Legal

Compliance

ReviewPilot is built on a foundation of regulatory adherence and enterprise-grade data governance.

Google API Policy

Our use of Google APIs fully complies with the Google API Services User Data Policy and Limited Use requirements. We access only the scopes necessary for review management.

Data Security

All data is encrypted in transit (TLS 1.3) and at rest (AES-256). OAuth tokens are stored in isolated, encrypted credential stores with no exposure in logs or analytics.

Data Minimisation

We collect only the data necessary to operate the service. Review content is processed for response generation and is never used for advertising, profiling, or sold to third parties.

Transparency

You can view, export, or delete all data ReviewPilot holds about your business at any time from your dashboard. We maintain a full audit log of every response posted on your behalf.

Breach Response

In the event of a data breach, we will notify affected customers within 72 hours in accordance with applicable data protection regulations and our contractual obligations.

Record Keeping

We maintain records of all AI-generated responses, including timestamps, model versions, and approval status, giving you a complete audit trail for every piece of content posted to your profile.

Compliance Enquiries

For compliance-related questions or to request our Data Processing Agreement (DPA), contact us at compliance@tryreviewpilot.com.