Data Security & Privacy FAQs

Will you use my data to build advertising products or sell it to third parties?
No. Revuva does not sell or rent your data. We only use your data to provide and improve the services you subscribe to.

Will you disclose or sell the data and PII that I provide you about my customers?
No. The customer information you provide us is used solely to deliver your Revuva services (e.g. review management, messaging, automation). It is never sold, traded, or used for unrelated marketing purposes.

How is my password secured?
Passwords are encrypted using industry-standard one-way hashing with unique salts (bcrypt). This means only you know your password value. Where required, encryption is backed by 2FA (two-factor authentication). Access and changes are strictly controlled and logged.

How do you protect Credit Card and Financial Information?
Revuva does not store your credit card details. Payments are securely processed via our PCI-compliant provider (Stripe). Only a secure token is stored in our systems. We do not collect or store personal financial data, Medicare numbers, or government ID numbers.

How can I protect my Revuva account?

• Do not share your login credentials.
  
  
  

• Use a strong password with at least 8 characters, including numbers, upper/lower case letters, and a symbol.
  
  
  

• Enable 2FA (two-factor authentication).
  
  
  

• Update your password regularly.
  
  
  

Where is my data stored?
All customer data is securely hosted on cloud infrastructure in the United States, using Google Cloud Platform and Amazon Web Services (AWS). These providers maintain independently audited certifications such as SOC 2 Type II and ISO 27001.

What security is in place at your data centres?
Revuva relies on AWS and Google Cloud compliance programs. Their infrastructure is certified under global standards including:

• ISO 27001
  
  
  

• SOC 1, SOC 2, SOC 3
  
  
  

• PCI DSS Level 1
  
  
  

• FedRAMP
  
  
  

• FIPS 140-2
  These certifications cover physical, environmental, and infrastructure security.
  
  
  

Is the data flowing between Revuva and the cloud secured?
Yes. All communication between our systems and your devices is encrypted in transit using TLS 1.2/1.3 and 2,048-bit keys or stronger. Data is also encrypted at rest using AES-256.

Are you HIPAA compliant?
Revuva’s underlying infrastructure (AWS/GCP) supports HIPAA compliance. Our platform can be configured to meet HIPAA requirements where applicable. A Business Associate Agreement (BAA) may be requested if required.

Are you PCI compliant?
Yes. Revuva itself does not store cardholder data. We leverage PCI DSS-compliant payment providers (Stripe) for all transactions.

Do you do background checks on your employees?
Yes. All employees undergo background checks and reference verification before hire. They are required to complete cybersecurity awareness training and sign confidentiality agreements.

Where can I learn more about protecting my privacy and security on Revuva?
You can read our full Privacy Policy and Terms of Service. This document is a quick FAQ guide — for more detailed information about our data handling, retention, and breach response, please refer to those policies.