• +44 (02045244802)
Facebook X-twitter Instagram Linkedin Whatsapp-square
Get a free audit

Privacy Policy

Last updated: 6/18/2026

This Privacy Policy explains how dotrevu (“we”, “us”, or “our”) collects, uses, and protects personal data when you visit our website or engage with our services.

This Policy is designed to comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. WHO WE ARE

dotrevu
Registered in England and Wales
Registered Address: [Insert Address]
Email: [Insert Contact Email]

For the purposes of data protection law, we act as:

  • a Data Controller in relation to personal data collected via our website and for our own business operations; and
  • a Data Processor when processing personal data on behalf of our clients in the course of providing reputation management services.
2. ABOUT OUR WEBSITE

Our website is designed to:

  • provide information about our online review management and reputation support services;
  • present service offerings and retainers;
  • publish educational content (e.g. blogs, insights);
  • generate leads by allowing prospective clients to contact us or request consultations or audits.

The website:

  • does not require user account creation;
  • does not host or publish customer reviews;
  • does not allow public user-generated content.
3. PERSONAL DATA WE COLLECT
3.1 Data You Provide Directly

We may collect:

  • Name
  • Email address
  • Telephone number
  • Company name
  • Job title or role
  • Business contact details
  • Information submitted through enquiry or consultation forms
  • Details relating to requested services
3.2 Client Data (Business Relationship)

Where you engage us as a client, we may collect:

  • Contact person details
  • Business contact information
  • Company and billing details
  • Service requirements and platform information
  • Communication and reporting preferences
  • Payment-related administrative information

Payment card details are processed securely by third-party providers where applicable.

4. HOW WE COLLECT DATA

We collect data via:

  • Website contact forms
  • Consultation or audit request forms
  • Direct email enquiries
  • Marketing opt-in forms (if enabled)
  • Client onboarding communications
5. AUTOMATIC DATA COLLECTION

We may automatically collect:

  • IP address
  • Browser type and version
  • Device type and operating system
  • Website usage data (pages visited, time on site, navigation paths)
  • Referral sources
  • Approximate location (country/region based on IP)
  • Precise location data (where available via third-party software such as Vendasta) 

Precise location data may be collected and processed through third-party tools used in connection with our services. This data is used to support analytics, reporting, and service delivery.

We do not independently collect precise GPS location data directly through the website itself.

6. ANALYTICS AND TRACKING

We may use tools such as:

  • Google Analytics
  • Meta Pixel (where enabled)
  • Cookie-based performance tools

These tools help us:

  • understand website usage;
  • improve user experience;
  • measure marketing effectiveness;
  • support business development.

For detailed information about the cookies we use, the purposes for which they are used, and how you can manage your cookie preferences, please see our Cookie Policy: [Insert Cookie Policy URL].

7. HOW WE USE PERSONAL DATA

We use personal data to:

  • respond to enquiries;
  • provide and manage our services;
  • communicate with prospective and existing clients;
  • improve our website and services;
  • comply with legal obligations.
8. LEGAL BASIS FOR PROCESSING

We rely on the following legal bases:

  • Legitimate interests – for responding to enquiries and improving services;
  • Contract – where processing is necessary to provide services;
  • Legal obligation – where required by law;
  • Consent – for marketing communications (where applicable).
9. DATA SHARING

We may share personal data with third-party service providers who support the operation of our website and the delivery of our services. These may include:

  • website hosting providers (e.g. Hostinger);
  • analytics providers (e.g. Google);
  • business tools and communication platforms;
  • payment processors;
  • software-as-a-service (SaaS) providers used to deliver reputation management services, including monitoring, analytics, reporting, and response management tools;
  • white-label software platforms and integrated technology solutions used as part of our service delivery infrastructure;
  • subcontractors and service partners who assist in providing our services;
  • professional advisers where necessary.

Where we use such providers to process personal data on behalf of our clients, they act as sub-processors, and we ensure appropriate contractual and data protection safeguards are in place.

All third parties are required to process data in accordance with applicable data protection laws.

10. INTERNATIONAL DATA TRANSFERS

Personal data may be transferred outside the UK/EU.

Where this occurs, we ensure appropriate safeguards are in place, such as:

  • Standard Contractual Clauses (SCCs);
  • Transfers to countries with adequate protection levels;
  • Contracts requiring appropriate data protection standards.
11. DATA RETENTION

We retain personal data only as long as necessary:

  • Enquiry data: until the enquiry is resolved or no longer relevant
  • Client data: for the duration of the contract and as required for legal/tax purposes
  • Review/analytics data: as needed for reporting purposes

Retention is determined based on:

  • contractual necessity;
  • legal obligations;
  • business record-keeping requirements.
12. DATA SECURITY

We implement appropriate technical and organisational measures, including:

  • Secure hosting infrastructure
  • SSL encryption (HTTPS)
  • Access controls
  • Password-protected systems
  • Secure cloud services
  • Regular software updates
  • Data minimisation practices
13. CHILDREN’S DATA

Our website and services are not intended for individuals under 18.
We do not knowingly collect personal data from children.

14. YOUR RIGHTS

Under UK GDPR, you have the right to:

  • access your personal data;
  • request correction of inaccurate data;
  • request deletion of your data;
  • object to processing;
  • restrict processing;
  • request data portability;
  • withdraw consent (where applicable).

To exercise your rights, please contact us at: [Insert Email]

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection matters.

You can contact the ICO via their website: https://www.ico.org.uk

We would, however, appreciate the opportunity to address your concerns before you approach the ICO, so please contact us in the first instance.

15. PROCESSING ON BEHALF OF CLIENTS

When we provide reputation management services, we process personal data (such as review content) on behalf of our clients.

In these cases:

  • we act as a Data Processor;
  • our clients act as Data Controllers;
  • processing is governed by a Data Processing Agreement (DPA).

We only process such data in accordance with client instructions and applicable law.

16. THIRD-PARTY PLATFORMS

As part of our services, we access and interact with third-party review and online platforms (e.g. Google Business Profile, Facebook Reviews, Trustpilot, TripAdvisor and similar services) strictly on the basis of authorisation provided by our clients.

In this context:

  • we act on behalf of our clients and process data in accordance with their instructions;
  • we access platform data via delegated permissions or authorised account access;
  • we do not own or control the data hosted on these platforms;
  • we do not create, modify, or control customer reviews or third-party content.

Our role is limited to monitoring, analysing, and (where authorised) responding to reviews in line with client instructions and agreed guidelines.

The operation, availability, data handling practices, and policies of third-party platforms are outside our control. Each platform acts as an independent data controller and is governed by its own terms and privacy policies.

We are not responsible for:

  • the content, accuracy, or legality of third-party reviews;
  • decisions made by platform operators (including content moderation, removals, or algorithmic changes);
  • any data processing carried out independently by such platforms.

Clients remain responsible for their use of third-party platforms and for ensuring they comply with applicable laws and platform terms when engaging our services.

17. MARKETING COMMUNICATIONS

We may introduce marketing communications in the future.

Where we do:

  • users will be required to opt in;
  • communications will include an unsubscribe option;
  • consent can be withdrawn at any time.
18. CHANGES TO THIS POLICY

We may update this Privacy Policy from time to time.

Any updates will be posted on this page with a revised “Last updated” date.

19. CONTACT

If you have any questions about this Privacy Policy or your data, please contact:

Email: [Insert Email]
Address: [Insert Address]