Privacy Policy

Last updated: 17 November 2025

This Privacy Policy explains how Revisor, LLC, a company organized under the laws of the Kingdom of Saudi Arabia ("Revisor", "we", "us"), collects, uses, and shares information when you use the Revaizor application security platform and related services (collectively, the "Service").

1. Information We Collect

The specific information we collect depends on how you interact with the Service. In general, we collect:

  • Account information such as your name, email address, organization details, and authentication information.
  • Billing and subscription data such as plan details, invoices, and limited payment-related information (full card details are handled by payment processors, not us).
  • Usage and log data such as IP addresses, device and browser information, timestamps, API calls, and tool usage history.
  • Assessment data and Customer Content such as repositories, source code, binaries, configuration files, reports, findings, and other artifacts you submit or cause the Service to process for security assessment purposes.
  • Support and communications such as messages, tickets, and contact details when you reach out for help.

2. How We Use Information

We use the information we collect for the following purposes:

  • To provide, operate, and secure the Service.
  • To run security assessments, generate reports, and deliver results to you and your organization.
  • To maintain and improve the Service, including debugging, monitoring, and developing new features.
  • To communicate with you, including service-related notifications, administrative messages, and, where permitted, informational updates.
  • To comply with legal obligations and enforce our Terms of Service, including preventing abuse or misuse of the Service.

Where required by law, we rely on appropriate legal bases such as your consent, the performance of a contract, our legitimate interests, or compliance with a legal obligation.

3. How We Share Information

We do not sell your personal data. We may share information in limited circumstances, including:

  • Service providers who process data on our behalf (for example, cloud infrastructure, storage, LLM/AI providers, payment processors, logging and monitoring tools, and email providers).
  • Your organization, where assessment results and usage data are visible to other authorized users within your team or company.
  • Legal and safety reasons where we believe disclosure is reasonably necessary to comply with law, respond to lawful requests, or protect our rights, users, or the public.
  • Business transfers in connection with a merger, acquisition, or similar transaction, subject to appropriate confidentiality protections.

4. International Transfers

Revisor, LLC is based in the Kingdom of Saudi Arabia. Depending on your location, your information may be transferred to and processed in Saudi Arabia and other countries where we or our service providers operate. These locations may have data protection laws that differ from those in your jurisdiction. Where required, we implement appropriate safeguards to protect personal data during such transfers.

5. Data Retention

We retain information for as long as necessary to provide the Service, comply with legal obligations, resolve disputes, and enforce agreements. In general:

  • Account and billing data are retained while your account is active and for a reasonable period thereafter, as required by law.
  • Logs and operational data are retained for security, troubleshooting, and auditing purposes for limited periods, then aggregated or deleted.
  • Customer Content and assessment outputs are retained according to your organization's configuration, applicable contracts, or our internal policies.

6. Your Rights and Choices

Depending on your jurisdiction, you may have certain rights regarding your personal data, such as the right to access, correct, delete, or restrict processing of your data, or to object to certain uses. You may also have the right to withdraw consent where processing is based on consent and the right to lodge a complaint with a relevant supervisory authority.

To exercise these rights, please contact us using the contact information provided in the Service or on our website. We may need to verify your identity before processing your request and may be unable to fully comply where legal or contractual obligations require us to retain certain data.

7. Security

We implement technical and organizational measures designed to protect information from unauthorized access, loss, misuse, or alteration. However, no system is perfectly secure. You are responsible for keeping your credentials confidential, enabling multi-factor authentication where available, and limiting access to authorized personnel.

8. Children's Privacy

The Service is not intended for use by children under 18 years of age. We do not knowingly collect personal data from children under 18. If we become aware that such data has been collected, we will take steps to delete it.

9. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date above and, where required, provide additional notice (for example, in-product or via email). Your continued use of the Service after an updated Policy becomes effective signifies your acceptance of the changes.

If you or your organization have a separate written data protection agreement or privacy terms with Revisor, LLC governing your use of the Service, those terms will prevail to the extent of any conflict with this online Privacy Policy.