ColRevs

Privacy Policy

How ColRevs collects, uses, and protects personal data — in plain language.

Last updated: 12 June 2026  ·  Effective immediately

1. Who We Are

ColRevs ("we", "us", "our") is a Software-as-a-Service (SaaS) platform that enables e-commerce merchants to automatically send post-purchase review invitation emails to their customers and to collect and display customer reviews on their storefronts.

For the purposes of EU data-protection law (GDPR / Regulation (EU) 2016/679), ColRevs operates in two distinct capacities depending on whose data is being processed:

Data subject ColRevs role Explanation
Merchant (our direct customer) Data Controller We determine why and how we process the merchant's account information.
End consumer (merchant's customer) Data Processor We process consumer data strictly on the merchant's behalf and under their instruction, via order webhooks they configure.
GDPR Article 28 – Data Processing Agreement: By accepting our Terms of Service, merchants enter into a Data Processing Agreement (DPA) with ColRevs. We process consumer personal data only as instructed by the merchant and never for our own purposes.

2. What Data We Process and Why

We process the minimum data necessary for each purpose (GDPR Art. 5 – data minimisation principle).

A) Merchant account data (you, as our customer)

DataPurposeLegal basis (GDPR Art. 6)
Email address, hashed password Account authentication Art. 6(1)(b) – performance of contract
Store domain, platform (WooCommerce / Shopify), company name Integration setup, email personalisation Art. 6(1)(b) – performance of contract
Stripe Customer ID, subscription status, plan Billing and subscription management Art. 6(1)(b) – performance of contract
Google review link, ColRevs review link Inserting the correct CTA link in invitation emails Art. 6(1)(b) – performance of contract
API keys (encrypted with AES-256) Authenticating webhook calls between the merchant's plugin and our server Art. 6(1)(b) – performance of contract

B) Consumer data (your customers, processed on your behalf)

DataSourcePurposeLegal basis
Email address Order webhook Deliver the review invitation email Merchant's legitimate interest / Art. 6(1)(f) — directly related to the purchase experience; not marketing
First name / full name Order webhook Personalise the email salutation Same as above
Order ID / order number Order webhook Reference in the invitation email; uniqueness check Same as above
Order total, currency, line items, completed_at Order webhook Available for template personalisation (optional use by merchant) Same as above
Review text, star rating, submission timestamp Consumer voluntarily submits a review Store and display the review on the merchant's storefront Art. 6(1)(a) – consent (consumer actively submits review); or Art. 6(1)(f) – legitimate interest of merchant
Email address (linked to review) Consumer submits review Enabling the consumer to look up and delete their own review (GDPR right to erasure) Art. 6(1)(c) – legal obligation
User-agent string HTTP request at review submission Fraud / bot detection; not retained beyond review processing Art. 6(1)(f) – legitimate interest
Important: Consumer email addresses linked to reviews are stored privately and are never exposed in the public review API or the review widget. Only the author name, rating, review text, and submission date are publicly accessible.

3. Review Invitation Emails — Not Marketing

Our core feature sends a single review invitation email after an order is marked as completed in the merchant's store. This email is:

Transactional, not marketing. It is directly and exclusively triggered by the customer's own purchase. It does not promote any product or service, does not contain advertising, and is sent only once per fulfilled order. Under the EU ePrivacy Directive (Directive 2002/58/EC, Art. 13(2)), transactional emails sent to existing customers about their own purchase experience do not require prior opt-in consent, provided the merchant's customers had a reasonable opportunity to opt out of such communications.

Merchants are responsible for ensuring their own store's checkout flow provides customers with appropriate information about post-purchase communications in accordance with their jurisdiction's laws. ColRevs provides this mechanism; the merchant controls whether and when it is triggered.

Emails are sent via Amazon Simple Email Service (SES), hosted in the eu-north-1 (Stockholm, Sweden) AWS region — within the European Economic Area.

4. Where Your Data Is Stored

All data is stored within the European Economic Area (EEA) on Amazon Web Services infrastructure in the eu-north-1 (Stockholm, Sweden) region. No personal data is transferred to countries outside the EEA unless required by law.

Storage systemData storedLocation
AWS DynamoDB Merchant accounts, store connections, subscription records eu-north-1 (Stockholm, EU)
AWS S3 Customer reviews (JSON), email templates, widget design configs eu-north-1 (Stockholm, EU)
AWS SES Email sending only — no long-term storage of email content eu-north-1 (Stockholm, EU)
Stripe Payment method and billing data (processed by Stripe, Inc.) Stripe infrastructure — governed by Stripe's own DPA

Passwords are hashed using bcrypt before storage. API keys are encrypted using AES-256 before storage. We never store plain-text credentials.

5. Sub-Processors

As a Data Processor for merchant customer data, we engage the following sub-processors. All sub-processors are bound by appropriate data protection agreements.

Sub-processorPurposeLocationDPA / SCCs
Amazon Web Services (AWS) Cloud hosting, database, email delivery (SES), file storage (S3) EU (eu-north-1) AWS DPA
Stripe, Inc. Payment processing and subscription management USA (SCCs in place) Stripe DPA

We will notify merchants of any changes to this sub-processor list with reasonable advance notice.

6. How Long We Keep Your Data

Data typeRetention periodReason
Merchant account data Duration of the subscription + 90 days after cancellation Allow account reactivation; then deleted
Customer reviews Until the merchant's account is deleted, or until the consumer exercises the right to erasure Core service functionality
Order webhook data (name, email, order ID) Used transiently to send the invitation email; not stored beyond the email dispatch Data minimisation — we do not build a consumer database
Billing / Stripe records 7 years Statutory accounting and tax obligations
Server logs 30 days rolling Security and debugging

When a merchant uninstalls the ColRevs plugin or closes their account, we delete all associated store connection data and cancel active subscriptions. Review data in S3 is deleted as part of the same cleanup process.

7. Your Rights Under GDPR

Under the General Data Protection Regulation (EU) 2016/679, you have the following rights. Merchants may exercise these directly with us. Consumers whose data we process on behalf of a merchant should direct requests to the merchant in the first instance; ColRevs will cooperate with the merchant to fulfil the request.

Right of Access (Art. 15)

Obtain a copy of the personal data we hold about you.

Right to Rectification (Art. 16)

Ask us to correct inaccurate or incomplete data.

Right to Erasure (Art. 17)

Request deletion of your personal data. Consumers may delete their review via the review deletion page at any time using their email address — no account required.

Right to Restriction (Art. 18)

Ask us to restrict processing of your data in certain circumstances.

Right to Portability (Art. 20)

Receive your data in a structured, machine-readable format.

Right to Object (Art. 21)

Object to processing based on legitimate interests. We will cease processing unless we can demonstrate compelling legitimate grounds.

Right to Lodge a Complaint

You may lodge a complaint with your national data protection authority (e.g., Datatilsynet in Norway, or any EU/EEA supervisory authority).

Right to Withdraw Consent (Art. 7)

Where processing is based on consent, you may withdraw at any time without affecting the lawfulness of prior processing.

To exercise any right, contact us at [email protected]. We will respond within 30 days.

8. Cookies and Tracking

Our web application uses only strictly necessary cookies required for authentication (session tokens) and security (CSRF protection). We do not use advertising cookies, tracking pixels, or third-party analytics that involve personal data. No consent banner is required for strictly necessary cookies under the ePrivacy Directive, but we disclose their use here for full transparency.

CookiePurposeDuration
Session token (HTTP-only) Maintain your logged-in session securely Session / until logout

The ColRevs review widget embedded on merchant storefronts does not set any cookies and does not track end consumers.

9. Security Measures

We take appropriate technical and organisational measures to protect personal data against accidental or unlawful destruction, loss, alteration, or unauthorised disclosure:

Data in transit is protected by TLS. Passwords are hashed with bcrypt (one-way). API keys are encrypted with AES-256 before storage. Access to AWS infrastructure is restricted using least-privilege IAM policies. Webhook endpoints require authenticated API keys. We do not store consumer order data beyond the transient email dispatch process.

In the event of a personal data breach likely to result in risk to individuals, we will notify the relevant supervisory authority within 72 hours and affected data controllers (merchants) without undue delay, as required by GDPR Art. 33–34.

10. Children's Data

ColRevs is a B2B service intended for businesses. We do not knowingly process personal data of children under 16. If you believe we have inadvertently collected data from a child, please contact us immediately at [email protected] and we will delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices or legal obligations. We will notify merchants of material changes by email or via an in-app notice at least 14 days before the changes take effect. The "Last updated" date at the top of this page reflects the most recent revision. Continued use of the service after the effective date constitutes acceptance of the updated policy.

12. Contact & Data Controller Details

ColRevs
Data Controller for merchant data | Data Processor for consumer data

📧 Privacy enquiries: [email protected]
📧 General support: [email protected]

You may also lodge a complaint with your local supervisory authority. In Norway: Datatilsynet — datatilsynet.no