ReviewDropStart Free Trial

Privacy Policy

Last updated: March 1, 2026

1. Who We Are

ReviewDrop ("we", "us") is a review management platform. This policy explains how we collect, use, and protect data when you use our website and service at reviewdrop.co.

2. What We Collect

From business owners (our customers):

  • Account info — email address, password (hashed), name.
  • Business info — business name, Google Business Profile URL, logo, review page slug.
  • Usage data — review requests sent, reviews collected, dashboard activity.

From reviewers (your customers):

  • Review content — star rating, written feedback, name (if provided).
  • Contact info — email or phone number, only when provided by the business owner for sending review requests.
  • Interaction data — whether a review request was opened, clicked, or completed.

3. How We Use Your Data

  • To provide and improve the Service.
  • To send review requests on your behalf (via email or SMS as configured).
  • To route satisfied customers to Google Reviews.
  • To privately collect feedback from dissatisfied customers.
  • To send you service-related communications (account, billing, updates).
  • To display analytics and review data in your dashboard.

We do not sell your data. We do not use review data for advertising. We do not share reviewer information with third parties except as needed to deliver the Service.

4. Third-Party Services

We use the following services to operate ReviewDrop:

  • Supabase — database and authentication (data hosted in the US).
  • Paddle — payment processing and subscription billing. When you subscribe, Paddle processes your payment as our merchant of record. See Paddle's privacy policy.
  • Resend — transactional email delivery.
  • Telnyx — SMS message delivery.
  • Google Places API — syncing public Google review data.
  • Vercel — website hosting.

Each service processes data according to their own privacy policies. We only share the minimum data required for each service to function.

5. Cookies & Tracking

We use essential cookies for authentication (keeping you logged in). We do not use advertising cookies or third-party trackers. We may use simple analytics to understand how the Service is used.

6. Data Retention

  • Active accounts — we retain your data as long as your account is active.
  • Deleted accounts — we delete your data within 30 days of account deletion, except where required by law.
  • Review request records — kept for 12 months for analytics, then anonymized.

7. Your Rights

You can:

  • Access your data through your dashboard at any time.
  • Export your reviews and feedback data.
  • Delete your account and all associated data.
  • Correct inaccurate information in your account settings.

If you're in the EU/EEA, you also have rights under GDPR including data portability and the right to lodge a complaint with a supervisory authority. Contact us to exercise these rights.

8. Security

We use industry-standard security measures including encrypted connections (TLS), hashed passwords, row-level security on our database, and access controls. No system is 100% secure, but we take reasonable steps to protect your data.

9. Children

ReviewDrop is not intended for use by anyone under 18. We do not knowingly collect data from children.

10. Changes

We may update this policy from time to time. Material changes will be communicated via email or through the Service. The "Last updated" date at the top reflects the most recent revision.

11. Contact

Privacy questions? Email support@reviewdrop.co.