Privacy Policy

Account Information

When you create an account, we collect your name, email address, clinic name, and contact information.

Call Data

During calls, REVA processes speech in real-time to understand intent. By default, we store only metadata (call duration, detected intent, actions taken) without audio recordings.

Usage Data

We collect information about how you use our service, including feature usage, call volumes, and system performance metrics.

Call Recordings

Audio is processed in real-time and discarded. We don't store voice recordings by default.

Patient Health Information (PHI)

REVA handles scheduling, not clinical data. We don't ask for or store diagnoses, treatments, or medical history.

Biometric Data

We don't use voice fingerprinting or biometric identification.

To Provide Our Service

We use your information to operate REVA, process calls, schedule appointments, and provide customer support.

To Improve Our Service

We analyze aggregate, anonymized usage patterns to improve REVA's accuracy and features. We do NOT use your clinic's call data to train AI models.

To Communicate With You

We may send you service updates, security alerts, and (with your consent) product announcements.

Configurable Retention

You control how long call data is retained. Default retention is 30 days. Enterprise customers can configure custom retention windows.

Data Export

You can export your data at any time in standard formats. Contact support for bulk exports.

Data Deletion

Request deletion of your data at any time. We will process deletion requests within 30 days, subject to legal retention requirements.

Your Country, Your Data

Canadian clinics have data stored in Canada. US clinics have data stored in the United States. We maintain separate infrastructure and never transfer data across borders.

HIPAA Awareness

REVA is designed with HIPAA-aware workflows. We do not claim blanket HIPAA compliance; instead, we provide the tools and documentation needed for your compliance program.

PHIPA Compliance

For Canadian clinics, we maintain PHIPA compliance with data stored exclusively in Canada.

Business Associate Agreements

BAAs are available for Enterprise customers. Contact contact@justreva.com with subject 'Business Associate Agreement Request' to discuss your requirements.

No PHI in Demo Mode

Demo mode uses synthetic data only. Please do not share real patient health information during demos.

Encryption in transit (TLS 1.3) • Encryption at rest (AES-256) • Role-based access control • Audit logging for all actions

Infrastructure Partners

We work with enterprise-grade cloud and communications providers to deliver the service. All partners operate under signed Business Associate Agreements (BAAs) where applicable.

No Third-Party Training

Your data is never shared with third parties for model training. Voice is processed in real-time without retention.

What We Use

We use cookies and similar technologies to keep you logged in, remember your preferences, and understand how you use the product. We use Google Analytics (GA4) for website usage analytics and Meta Pixel for measuring the effectiveness of our outreach. These tools may set cookies on your device. You can manage your cookie preferences using the consent banner on our site, or disable cookies in your browser settings. We do not sell your data to third parties or use cross-site tracking for ad retargeting.

Access & Correction

You can access and correct your account information at any time through your dashboard or by contacting support.

Opt-Out

You can opt out of non-essential communications at any time. Some service-related communications are required for account operation.

California Residents

California residents have additional rights under CCPA. Contact contact@justreva.com for CCPA-specific requests.