Privacy Policy
Last updated: July 8, 2026
Who we are
Revko LLC (“Revko,” “we,” “us”) provides software-enabled communications, scheduling, and workflow tools for service-business operators, including the Maya platform. Our principal place of business is 351 Paseo Nuevo, #1017, Santa Barbara, California 93101.
This Privacy Policy describes how we collect, use, share, and protect personal information.
Two roles, two scopes
We handle personal information in two distinct roles:
- As a Business — when you sign up for Revko, visit our website, or engage our services. In this role, you are our customer, and we collect personal information about you and your business.
- As a Service Provider — when our customer (a contractor or service business) uses Maya to communicate with their end customers. In this role, the contractor is the “Business” under California law, and we process personal information on the contractor’s behalf, not for our own purposes. Our handling of this information is governed by our Data Processing Addendum with the contractor.
This Policy primarily covers Role 1. For Role 2, the contractor’s own privacy policy applies to their end customers; we contractually commit to act only as a Service Provider as defined under the California Consumer Privacy Act (CCPA).
What we collect (Role 1 — Revko as Business)
When you sign up for Revko or use our website, we may collect:
| Category | Specific items | When collected |
|---|---|---|
| Identifiers | Name, business name, email, phone number, business address | At signup |
| Customer records | Billing information (collected by Stripe on our behalf), trade, service area | At signup and during your subscription or engagement |
| Commercial information | Plan or engagement tier selected, payment and transaction history, subscription and account status | During the customer relationship |
| Internet activity | Browsing actions on revko.co, device type, IP address, referring URL | When you visit our website |
| Geolocation | Approximate location derived from IP address | When you visit our website |
| Sensory data | Recordings of calls between you and our team for quality and training purposes, where you have been notified | During support, onboarding, and sales or outreach calls, where you have been notified |
| Inferences | Insights drawn from your use of Revko (e.g., engagement level, feature usage) | During the customer relationship |
| Account credentials | Login credentials, multi-factor authentication tokens — sensitive personal information under CPRA | When you create an account |
When Revko records a call with you (such as during onboarding, customer support, or a sales or outreach call our team places to you), we provide an audible notice at the start of the call so you have the opportunity to consent to or decline recording. If you decline, we will proceed without recording.
Sources of personal information
We collect personal information from:
- You directly (signup forms, email communications, support requests)
- Your device and browser (cookies, analytics)
- Service providers acting on our behalf (e.g., Stripe for payment data)
- Public sources (business directories) for outbound prospecting purposes only
Business purposes for collection
We use personal information to:
- Provide, operate, and improve the Revko service and the Maya platform
- Process payments (including recurring monthly billing) and manage your account, subscription, and engagements
- Communicate with you about your account, service updates, and support
- Send marketing communications (only with your consent or where permitted by law)
- Detect and prevent fraud, abuse, and security incidents
- Comply with legal obligations
We do not use your sensitive personal information (account credentials) for purposes other than performing the service or as authorized by you.
Text messaging
If you opt in to text messages from Revko — by providing your mobile number at signup, by texting our business number first, or by agreeing during a call — we may send you recurring text messages related to your account and service, such as lead notifications, onboarding and appointment reminders, service updates, and customer-care replies. Message frequency varies. Message and data rates may apply. Reply STOP to any message to opt out, or HELP for help; you can also email legal@revko.co to stop or get help.
We do not sell your mobile opt-in information or phone number, and we do not share it with third parties for their own marketing. Mobile opt-in data is used only to send you the messages described above.
What we collect on behalf of contractors (Role 2 — Revko as Service Provider)
When a contractor uses Maya to communicate with their end customers, Maya processes:
- End customer name (if shared by the end customer)
- End customer phone number
- End customer email (if shared)
- Content of calls, text messages, and other communications between the end customer and Maya
- Audio recordings of inbound calls handled by Maya
- Scheduling and appointment information
- Other information the end customer provides in the course of the communication
Where calls handled by Maya are recorded, Maya plays an audible recording disclosure at the start of the call. The contractor is responsible for providing any additional recording notice its callers are owed under applicable law. Revko processes these recordings solely on the contractor’s behalf as its service provider and does not use them for any independent purpose.
Neither Revko nor its voice-processing sub-processors create, collect, or retain voiceprints or other biometric identifiers from call audio. Call audio is processed for transcription and language understanding only.
For this category of information, the contractor is the Business under CCPA, not Revko. We process this information only to perform the Maya service for the contractor, only on the contractor’s documented instructions, and we do not retain, use, or disclose it for our own purposes. End customers with questions about how their information is handled should contact the contractor directly.
Who we share information with (sub-processors)
We share personal information with the following categories of sub-processors, all bound by contractual data-protection obligations appropriate to the services they provide:
| Sub-processor | Purpose |
|---|---|
| Cloud infrastructure — AWS, Vercel, Fly.io | Hosting, compute, storage |
| Database — Supabase | Customer records, application data |
| Payment processing — Stripe | Billing and payment links |
| Telephony — Twilio, Retell, Sendblue | Inbound/outbound voice and messaging |
| AI inference — Anthropic, OpenAI | Language understanding for the Maya platform |
| Transcription — Deepgram | Speech-to-text for call processing |
| Email — Resend, SmartLead, Google Workspace | Transactional, operational, and marketing email |
| Product analytics — PostHog | Aggregated usage data for product improvement |
| Website analytics — Google Analytics | Aggregated visitor analytics on revko.co |
| Customer support and CRM — internal Supabase | Support ticketing and customer history |
We maintain a current list of sub-processors available to enterprise customers upon written request to legal@revko.co. We require all sub-processors to maintain data protection practices consistent with this Policy and our contractual obligations.
We do not use your personal information, or end-customer information processed on a contractor’s behalf, to train artificial-intelligence models, and we do not permit our AI sub-processors to use this information to train their models.
We do not sell or share your personal information
Revko does not sell or share personal information in exchange for monetary or other valuable consideration, as those terms are defined under California Civil Code § 1798.140(ad) and § 1798.140(ah). We do not engage in cross-context behavioral advertising as defined under § 1798.140(k). Our analytics providers are configured with ads-personalization and audience-sharing features disabled, so that they may use the data only to provide services to us and not for their own advertising purposes.
Data retention
We retain personal information for as long as necessary to provide the service and as required by law. Specific retention practices:
| Category | Retention |
|---|---|
| Active customer account data | For the duration of your subscription or engagement with Revko |
| Customer account data after your subscription ends, your engagement is completed, or your account is closed | Deleted within 60 days, except where retention is required by law or for legal claims |
| Backup and archival systems | Up to 90 days, then deleted in the normal backup rotation |
| Marketing and prospect data | Until you unsubscribe or request deletion |
| Aggregated and anonymized data | Retained indefinitely (no longer identifies any individual) |
For end-customer data processed by Maya on a contractor’s behalf, retention is governed by the contractor’s instructions under our Data Processing Addendum, with default deletion within 60 days of contractor request or contract termination.
Your rights under California law
If you are a California resident, you have the following rights under the CCPA, as amended by the CPRA:
- Right to know. You may request information about the categories and specific pieces of personal information we have collected about you, the categories of sources, the business or commercial purposes for collection, and the categories of third parties with whom we share information.
- Right to delete. You may request that we delete personal information we have collected from you, subject to certain exceptions (such as information needed to complete a transaction or comply with a legal obligation).
- Right to correct. You may request that we correct inaccurate personal information.
- Right to opt out of sale or sharing. Although we do not sell or share personal information, you may submit a formal opt-out at any time.
- Right to limit use of sensitive personal information. Under California Civil Code § 1798.121, you have the right to direct a business that uses or discloses sensitive personal information for purposes other than those specified in § 1798.121(d) to limit such use. Revko does not use or disclose sensitive personal information for purposes other than those specified in § 1798.121(d) (providing the requested goods and services, ensuring security and integrity of our systems, and short-term transient use). Accordingly, no separate “Limit the Use of My Sensitive Personal Information” mechanism is required. You may still submit a limitation request by email to legal@revko.co, and we will confirm our existing practices.
- Right to non-discrimination. We will not discriminate against you for exercising any of these rights.
How to exercise your rights
To exercise any of these rights, email legal@revko.co with the subject line “CCPA Request.” Please include enough information for us to identify you and verify your request:
- For requests to know the categories of personal information we hold about you, please provide the email address associated with your account.
- For requests to know the specific pieces of personal information we hold about you, please provide the email address associated with your account and one additional piece of information matching our records (such as your business name or phone number).
- For requests to delete personal information, please provide the email address associated with your account, one additional piece of identifying information, and a signed declaration under penalty of perjury that you are the consumer whose personal information is the subject of the request, or an authorized agent acting on your behalf with valid authorization.
We will acknowledge receipt of your request within ten (10) business days of submission and inform you of how we will process it. We will respond substantively within forty-five (45) days, as required by law, and may extend this period by an additional forty-five (45) days when reasonably necessary, with notice to you of the extension and the reason.
You may designate an authorized agent to make a request on your behalf. Authorized agents must provide proof of authorization (written permission from you or a valid power of attorney).
For end-customer rights requests related to data processed by Maya on a contractor’s behalf, please contact the contractor directly. If you contact us by mistake, we will acknowledge your request and forward it to the contractor as required under our Data Processing Addendum.
Residents of other states. If you live in a state with a comprehensive privacy law (such as Virginia, Colorado, Connecticut, Texas, or Oregon), you may contact legal@revko.co to exercise the rights available to you under your state’s law. Where such a law grants you a right to appeal our decision on a request, we will include appeal instructions in our response.
Cookies and tracking technologies
Our website uses cookies and similar technologies for essential site functionality, analytics, and (with your consent where required) marketing. You can control cookie preferences through your browser settings. Disabling essential cookies may affect site functionality.
We use the following analytics providers:
- PostHog for product analytics (aggregated usage of our application)
- Google Analytics for website analytics (aggregated visitor data on revko.co)
Both providers are configured to anonymize IP addresses to the extent supported.
Do Not Track signals. Some web browsers transmit “Do Not Track” (DNT) signals to websites with which the browser communicates. Because no widely-accepted standard for DNT signals has been adopted by the W3C or other regulatory body, Revko does not currently respond to DNT signals. We honor Global Privacy Control (GPC) signals where transmitted, and we treat GPC signals as a valid request to opt out of any sale or sharing of personal information. Because we do not sell or share personal information, GPC signals do not trigger a change in our practices, but we treat them as confirmation of your preferences.
Children’s information
Revko is designed for business use and is not intended for individuals under 16. We do not knowingly collect personal information from children under 13. We do not sell or share the personal information of any consumer under 16, regardless of whether we know the consumer is under 16. If you believe a child has provided us with personal information, please contact legal@revko.co and we will delete it as required by law.
International data transfers
Revko processes personal information primarily within the United States. Our infrastructure, support, and operations are US-based. If you are accessing the service from outside the United States, you understand that your information will be transferred to and processed in the United States.
Security
We implement reasonable administrative, physical, and technical safeguards designed to protect personal information, including encryption in transit and at rest, access controls limited to authorized personnel, regular review of security practices, and personnel training on data privacy. No method of transmission or storage is perfectly secure, and we cannot guarantee absolute security.
In the event of a security incident affecting your personal information, we will notify you in accordance with applicable law.
Changes to this Policy
We may update this Policy from time to time. The “Last updated” date at the top reflects the most recent revision. For material changes, we will provide additional notice (for example, via email or a prominent notice on our website).
Contact
Questions or concerns about this Policy? Email legal@revko.co or write to:
Revko LLC
Attn: Privacy
351 Paseo Nuevo, #1017
Santa Barbara, California 93101
United States