Revyn

Legal

Privacy Policy

This policy explains what personal data Revyn collects, why we collect it, who we share it with, how long we keep it, and the rights you have over it.

Effective: 17 July 2026 Last updated: 17 July 2026 Applies to: revyn.in and app.revyn.in

1. Who we are

Revyn is an AI sales workspace operated by Revyn Labs Private Limited ("Revyn", "we", "us"). We are the Data Fiduciary for the personal data described in this policy, except where section 2 says otherwise.

2. Scope of this policy

Revyn holds two different roles depending on whose data is involved.

3. Personal data we collect

3.1 Account and profile

When you create an account we collect and store:

During signup, before your account exists, we temporarily hold your submitted details and a hashed one-time passcode so we can verify your email address. This staging record is discarded once verification completes or expires.

3.2 Authentication

3.3 Organisation and team

If you use Revyn as part of an organisation, we store your organisation's name, industry, and size band, your role and permissions within it, who invited you, and a billing customer reference. Invitations record the invitee's email address before that person has an account.

Your organisation's administrators can see your membership, role, activity in Revyn, practice scores, and assignments. If your employer provisioned your account, they may also be able to manage or remove it.

3.4 Waitlist, demo bookings, and marketing

Our public site collects the following, and sends it directly from your browser to our database provider, Supabase, rather than through our own backend:

3.5 Content you create in the product

3.6 Technical data

Our hosting and infrastructure providers process your IP address and standard request metadata to deliver and secure the service. We keep audit records of security-relevant actions in your organisation, such as sign-ins, role changes, and deletion requests.

4. Voice, calls, and recordings

Live practice calls: we do not store your audio. When you run a voice roleplay in Revyn, your speech is streamed to our voice providers, converted to text in real time, and the resulting transcript is what we save. The audio itself is not written to disk and is not retained by us after the call.

Real calls you import are different. If you upload a recording of an actual sales call, we store that audio file in our cloud object storage and send it to Groq's Whisper service to be transcribed. We then store the transcript, speaker turns, and the AI analysis produced from it. Uploads are limited to 90 minutes of audio.

If you connect a conversation-intelligence tool such as Gong, we reference the recording held in that tool rather than copying it — we store a pointer and resolve a time-limited link when you play it back.

Your responsibility: recording a call, and uploading that recording to Revyn, may require notice to or consent from everyone on the call under the laws that apply to you. You are responsible for having that permission before you import a recording.

5. Data you upload about other people

Revyn lets you upload lead lists and build prospect profiles. This data is about third parties — people who are not our users and who have no relationship with us.

For all of the above, you are the Data Fiduciary and we are your processor. You are responsible for having a lawful basis to collect this data and to share it with us, and for giving those individuals any notice their local law requires. We process it only to provide the service to you, and we do not sell it or use it to train our own models.

6. Cookies and local storage

Revyn does not set any cookies. We do not use advertising or cross-site tracking cookies, and there is no consent banner because there is nothing to consent to. Our site also sends interest-cohort=(), which opts you out of interest-based cohort tracking in browsers that support it.

Instead, the app stores a small amount of data in your browser's localStorage, which stays on your device and is never sent to a third party:

Data stored in your browser
Key What it holds
revyn-auth Your sign-in tokens, so you stay signed in between visits
revyn-user Your basic profile — id, email, username, name, account type — for display
revyn-workspace Whether you are in your personal or organisation workspace
revyn-theme Your light or dark theme preference
revyn-onboarding, revyn-runway-onboarding Drafts of onboarding answers so you don't lose progress
revyn-command-recents Your recently used commands

Signing out clears your tokens. You can clear all of it at any time through your browser's settings for this site.

Analytics: we use Vercel Analytics for aggregate page-view counts on our public marketing pages only. It is not loaded inside the signed-in product, so your work in Revyn is not tracked by an analytics vendor. Our hosting provider, Cloudflare, may also record aggregate traffic statistics.

7. Why we process your data

Purpose Basis
Creating and running your account Performance of our contract with you
Providing the product's features Performance of our contract with you
Billing and collecting payment Performance of our contract; legal obligation for tax records
Security, abuse prevention, and audit logging Legitimate use; legal obligation
Responding to your support or sales enquiry Your consent / steps at your request
Waitlist and demo booking Your consent
Improving and debugging the service Legitimate use

We do not sell personal data. We do not use your data for advertising, and we do not share it with data brokers.

8. How AI models process your data

Revyn is built on AI models, some of which are operated by third parties. To generate a response, a roleplay turn, or an analysis, we send the relevant content — your message, the conversation so far, the persona and scenario, and, where applicable, transcript text — to the providers listed in section 9.

We do not train our own models on your data. We use these providers under their business or API terms. AI output is generated by statistical models: it can be wrong, incomplete, or fabricated, and any scoring or assessment Revyn produces is a training aid, not a professional judgement. Do not rely on it as the sole basis for an employment, financial, or legal decision.

9. Who we share data with

We share personal data with the service providers below, only as needed to run Revyn. This list reflects the providers wired into the product today; we will update it as it changes.

Provider Purpose What it receives
Google (Gemini) Primary AI model Conversation content, personas, transcript text
OpenAI AI model Prompt and response content
Groq Transcription (Whisper) and AI inference Imported call audio; prompt content
Inworld Real-time speech-to-speech for live roleplay Live call audio. Inworld in turn uses AssemblyAI for speech recognition and Google Gemini for generation.
Sarvam AI Speech-to-text and text-to-speech Voice audio
ElevenLabs Text-to-speech Text to be spoken
Tavily Web search inside Ask Revyn Your search query
Supabase Database for waitlist and demo bookings The form fields in section 3.4
Cloudflare Website hosting, CDN, and object storage Site traffic; stored files and recordings
Fly.io Backend application hosting (Singapore region) All data processed by the API
Razorpay Payment and subscription processing Billing details. Card details go to the processor directly — we never see or store them.
Google (Gmail / SMTP) Sending transactional email Your email address and the message content
Vercel Analytics Aggregate analytics on public pages only Page views. Not loaded in the signed-in product.

Integrations you choose to connect. If you connect a CRM, calendar, or call tool — such as HubSpot, Salesforce, Pipedrive, LeadSquared, Gong, Google Calendar, or Outlook — data flows between Revyn and that tool at your direction and under its provider's own privacy policy. We store the access tokens for those connections encrypted at rest. You can disconnect an integration at any time in Settings.

We may also disclose personal data where we are legally required to, or to establish, exercise, or defend a legal claim. If Revyn is involved in a merger or acquisition, data may transfer to the successor entity, and we will notify you before it becomes subject to a different policy.

10. International transfers

Revyn is operated from India, but our infrastructure and AI providers are not all located here. Our backend runs in Singapore, and several of the providers in section 9 process data in the United States and other countries. Your data will therefore be transferred outside India, and, where you are in the EEA or UK, outside those regions. We rely on our providers' contractual protections, including standard contractual clauses where applicable.

11. How long we keep data

12. Security

No system is perfectly secure. One trade-off worth naming plainly: your sign-in tokens are kept in your browser's localStorage, so anyone with access to your device or browser profile could use your session. Sign out on shared machines, and keep your device locked.

13. Your rights

Under India's Digital Personal Data Protection Act, 2023, you have the right to:

If you are in the EEA or UK, you additionally have rights to portability, restriction, and objection, and the right to complain to your local supervisory authority. If you are in California, you have rights to know, delete, correct, and opt out of "sale" or "sharing" — note that we do neither. We honour these requests regardless of where you live.

Exercising your rights is free, and we will not treat you differently for doing so.

14. How to exercise your rights

Export your data

You can download your data from the product at any time, as a JSON file. To be precise about what that export contains, it includes your profile, your linked sign-in identities, your organisation membership, your practice scores, and your most recent 500 chat sessions with their messages.

It does not currently include lead lists, prospect profiles, candidate assessments, imported call recordings and their transcripts, chat attachments, or deal records. If you want any of those, email privacy@revyn.in and we will provide them.

Delete your account

You can request deletion from Settings. What happens then:

Backups are cycled out on their own schedule after the purge. We may retain the minimum records needed for legal or accounting obligations.

Anything else

Write to privacy@revyn.in. We will verify your identity against your account and respond within 30 days.

15. Children

Revyn is a workplace tool and is not intended for children. Under the DPDP Act, a child is anyone under 18. We do not knowingly collect personal data from children, and we do not conduct tracking, behavioural monitoring, or targeted advertising directed at children. If you believe a child has given us personal data, contact privacy@revyn.in and we will delete it.

16. Changes to this policy

We will update this policy as the product changes — for example, when we add or remove a provider from section 9. We will revise the "Last updated" date at the top, and for material changes we will notify you by email or in the product before they take effect.

17. Contact and grievance redressal

For any question, request, or complaint about your personal data, contact us first — we would rather fix it directly.

If you are not satisfied with our response, you may complain to the Data Protection Board of India. If you are in the EEA or UK, you may complain to your local supervisory authority.