Privacy Policy

Last updated: July 8, 2026

Who we are

Revko LLC (“Revko,” “we,” “us”) provides software-enabled communications, scheduling, and workflow tools for service-business operators, including the Maya platform. Our principal place of business is 351 Paseo Nuevo, #1017, Santa Barbara, California 93101.

This Privacy Policy describes how we collect, use, share, and protect personal information.

Two roles, two scopes

We handle personal information in two distinct roles:

This Policy primarily covers Role 1. For Role 2, the contractor’s own privacy policy applies to their end customers; we contractually commit to act only as a Service Provider as defined under the California Consumer Privacy Act (CCPA).

What we collect (Role 1 — Revko as Business)

When you sign up for Revko or use our website, we may collect:

CategorySpecific itemsWhen collected
IdentifiersName, business name, email, phone number, business addressAt signup
Customer recordsBilling information (collected by Stripe on our behalf), trade, service areaAt signup and during your subscription or engagement
Commercial informationPlan or engagement tier selected, payment and transaction history, subscription and account statusDuring the customer relationship
Internet activityBrowsing actions on revko.co, device type, IP address, referring URLWhen you visit our website
GeolocationApproximate location derived from IP addressWhen you visit our website
Sensory dataRecordings of calls between you and our team for quality and training purposes, where you have been notifiedDuring support, onboarding, and sales or outreach calls, where you have been notified
InferencesInsights drawn from your use of Revko (e.g., engagement level, feature usage)During the customer relationship
Account credentialsLogin credentials, multi-factor authentication tokens — sensitive personal information under CPRAWhen you create an account

When Revko records a call with you (such as during onboarding, customer support, or a sales or outreach call our team places to you), we provide an audible notice at the start of the call so you have the opportunity to consent to or decline recording. If you decline, we will proceed without recording.

Sources of personal information

We collect personal information from:

Business purposes for collection

We use personal information to:

We do not use your sensitive personal information (account credentials) for purposes other than performing the service or as authorized by you.

Text messaging

If you opt in to text messages from Revko — by providing your mobile number at signup, by texting our business number first, or by agreeing during a call — we may send you recurring text messages related to your account and service, such as lead notifications, onboarding and appointment reminders, service updates, and customer-care replies. Message frequency varies. Message and data rates may apply. Reply STOP to any message to opt out, or HELP for help; you can also email legal@revko.co to stop or get help.

We do not sell your mobile opt-in information or phone number, and we do not share it with third parties for their own marketing. Mobile opt-in data is used only to send you the messages described above.

What we collect on behalf of contractors (Role 2 — Revko as Service Provider)

When a contractor uses Maya to communicate with their end customers, Maya processes:

Where calls handled by Maya are recorded, Maya plays an audible recording disclosure at the start of the call. The contractor is responsible for providing any additional recording notice its callers are owed under applicable law. Revko processes these recordings solely on the contractor’s behalf as its service provider and does not use them for any independent purpose.

Neither Revko nor its voice-processing sub-processors create, collect, or retain voiceprints or other biometric identifiers from call audio. Call audio is processed for transcription and language understanding only.

For this category of information, the contractor is the Business under CCPA, not Revko. We process this information only to perform the Maya service for the contractor, only on the contractor’s documented instructions, and we do not retain, use, or disclose it for our own purposes. End customers with questions about how their information is handled should contact the contractor directly.

Who we share information with (sub-processors)

We share personal information with the following categories of sub-processors, all bound by contractual data-protection obligations appropriate to the services they provide:

Sub-processorPurpose
Cloud infrastructure — AWS, Vercel, Fly.ioHosting, compute, storage
Database — SupabaseCustomer records, application data
Payment processing — StripeBilling and payment links
Telephony — Twilio, Retell, SendblueInbound/outbound voice and messaging
AI inference — Anthropic, OpenAILanguage understanding for the Maya platform
Transcription — DeepgramSpeech-to-text for call processing
Email — Resend, SmartLead, Google WorkspaceTransactional, operational, and marketing email
Product analytics — PostHogAggregated usage data for product improvement
Website analytics — Google AnalyticsAggregated visitor analytics on revko.co
Customer support and CRM — internal SupabaseSupport ticketing and customer history

We maintain a current list of sub-processors available to enterprise customers upon written request to legal@revko.co. We require all sub-processors to maintain data protection practices consistent with this Policy and our contractual obligations.

We do not use your personal information, or end-customer information processed on a contractor’s behalf, to train artificial-intelligence models, and we do not permit our AI sub-processors to use this information to train their models.

We do not sell or share your personal information

Revko does not sell or share personal information in exchange for monetary or other valuable consideration, as those terms are defined under California Civil Code § 1798.140(ad) and § 1798.140(ah). We do not engage in cross-context behavioral advertising as defined under § 1798.140(k). Our analytics providers are configured with ads-personalization and audience-sharing features disabled, so that they may use the data only to provide services to us and not for their own advertising purposes.

Data retention

We retain personal information for as long as necessary to provide the service and as required by law. Specific retention practices:

CategoryRetention
Active customer account dataFor the duration of your subscription or engagement with Revko
Customer account data after your subscription ends, your engagement is completed, or your account is closedDeleted within 60 days, except where retention is required by law or for legal claims
Backup and archival systemsUp to 90 days, then deleted in the normal backup rotation
Marketing and prospect dataUntil you unsubscribe or request deletion
Aggregated and anonymized dataRetained indefinitely (no longer identifies any individual)

For end-customer data processed by Maya on a contractor’s behalf, retention is governed by the contractor’s instructions under our Data Processing Addendum, with default deletion within 60 days of contractor request or contract termination.

Your rights under California law

If you are a California resident, you have the following rights under the CCPA, as amended by the CPRA:

How to exercise your rights

To exercise any of these rights, email legal@revko.co with the subject line “CCPA Request.” Please include enough information for us to identify you and verify your request:

We will acknowledge receipt of your request within ten (10) business days of submission and inform you of how we will process it. We will respond substantively within forty-five (45) days, as required by law, and may extend this period by an additional forty-five (45) days when reasonably necessary, with notice to you of the extension and the reason.

You may designate an authorized agent to make a request on your behalf. Authorized agents must provide proof of authorization (written permission from you or a valid power of attorney).

For end-customer rights requests related to data processed by Maya on a contractor’s behalf, please contact the contractor directly. If you contact us by mistake, we will acknowledge your request and forward it to the contractor as required under our Data Processing Addendum.

Residents of other states. If you live in a state with a comprehensive privacy law (such as Virginia, Colorado, Connecticut, Texas, or Oregon), you may contact legal@revko.co to exercise the rights available to you under your state’s law. Where such a law grants you a right to appeal our decision on a request, we will include appeal instructions in our response.

Cookies and tracking technologies

Our website uses cookies and similar technologies for essential site functionality, analytics, and (with your consent where required) marketing. You can control cookie preferences through your browser settings. Disabling essential cookies may affect site functionality.

We use the following analytics providers:

Both providers are configured to anonymize IP addresses to the extent supported.

Do Not Track signals. Some web browsers transmit “Do Not Track” (DNT) signals to websites with which the browser communicates. Because no widely-accepted standard for DNT signals has been adopted by the W3C or other regulatory body, Revko does not currently respond to DNT signals. We honor Global Privacy Control (GPC) signals where transmitted, and we treat GPC signals as a valid request to opt out of any sale or sharing of personal information. Because we do not sell or share personal information, GPC signals do not trigger a change in our practices, but we treat them as confirmation of your preferences.

Children’s information

Revko is designed for business use and is not intended for individuals under 16. We do not knowingly collect personal information from children under 13. We do not sell or share the personal information of any consumer under 16, regardless of whether we know the consumer is under 16. If you believe a child has provided us with personal information, please contact legal@revko.co and we will delete it as required by law.

International data transfers

Revko processes personal information primarily within the United States. Our infrastructure, support, and operations are US-based. If you are accessing the service from outside the United States, you understand that your information will be transferred to and processed in the United States.

Security

We implement reasonable administrative, physical, and technical safeguards designed to protect personal information, including encryption in transit and at rest, access controls limited to authorized personnel, regular review of security practices, and personnel training on data privacy. No method of transmission or storage is perfectly secure, and we cannot guarantee absolute security.

In the event of a security incident affecting your personal information, we will notify you in accordance with applicable law.

Changes to this Policy

We may update this Policy from time to time. The “Last updated” date at the top reflects the most recent revision. For material changes, we will provide additional notice (for example, via email or a prominent notice on our website).

Contact

Questions or concerns about this Policy? Email legal@revko.co or write to:

Revko LLC
Attn: Privacy
351 Paseo Nuevo, #1017
Santa Barbara, California 93101
United States