Effective Date: 7/11/2019


This Privacy Policy covers our collection, use and disclosure of information we collect through our services: Revulytics Compliance Intelligence and Revulytics Usage Intelligence. The use of information collected through our services shall be limited to the purpose of providing the service for which the Client has engaged Revulytics, Inc. (“Revulytics”). We will not share your personal information with third parties other than as outlined in this privacy policy.

Revulytics participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework. Revulytics is committed to subjecting all personal data received from European Union (EU) member countries and Switzerland, in reliance on the Privacy Shield Frameworks, to the Frameworks’ applicable Principles. To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce’s Privacy Shield List https://www.privacyshield.gov/list.

Revulytics is responsible for the processing of personal data it receives, under the Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. Revulytics complies with the Privacy Shield Principles for all onward transfers of personal data from the EU, including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to the Privacy Shield Framework, Revulytics is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, Revulytics may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
Under certain conditions, more fully described on the Privacy Shield website https://www.privacyshield.gov, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.

Data Collection and Use

Revulytics clients use its Revulytics Compliance Intelligence product to collect application use data to ensure compliance to their license agreements. Our clients may collect personal information including username, user email address, and computer hostname. This information is managed and controlled by Revulytics clients and its use is covered within their privacy policies.
Revulytics Usage Intelligence gathers certain information automatically. This information may include Internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and/or clickstream data.


We collect information for our clients, if you are a customer of one of our Clients and would no longer like to be contacted by one of our Clients that use our service, please contact the client that you interact with directly. If you are a Client and would like to update your account please contact us at privacypolicy@revulytics.com.

Service Provider, Sub-Processors/Onward Transfer

Revulytics may transfer personal information to companies that help us provide our service. Transfers to subsequent third parties are covered by the provisions in this Policy regarding notice and choice and the service agreements with our Clients.

Access to Data Controlled by our Clients

Revulytics acknowledges that you have the right to access your personal information. The Clients of Revulytics control the scope of information collected by Revulytics software and access to the same. An individual who seeks access to, or who seeks to correct, amend, or delete inaccurate data should direct his or her query to the software vendor who authorized the collection of such data (the data controller). If you are a software license holder engaged with a third party software vendor for monitoring services and wish to access, correct or delete your personal information please contact that third party vendor directly. A Client who seeks to correct, amend, or delete inaccurate data should we hold about them should contact us at privacypolicy@revulytics.com.
If a Client requests Revulytics to remove personally identifiable data stored on Revulytics systems or website, we will respond to their request within 30 business days.

Data Retention

Revulytics will retain personally identifiable data, if any, which we process on behalf of our Clients for as long as needed provide services to our Client. Revulytics will retain and use this personally identifiable information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.


The security of the personal information that may be collected by our clients’ is important to us. Revulytics leverages secure socket layer technology (SSL) and standards based encryption to protect data collected with its technology. Some clients leverage Revulytics reporting application built using Salesforce.com Force.com application development environment to store and control access to data. Please refer here (https://www.salesforce.com/products/platform/services/) for more information on the security of the Force.com platform.
Our technology follows generally accepted standards to protect the personal information submitted to us, both during transmission and once we receive it. No method of transmission over the Internet, or method of electronic storage, is 100% secure, however. Therefore, we cannot guarantee its absolute security. If you have any questions about security on our Web site, you can contact support@revulytics.com.

Material Changes

We may update this privacy statement to reflect changes to our information practices. If we make any material changes we will notify you or our Client by email (sent to the e-mail address specified in your account) or by means of a notice on this Site prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.

Legal Disclosure

We may also disclose personal information as required by law, such as to comply with a subpoena, or similar legal process when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request, to any other third party with your prior consent to do so.

Business Transition

In the event Revulytics goes through a business transition, such as a merger, acquisition by another company, or sale of all or a portion of its assets, your personally identifiable information will likely be among the assets transferred. You will be notified via email or prominent notice on our Web site for 30 days of any such change in ownership or control of your personal information.

Contact Us

To give Revulytics feedback on its privacy policy. You may contact us via email at privacypolicy@revulytics.com and may also contact us via postal mail at Revulytics, 130 Turner Street, Building 3, Waltham, Massachusetts 02453, ATTN: Privacy Policy.