Revvlow Tech Pvt. Ltd. | Privacy Policy

Version: 1.0.0

Effective Date: 2026-03-03

Last Updated: 2026-05-05

1. Overview & Contact

Revvlow Tech Pvt. Ltd. ("Company", "we", "us") is the Data Controller for personal data collected through the Revvlow platform, including the Consumer and Vendor Apps. We operate primarily within Nepal.

• Privacy Contact: privacy@revvlow.com

• General Enquiries: support@revvlow.com

• Response Time: Within 30 days of a verified request.

• Policy URL: www.revvlow.com/privacy-policy

2. Data Collection

We collect data necessary to provide our services. The type of data depends on your account type:

A. Consumer Data

Category

Examples

Primary Purpose

Identity & Contact

Name, email, phone number

Account creation & support

Transaction

Order history, Surprise Bag records

Order processing & receipts

Location

IP-based (approximate); GPS (precise)

Showing nearby Vendor listings

Usage & Technical

OS version, IP, crash logs, interactions

Diagnostics & platform improvement

Preferences

Dietary preferences, favorite Vendors

Improving listing relevance

B. Vendor Data

Category

Examples

Primary Purpose

Identity & Contact

Rep name, email, phone number

Account setup & operations

Store Profile

Business description, hours, category

Public-facing store profile

Operational

Listing creation, pricing, windows

Order management

Financial

Revenue summaries, payout records

Settlements & tax reporting

3. Legal Basis for Processing

We process data under the following legal frameworks, including the Individual Privacy Act, 2075 (Nepal) and, where applicable, the GDPR.

• Performance of a Contract: To deliver the services you requested (e.g., fulfilling an order).

• Legitimate Interests: For fraud prevention, security, and app analytics.

• Consent: For precise GPS access or marketing communications.

• Legal Obligation: To comply with tax laws or regulatory requests.

4. Data Sharing & Transfers

We do not sell your personal data. We only share it with:

• Vendors: Consumers' first names and order details are shared to fulfill pickups.

• Consumers: Public Vendor profiles are visible to all users.

• Service Providers: Cloud hosting and anonymized analytics tools.

• Legal Authorities: When required by law or to protect user safety.

International Transfers: Data is primarily stored in Nepal. If transferred abroad (e.g., to global cloud providers), we use contractual protections to ensure your data remains secure.

5. Retention & Deletion

We keep your data only as long as necessary:

• Active Accounts: For the duration of the relationship.

• Financial Records: 7 years (for tax and audit purposes).

• Support Queries: 2 years.

• Account Deletion: Data is anonymized or deleted within 30 days of a verified request (Settings > Account > Delete Account).

6. Your Rights

You have the right to:

1. Access & Rectify: Request a copy of or correct your data.

2. Erasure: Request data deletion (where legal obligations allow).

3. Data Portability: Receive your data in a machine-readable format.

4. Withdraw Consent: Stop GPS tracking or marketing at any time.

7. Security & Governance

We utilize industry-standard measures to protect your information:

• Encryption: Data is encrypted in transit (TLS/HTTPS) and at rest.

• Access Control: Strict role-based limits on who can view personal data.

• Governance: We adhere to principles of data minimization, accuracy, and accountability.

Children’s Privacy: Our services are not directed at children under 16. We do not knowingly collect data from this age group.

Policy Changes: Material changes will be notified via the app at least 14 days before taking effect.