Privacy Policy

We use the information we collect to:

• Provide, operate, and maintain the Service.
• Process subscription transactions and send related notices (invoices, receipts, renewal reminders, trial-expiry warnings).
• Process customer payments through Stripe Connect and collect applicable platform fees.
• Send transactional emails (quotes, invoices, magic-link portal invitations) that you or your end customers initiate through the Service.
• Synchronize the business records you have created in the Service with third-party bookkeeping or accounting software you have explicitly connected.
• Respond to support requests and communicate with you about the Service.
• Monitor and improve the Service, including debugging and performance analysis.
• Detect, prevent, and respond to fraud, abuse, or security incidents.
• Comply with legal obligations.

We do not sell your personal information or your customers' business data to third parties, and we do not use your business data for advertising purposes.

We may share your information with:

• Service providers (sub-processors)— third-party vendors who assist in operating the Service. These providers are contractually bound to use your data only to provide services to us:
  • Supabase — database hosting, authentication, row-level security.
  • Vercel — application hosting and edge network.
  • Resend — transactional email delivery.
  • Stripe and Stripe Connect — subscription billing and customer payment processing.
  • Sentry — application error monitoring.
  • Intuit — QuickBooks Desktop and QuickBooks Online integrations, only when you connect them.
  • Xero Limited — Xero integration, only when you connect it.
• Legal requirements— if required by law, court order, or governmental authority, or to protect the rights, safety, or property of Revora Labs or others.
• Business transfers— in connection with a merger, acquisition, or sale of assets, your information may be transferred. We will notify you before your information is transferred and becomes subject to a different privacy policy.

A current list of sub-processors is available on request at privacy@revorahq.com.

We retain your account information and business data for as long as your account is active or as needed to provide the Service. If you terminate your account, we will delete or anonymize your data within 90 days, except where we are required by law to retain specific records longer (for example, financial records relating to platform-fee transactions).

Portal session records are automatically purged 30 days after session expiry. Magic-link tokens are single-use and are marked consumed or expired at the moment of first use or at their configured expiry, whichever comes first.

Data exchanged with bookkeeping integrations is retained according to the same rules as the underlying business records. The synchronization audit log (request and response metadata for every sync attempt) is retained for 90 days for support and reconciliation purposes, then automatically purged. Disconnecting a bookkeeping integration revokes our stored credentials and cancels any in-flight sync jobs; previously synced records remain in both systems until you delete them in each system separately.

We implement industry-standard measures to protect your information, including:

• Encryption in transit using TLS 1.2 or higher on all endpoints.
• Encryption at rest for database storage through our hosting provider.
• Row-level security (RLS) enforced at the database level on every table, scoped by organization.
• Server-side JWT validation on every authenticated request (no cookie-only trust).
• SHA-256 hashing of portal magic-link tokens before storage.
• Encrypted storage of third-party OAuth refresh tokens via Supabase Vault (built on libsodium AEAD encryption). QuickBooks Desktop Web Connector passwords are stored as one-way hashes.
• HttpOnly, Secure, SameSite-Lax session cookies for both main-app and portal sessions.
• Audit trails (security_events, order_status_history, order_edit_log, portal_audit_log) for sensitive actions.

No method of transmission over the Internet is 100% secure, and we cannot guarantee absolute security.

RevoraHQ is a multi-tenant platform. Your organization's data is logically isolated from other organizations' data using row-level security policies enforced at the database level, keyed by org_id on every table. Your data is never accessible to other tenants.

The Customer Portal uses a separate authentication model (portal sessions, not Supabase auth users) and adds a second layer of isolation via portal-scoped RLS policies that check the current portal context before returning any row.

If you enable the Customer Portal for your organization, your end customers may create portal sessions and view invoices, quotes, and related documents you have shared with them. When your end customer uses the portal:

• You (the RevoraHQ account holder) are the data controller for your end customer's information.
• Revora Labs acts as the data processor on your behalf, limited to the purposes described in this policy.
• Your end customers should be directed to your own privacy notice for questions about how you use their data.
• Revora Labs will not contact your end customers for marketing purposes.

Depending on your location, you may have the right to access, correct, delete, or export your personal information. To exercise these rights, contact us at privacy@revorahq.com.

If you are in the European Economic Area, United Kingdom, or California, you may have additional rights under GDPR, UK GDPR, or CCPA/CPRA respectively. We will respond to verified requests within 30 days.

You can revoke our access to a connected bookkeeping or accounting service at any time by disconnecting the integration from the Integrations settings page. Disconnecting deletes the stored credentials, halts further data exchange, and writes an audit-log entry recording the disconnect.

We use cookies solely for authentication:

• Supabase session cookies (main application) — managed by Supabase SSR.
• __revora_portal_session (customer portal) — httpOnly, Secure, SameSite=Lax.

We do not use tracking or advertising cookies. You can disable cookies in your browser settings, but doing so will prevent you from signing in to the Service.

The Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children.

The Service is hosted in the United States. If you access the Service from outside the United States, your information will be transferred to and processed in the United States. By using the Service, you consent to this transfer.

We may update this Privacy Policy from time to time. When we do, we will update the effective date at the top of this page and notify active account holders by email. Continued use of the Service after changes constitutes acceptance of the updated policy.

If you have questions about this Privacy Policy or our data practices, please contact us at: