Last updated: July 2026 · Applies to reviewrr.uk and the Reviewrr application
Reviewrr ("we", "us") provides review management software for businesses. This policy explains what data we collect, why, how it is stored and protected, and the rights you have over it. We have written it to be read, not skimmed past.
Reviewrr is operated from the United Kingdom. We are the data controller for information about our own users and website visitors, and a data processor for personal data our business customers upload in order to use the service. You can contact us about anything in this policy at info@reviewrr.uk.
This section explains our use of data accessed through Google APIs, including the Google Business Profile API.
When you connect your Google account to Reviewrr, you grant us permission to access specific data from your Google Business Profile so the service can work. We access only what the product needs:
How we use it: solely to provide Reviewrr's features to you. We do not use Google user data for advertising, we do not sell it, and we do not transfer it to third parties except as necessary to provide the service (such as our cloud hosting provider), to comply with law, or as part of a merger or acquisition with prior notice to you.
Limited Use disclosure: Reviewrr's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.
AI processing: review text may be processed by an AI model to generate suggested replies. This processing is performed to provide the feature you have enabled, and Google user data is not used to train generalised AI models.
Storage and security: Google access tokens are encrypted at rest. Review data is stored securely and retained only while your account is active.
Revoking access: you can disconnect Google at any time from your Reviewrr settings, or via your Google account permissions. Disconnecting stops all access, and associated Google data is deleted from our systems within 30 days.
We do not sell personal data. We do not send marketing to your customers.
Where you upload customer contact details, you remain the data controller and Reviewrr acts as your data processor. We process that data only on your instruction (to send the invitations you trigger), we require you to confirm you have a lawful basis to contact those customers, every message includes an opt-out, and contact data is automatically deleted 30 days after the invitation cycle completes.
Under UK GDPR we rely on: contract (providing the service you signed up for), legitimate interests (service security, improvement and communications a business user would reasonably expect), and consent where required. We are registered with the Information Commissioner's Office (ICO).
We share data only with the service providers needed to run Reviewrr, such as cloud hosting, email and SMS delivery, and payment processing, each bound by data protection agreements, and where required by law. We do not share or sell data to advertisers or data brokers.
You have the right to access, correct, delete, restrict or object to the processing of your personal data, and to data portability. To exercise any of these, email info@reviewrr.uk and we will respond within one month. You also have the right to complain to the ICO at ico.org.uk.
The website uses only essential cookies needed for the service to function (such as keeping you signed in). We do not use advertising or cross-site tracking cookies.
If we make material changes, we will update this page and notify account holders by email before the changes take effect.
Questions, requests or concerns: info@reviewrr.uk