with all relevant data protection laws, including the General Data Protection Regulation (GDPR), when processing personal data. Under GDPR, the responsibility of handling data must be clearly outlined between the Data Controller and Data Processor.
ReviveAI's processing of data is governed by a Data Processing Agreement (DPA), which outlines the following:
-
Purpose of Data Processing: ReviveAI processes data solely for the purpose of providing the services outlined in your agreement (e.g., handling interactions via AI agents, lead qualification, data validation).
-
Data Subject Rights: The Data Controller (you) is responsible for ensuring that data subjects (your users, customers, prospects) are informed about the collection and processing of their data, and for ensuring that data subject rights (such as access, correction, and deletion) are respected.
-
Third-Party Transfers: If data needs to be transferred to third parties, ReviveAI ensures that these transfers comply with applicable data protection laws, providing adequate safeguards where necessary.
-
Subprocessors: In the event that ReviveAI engages any subprocessors (third parties who help us process data), we ensure that they adhere to the same level of data protection standards and are bound by appropriate contracts.
Data Retention Policy
1. What data we hold
When you use the ReviveAI platform, we process personal data relating to the individuals your business communicates with through our service. This typically includes:
- Contact details — primarily mobile telephone numbers used to route messages.
- Message content — the content of inbound and outbound SMS conversations between your business and its contacts.
- Engagement records — a history of contact and interaction activity on the platform.
We process this data on your behalf, acting as your data processor under our Data Processing Agreement.
2. Retention during an active client relationship
We retain all data processed on your behalf for the full duration of our working relationship with you. We do not delete or archive data while your account is active.
This is necessary for the platform to function effectively. Our agents rely on the full history of prior conversations and contact records to handle enquiries from individuals who return at a later date. Without access to that history, we would be unable to provide a consistent and informed service on your behalf.
Data subject erasure requestsWhere an individual whose data we hold on your behalf exercises their right to erasure under UK GDPR, this will be handled in accordance with your Data Processing Agreement. You, as data controller, will be notified of any such request and we will act on your confirmed instruction.
3. Deletion at the end of the client relationship
When our relationship with you ends — whether by mutual agreement, expiry of contract, or otherwise — we retain your data for a period of up to 30 days from the date the relationship formally closes.
This 30-day window exists for your benefit. It gives you the opportunity to retrieve any records, exports, or information you may need before permanent deletion takes place. We will not use your data for any other purpose during this period.
At the end of the 30-day period, all personal data processed on your behalf will be permanently deleted from our live systems.
Backup dataData held in system backups may persist for a short additional period — typically no longer than 30 days — before being overwritten as part of our standard backup rotation. Backup data is not accessible for operational use during this window.
4. Requesting earlier deletion
If you require deletion of your data before the 30-day period has elapsed, you may request this at any time by contacting us at [email protected]. We will action confirmed deletion requests within 5 business days and provide written confirmation once complete.
5. Custom retention arrangements
If your organisation operates under specific regulatory or contractual retention requirements, we are able to agree a tailored retention schedule as an addendum to your Data Processing Agreement. Custom arrangements take precedence over this standard policy.
Please contact [email protected] to discuss your requirements.
📞 Contact ReviveAI Support
If you have any questions or need assistance with data handling, data questions, or compliance requirements, please don’t hesitate to contact our support team at [email protected].
ReviveAI’s team is here to ensure that your use of our platform is fully compliant and aligned with the best data protection practices.
Updated 6 days ago
