How we collect, use, and protect your information.
This Privacy Policy describes how RendereelStudio LLC ("Company," "we," "us," or "our") collects, uses, discloses, and protects personal information through the Brevvo platform ("Service") at brevvo.ai. We are committed to protecting your privacy and handling your data with transparency and care.
When you register for an account, we collect:
In the course of using the Service, you may upload or generate:
We automatically collect:
If you connect third-party services (e.g., banking via Plaid, Google Business Profile), we receive data as authorized by you through those integrations. We only access what is necessary to provide the connected functionality.
We process your data for the following purposes:
| Purpose | Legal Basis (GDPR) |
|---|---|
| Providing and operating the Service | Contract performance |
| AI agent processing and recommendations | Contract performance |
| Billing, invoicing, and payment processing | Contract performance |
| Customer support and communication | Contract performance / Legitimate interest |
| Analytics and service improvement | Legitimate interest |
| Security monitoring and fraud prevention | Legitimate interest |
| Legal compliance and regulatory obligations | Legal obligation |
| Marketing communications (opt-in only) | Consent |
We do not use your business data to train machine-learning models. Your Tenant data is processed solely to deliver the Service to you.
Security is foundational to Brevvo. We employ enterprise-grade security measures to protect your data at every layer.
We never sell your data. Period.
We do not sell, rent, or trade your personal information or business data to any third party. We share data only in the following limited circumstances:
We use Amazon Web Services (AWS) as our cloud infrastructure provider. AWS processes data on our behalf under strict data processing agreements. AWS is SOC 2, ISO 27001, and GDPR compliant.
Payment information is processed by our authorized payment processor to handle subscription billing and credit pack purchases. We do not store complete credit card numbers on our servers.
We may disclose your data if required to do so by law, regulation, legal process, or governmental request, or when we believe in good faith that disclosure is necessary to:
In the event of a merger, acquisition, reorganization, or sale of assets, your data may be transferred as part of that transaction. We will notify you via email and/or prominent notice on the Service before your data becomes subject to a different privacy policy.
We retain your data for as long as your account is active and as necessary to provide you with the Service.
Certain data may be retained beyond the periods above if required by law (e.g., financial records for tax compliance, data subject to legal holds, or records necessary for dispute resolution).
Aggregated, anonymized usage data that cannot be used to identify you may be retained indefinitely for analytics and service improvement purposes.
If you are a California resident, the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA) provide you with specific rights regarding your personal information:
You have the right to request disclosure of the categories and specific pieces of personal information we have collected about you, the sources of collection, the business purposes for collection, and the categories of third parties with whom we share it.
You have the right to request deletion of your personal information, subject to certain exceptions (e.g., legal obligations, ongoing service performance).
You have the right to request correction of inaccurate personal information we maintain about you.
We do not sell your personal information. As such, there is no need to opt out. If our practices change, we will provide a "Do Not Sell My Personal Information" mechanism.
We will not discriminate against you for exercising any of your CCPA rights. You will not receive a different level of service or pricing for making a privacy request.
To submit a CCPA request, email us at privacy@brevvo.ai. We will verify your identity before processing your request and respond within 45 days.
If you are located in the European Union, European Economic Area, or the United Kingdom, the General Data Protection Regulation (GDPR) and UK GDPR provide you with the following rights:
You may request a copy of the personal data we hold about you.
You may request that we correct inaccurate or incomplete personal data.
You may request deletion of your personal data where there is no compelling reason for its continued processing.
You may request your personal data in a structured, commonly used, machine-readable format and have it transmitted to another controller.
You may request that we restrict the processing of your personal data in certain circumstances.
You may object to the processing of your personal data based on legitimate interests or for direct marketing purposes.
Where processing is based on your consent, you may withdraw that consent at any time without affecting the lawfulness of prior processing.
To submit a GDPR request, email us at privacy@brevvo.ai. We will respond within 30 days. You also have the right to lodge a complaint with your local supervisory authority.
The Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have inadvertently collected personal information from a child under 18, we will promptly delete that information. If you believe a child has provided us with personal information, please contact us at privacy@brevvo.ai.
We use strictly necessary session cookies to authenticate your login and maintain your session state. These cookies are temporary and expire when you close your browser or after your session times out.
We do not use third-party tracking cookies, advertising pixels, or cross-site tracking technologies. We do not participate in ad networks or retargeting programs.
We collect anonymized, aggregated usage metrics internally to improve the Service. This data cannot be used to identify individual users.
We maintain continuous monitoring and alerting systems to detect potential data breaches. In the event of a confirmed breach affecting personal data, we will:
Notify the relevant supervisory authority within 72 hours of becoming aware of the breach, as required by GDPR Article 33, where the breach is likely to result in a risk to the rights and freedoms of individuals.
Notify affected individuals without undue delay when the breach is likely to result in a high risk to their rights and freedoms (GDPR Article 34). Notification will include:
As a data processor, we will notify affected Tenants (data controllers) immediately upon discovery of a breach affecting their Tenant data, enabling them to fulfill their own notification obligations.
In the preceding 12 months, we have collected the following categories of personal information as defined by the CCPA:
We have not sold any personal information in the preceding 12 months. We have not shared personal information for cross-context behavioral advertising purposes.
We do not collect or process sensitive personal information as defined under CPRA for purposes other than providing the Service.
You may designate an authorized agent to submit CCPA requests on your behalf. The agent must provide written authorization signed by you, and we may require you to verify your identity directly.
The Service is hosted in the United States (AWS us-west-2 region). If you access the Service from outside the United States, your data will be transferred to and processed in the United States. By using the Service, you consent to this transfer. For EU/EEA/UK users, transfers are conducted in accordance with GDPR requirements, utilizing Standard Contractual Clauses (SCCs) where applicable.
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on the Service with a revised "Effective Date" and, where appropriate, by sending you an email notification. Your continued use of the Service after the effective date of the revised policy constitutes your acceptance of the changes.
For privacy-related inquiries, data subject requests, or complaints, please contact us:
RendereelStudio LLC
Data Protection Contact
Email: privacy@brevvo.ai
Website: https://brevvo.ai
For EU/EEA/UK residents: If you are unsatisfied with our response, you have the right to lodge a complaint with your local data protection supervisory authority.