Privacy policy
This policy explains how Rava Reviews handles information for merchants, merchant staff, shoppers, reviewers, website visitors, and support contacts.
Last updated: June 23, 2026
Who we are and when this policy applies
Rava Reviews is provided by Ravanix Technologies L.L.C-FZ. This policy applies to the Rava Reviews website, Shopify app, embedded admin surfaces, review widgets, review request flows, APIs, help center, support channels, and related services.
Contact details for privacy and support: Ravanix Technologies L.L.C-FZ, Meydan Grandstand, 6th floor, Meydan Road, Nad Al Sheba, Dubai, U.A.E.. Privacy: admin@ravanix.app. Support: admin@ravanix.app. Security: security@ravanix.app. Website: https://www.ravanix.app.
This policy is written for merchants, merchant staff, shoppers, reviewers, website visitors, and people who contact us. A merchant’s own privacy policy also applies to the merchant’s store and customer relationship.
Our privacy roles
For personal data that a merchant controls through its Shopify store, orders, customers, review requests, reviews, media, imports, exports, and storefront widgets, Rava Reviews generally acts as a processor, service provider, or similar role under applicable privacy laws. We process that data to provide the app and follow the merchant’s lawful instructions, Shopify platform requirements, and this policy.
For our own website, support, sales, security, billing operations, admin user access, product analytics, and legal compliance, Rava Reviews may act as a controller or business. In those cases we decide why and how the data is used.
If a shopper or reviewer contacts us directly about data collected for a merchant, we may need to route the request to the merchant or ask the merchant to verify the relationship before acting.
Information we collect from Shopify and merchants
When a merchant installs or uses Rava Reviews, we may process store identity, shop domain, access scopes, app installation status, merchant staff/session details, products, variants, product images, themes, metaobjects, discounts, review settings, widget settings, email templates, localization settings, analytics, and app configuration.
Depending on the app permissions granted and features used, we may process customer and order data such as customer name, email, phone, order identifiers, order status, fulfillment/delivery timestamps, products purchased, line items, currency, totals, and other order-related fields needed to send review requests, verify reviews, create discount incentives, and operate review workflows.
We also process support messages, contact form submissions, admin uploads, import files, export files, app logs, webhook payloads, security events, and merchant instructions related to setup, billing, migration, privacy, security, and support.
Information from shoppers and reviewers
When shoppers receive review requests, submit reviews, unsubscribe, resubscribe, upload photos or videos, interact with review widgets, or use review links, we may process their name, email address, review rating, review text, language, product and variant reviewed, order or line item relationship, verification status, media files, public display name, merchant reply, translations, timestamps, unsubscribe status, and related technical records.
When a reviewer submits a review, the review content, rating, display name, media, verification label, merchant reply, and related public review details may be publicly posted and shared online through merchant storefronts, review widgets, search engines, social media, marketing materials, syndicated review surfaces, and other channels the merchant configures or authorizes.
Review media can contain personal data, including faces, voices, location clues, household details, or other information included by the reviewer. Merchants are responsible for collecting appropriate permissions before publishing review content and media on their stores.
We do not intentionally collect government identifiers, payment card numbers, health data, precise geolocation, children’s data, or other sensitive personal data through review forms. Merchants and reviewers should not submit sensitive data in reviews, media, support messages, imports, or templates.
How we use information
We use information to install and authenticate the app, sync Shopify data, collect and verify reviews, send review request and reminder emails, manage unsubscribe and resubscribe choices, moderate reviews, publish widgets, translate review content, generate merchant-facing AI suggestions or summaries, create discount incentives when configured, import and export reviews, provide analytics, maintain security, prevent abuse, troubleshoot issues, and support merchants.
We may use aggregated or de-identified information to understand product usage, diagnose reliability issues, improve features, and communicate about Rava Reviews. We do not use merchant-controlled shopper data to build unrelated consumer profiles.
Where AI or translation features are enabled, selected review text, ratings, language, public names, merchant instructions, and related context may be sent to AI or translation service providers to provide moderation, reply drafting, scoring, summarization, or translation features. AI output should be reviewed by the merchant before public use when it affects published content.
Legal bases and merchant responsibility
For merchant-controlled data, the merchant is generally responsible for identifying the legal basis for collection and use, such as contract performance, legitimate interests, consent, or legal obligations. Rava Reviews processes that data on the merchant’s behalf to provide the app.
For Rava-controlled data, we rely on legal bases such as providing requested services, performing contracts, legitimate interests in operating and securing the service, consent where required, and compliance with legal obligations.
Merchants are responsible for configuring review request timing, email content, incentives, storefront notices, consent tools, and their own privacy policy so they match the laws that apply to their store and customers.
International transfers
Rava Reviews and its providers may process information in countries other than where the merchant, shopper, or reviewer is located. These countries may have different privacy laws.
For European, UK, and Swiss personal data, transfers are supported by appropriate safeguards where required, such as standard contractual clauses, data processing terms, adequacy decisions, or equivalent mechanisms.
Retention and deletion
We keep merchant account, store, product, order, customer, review, media, settings, import/export, unsubscribe, support, and security data for as long as needed to provide Rava Reviews, comply with legal obligations, resolve disputes, protect security, and maintain business records.
After a verified deletion request, Shopify compliance webhook, or app uninstall redaction workflow, Rava Reviews deletes or redacts applicable personal data within 30 days unless retention is legally required. Backups expire or are overwritten within 90 days. Legal, billing, security, and abuse-prevention records may be kept longer when required or reasonably necessary.
Imported files, exported files, review media, generated AI artifacts, translations, and logs follow the same retention principles. Merchants should remove content they no longer have permission to display.
Privacy rights and requests
Depending on location, individuals may have rights to access, know, delete, correct, export, restrict, object, withdraw consent, opt out of sale or sharing, limit use of sensitive personal information, or complain to a regulator. These rights can vary and may be subject to exceptions.
Merchants can contact us for account, app, support, and merchant-controlled data requests. Shoppers and reviewers should first contact the merchant store that collected the review or order data. If they contact us directly, we will help route or process the request according to our role and verification requirements.
California residents may request information about categories of personal information collected, sources, purposes, disclosures, and rights. Rava Reviews does not knowingly sell or share personal information as those terms are used for cross-context behavioral advertising. We do not discriminate against individuals for exercising privacy rights.
Security
We use administrative, technical, and organizational safeguards intended to protect information, including encrypted transport, restricted access, separation of secrets from public code, service-provider review, logging, and encryption for sensitive customer/order fields where configured.
No online service is perfectly secure. Merchants should use strong Shopify/admin credentials, restrict staff access, configure only necessary app permissions, and promptly report suspected security issues through the contact details above.
Changes to this policy
We may update this policy to reflect product, legal, vendor, or operational changes. Material changes will be posted on this page or communicated through the service where appropriate.
We review this policy against the app permissions, production vendors, support channels, data retention procedures, and data-rights implementation used by Rava Reviews.
