Reveqa
Privacy

Privacy & Your Rights

Last updated: 20 May 2026 · DPDP Act 2023 (India) · GDPR (EU) · UAE PDPL

Reveqa ("we", "us") is a B2B visitor-identification platform. We help our customers understand which companies visit their websites. This page summarises what we collect, why, and how you can exercise your rights under the Indian DPDP Act 2023, the European GDPR, and the UAE Personal Data Protection Law.

Data we collect

  • IP address, browser/device metadata, page interactions, timestamps.
  • Anonymous identifier (random ID stored locally on your device).
  • Hashed email address when you voluntarily submit a form.
  • Behavioural fingerprint (a probabilistic signal, not a unique identifier).

Data we receive from third parties (GDPR Art. 14)

When a business visits a customer's website, we may supplement identification with data from B2B enrichment providers (e.g. FullEnrich, Apollo, Lusha, Clearbit) and public business sources (company websites, LinkedIn pages).

  • Categories — business contact data only: name, business email, job title, company, company firmographics, LinkedIn profile URL. No special-category data.
  • Purpose & legal basis— identifying business visitors and surfacing likely business contacts for our customers' B2B sales outreach, under legitimate interest (Art. 6(1)(f)); our balancing test applies to business-capacity data only.
  • Sources — the enrichment providers above and publicly available business profiles.
  • Retention — kept only as long as the account needs it; deletable on request.
  • Your rights — access, rectification, erasure, restriction, objection (especially to direct marketing), and portability. Contact privacy@reveqa.com; you also have the right to complain to a supervisory authority.

Person-level enrichment is only activated for EU data subjects where a lawful basis exists.

Purposes

  • Identify the companybehind a visit so our customer's sales team can follow up.
  • Score intent — rank visitors by purchase likelihood.
  • Aggregate analytics — count visits per site (no PII).
  • We do not sell personal data and do not use it for cross-site advertising.

Retention

Raw event data is retained for 365 days unless you request earlier deletion. Aggregated analytics may be retained longer in anonymised form.

Your rights

  • Access — get a copy of all data we hold about you.
  • Correction — ask us to fix inaccurate data.
  • Erasure — ask us to hard-delete your visitor record.
  • Withdraw consent — anytime, from the cookie banner.
  • Grievance redressal — write to our DPO (below).

Contact our DPO

Data Protection Officer · dpo@reveqa.com

Cookies we use

  • viq_anon — anonymous visitor ID (localStorage).
  • viq_consent_v1 — your consent preferences (localStorage).

Third-party processors

  • Cloud hosting and infrastructure provider.
  • Email delivery (SMTP provider).
  • Company enrichment APIs (third-party data enrichment providers — when configured).
Exercise your data rights
Submit an access or deletion request and we'll respond within 30 days.
Submit a data request
Full Privacy PolicyTerms of ServiceCancellation & Refund