Privacy Policy

Revolte, a unit of Poddle.io Ltd ("Revolte", "we", "us", or "our"), is committed to protecting your personal data and upholding your privacy rights. This Privacy Policy outlines how we collect, use, disclose, and safeguard your personal data when you interact with our Services-defined as our website, deployment infrastructure, CLI tools, and related digital offerings. We operate from the United Kingdom and provide services globally, with a privacy framework that adheres to GDPR, UK GDPR, CCPA, and similar legislation in Canada and the United States.

By accessing or using our Services in any capacity, you agree to the practices described in this Privacy Policy. Please read it carefully. Your use of Revolte's Services is also subject to our Terms of Service, which incorporate this Privacy Policy by reference. All undefined terms in this document have the meanings assigned to them in the Terms of Service.

We may revise this Privacy Policy from time to time. If changes are significant, we will notify you via email or through a prominent update notice on our platform. Continued use of the Services after any updates constitutes acceptance of the revised policy.

You are encouraged to download or print a copy of this Privacy Policy for your records.

This Privacy Policy describes how we treat personal data collected when you use our Services. "Personal Data" refers to information that identifies or relates to a particular individual and includes information defined under applicable privacy laws such as personally identifiable information (PII), personal information (PI), or sensitive personal data. This policy does not apply to entities we do not own or control or to individuals we do not employ or manage.

We treat your data with strict confidentiality and apply appropriate legal, technical, and operational controls to safeguard your rights. We do not knowingly collect information from individuals below the age of 16, nor do we permit them to use the Services. If you believe a minor has submitted information to us, please notify us immediately.

The following categories of personal data may be collected during your interaction with our Services, either directly or indirectly:

• Profile or Contact Data - including your first and last name, email address, billing contact, and similar identifiers.
• Payment Data - includes payment instrument details (e.g., last four digits of your card), billing address, and associated email. Full card details are handled by Stripe and never stored by Revolte. Refer to Stripe's Privacy Policy.
• Commercial Data - purchase history, service usage trends, deployment activity, and customer profile behavior.
• Device/IP Data - IP address, browser user agent, device type, operating system, and general device information.
• Web Analytics - session behavior such as page interactions, referring URLs, scroll depth, interaction timestamps, and load events.
• Social Network Data - when you opt to register using Google or another supported provider, we collect publicly available profile fields including your name, email address, and account ID.
• Geolocation Data - general location derived from your IP address.
• Inferences and Usage Signals - insights drawn from behavior such as frequency of deployments, usage cadence, and tooling interaction patterns.
• Voluntary Correspondence - information you choose to provide in open text fields, support conversations, feedback emails, or account setup.
• Device Metadata and Session Logs - additional information such as crash reports, request IDs, time-to-build stats, and error traces that may be linked to performance diagnostics.
• Interaction Content - including user feedback on documentation, feature voting, or community forum posts, where applicable.

We will not collect additional categories of personal data or use the information we collect for materially different or incompatible purposes without providing you prior notice or obtaining your explicit consent where applicable.

We collect and use your personal data primarily to deliver, manage, and continuously improve our Services. This includes enabling secure user account creation and access management, processing your billing details through integrated payment systems, and tailoring your experience through platform features such as deployment orchestration and logging tools. Our operational functions require handling support tickets, customizing your dashboard views, and personalizing CLI responses based on your usage patterns.

In addition to core service delivery, we may collect data for internal analysis, usage telemetry, diagnostics, and service testing—all of which help us optimize platform performance and identify areas for enhancement. Communication forms another important category: we may contact you regarding account status, platform updates, security notices, or transactional changes. With your consent or where permissible under applicable law, we may also send you promotional updates or product invitations.

We utilize this data to enforce security measures, prevent fraud, and ensure stable system operations. In the event of abnormal usage or policy violations, we use this data to investigate incidents and maintain platform reliability. Some data may be used to support regulatory compliance, audit requirements, or fulfillment of contractual commitments. Additionally, anonymized feedback and behavior signals contribute to shaping future product development, guiding UX improvements, and identifying opportunities for A/B testing, roadmap prioritization, or onboarding enhancements

We collect personal data about you from a combination of direct interactions, automated technologies, and third-party sources. This blended approach ensures the delivery of tailored services, supports authentication, enables operational diagnostics, and helps us fulfill our legal and contractual obligations.

• You (the user) - We collect data that you voluntarily provide through account sign-ups, onboarding forms, surveys, support tickets, and other text inputs across our web app, CLI, or integrated environments. This also includes any communication you initiate via email or embedded chat.
• Automated interactions - When you engage with our Services, including through the CLI or preview environments, we automatically collect usage metadata, logs, IP address, device/browser identifiers, and system event details via cookies or embedded scripts.
• Third-party platforms - We may obtain data from vendors who provide marketing or analytics services, from partners who integrate with Revolte for deployment triggers or OAuth-based identity, or from social login providers when you authorize such linkage.
• Service integrations and SDKs - Some Revolte features, such as performance analysis, may indirectly collect metadata through integrated SDKs or agents running within your infrastructure, always under the conditions of your configured permissions.
• Public and Commercial Sources - Occasionally, we may supplement your profile using public business directories, GitHub organization metadata, or lead generation platforms in accordance with applicable laws.

We disclose data in accordance with the purposes set forth in this policy:
‍
Service Providers - to enable hosting, infrastructure provisioning, log analysis, email delivery, customer success tools, and platform diagnostics. All such processors operate under contract.
‍
Payment Processor (Stripe) - used to process card transactions. Revolte does not store full card numbers or CVVs.
‍
Advertising and Analytics Partners - where permitted by law or with user consent, we may share pseudonymized session data to understand traffic sources, campaign performance, or behavior cohorts.
‍
Legal Requirements - data may be disclosed if required by law, subpoena, regulatory request, or for fraud prevention.
‍
Business Transfers - if we engage in a merger, acquisition, or corporate restructuring, personal data may be shared in connection with that transaction.
‍
Internal Stakeholders and Affiliates - only where contractually bound and legally compliant.
‍
Aggregated or De-identified Data - may be used for product insights or platform research but will not include personally identifying fields.

We do not sell your personal data or share it for third-party advertising without your express permission.

We use cookies and related tracking technologies (such as web beacons, pixels, and JavaScript tags) to understand behavior, measure performance, and deliver a more secure platform. The types of cookies include:

• Essential Cookies - Required for login, authentication, and user session continuity.
• Functional Cookies - Remember UI preferences, language, and feature toggles.
• Performance Cookies - Track engagement metrics across CLI and browser interactions.
• Retargeting/Advertising Cookies - May be used with consent to personalize outreach and measure ad efficacy.

You can manage cookie preferences in your browser or opt out of non-essential categories through our cookie settings panel. Our use of tracking technologies may include tools provided by vendors such as Google Analytics, Hotjar, Mixpanel, or others with similar compliance standards.

We may use aggregated behavioral signals to determine interest in platform features or services. Third-party advertising networks may receive hashed identifiers and usage profiles to tailor campaigns. No raw personal data is disclosed without consent. You may opt out of interest-based advertising via platform controls or browser-level Do Not Track settings.

We honor opt-out signals where supported (e.g., Global Privacy Control or similar mechanisms). Our advertising practices comply with CCPA "Do Not Sell or Share" provisions where applicable.

We retain data only as long as needed to fulfill business or regulatory needs. Inactive account data is archived and removed after the standard retention window unless legally obligated. Payment and support records may be retained longer for audit or tax compliance. Anonymized diagnostic data may be retained indefinitely.

Where data is retained for backup, archival, or compliance purposes, it is securely isolated and not subject to active processing. When deletion is requested or required, we apply irreversible anonymization or secure erasure methods aligned with industry standards.

Revolte applies a layered approach to data security. This includes encryption at rest and in transit, access control policies, role-specific data minimization, incident response practices, and third-party security reviews. Users are expected to take reasonable steps to secure their credentials.

We employ multi-factor authentication for administrator-level access, use audit logging to monitor access patterns, and implement system-level alerts for unauthorized activity. Our incident response protocols include breach notification compliance and forensics investigation procedures.

Revolte does not knowingly collect or solicit data from children under 16. If we learn such data has been collected, it will be deleted without delay. Parents or guardians may contact us if they believe a minor has registered inappropriately.

Where legal guardians submit requests on behalf of a minor, we will take steps to verify such authority before processing the request.

We may amend this Privacy Policy to reflect changes in our Services, applicable laws, or our data practices. Material updates will be communicated clearly, and your continued use of the Services constitutes acceptance of any changes.

Policy changes will not apply retroactively. We will post the updated policy on our website and revise the "Effective Date" at the top of this page. In the case of material changes, you will be notified via the email address associated with your account.

Revolte (a unit of Poddle.io Ltd)
Email: product@revolte.ai

This policy supersedes all previous versions and governs your use of Revolte Services from the effective date forward.