Last updated April 9, 2026

Privacy Policy

Revv AI Inc. is committed to protecting the privacy of dental practices and their patients. This policy explains how we collect, use, and safeguard information when you use our platform.

1. Who We Are

Revv AI Inc. provides an AI-powered front desk platform for dental practices, including automated phone answering, SMS appointment reminders, and review generation. We act as a Business Associate under HIPAA when processing Protected Health Information (PHI) on behalf of covered dental practices.

2. Information We Collect

From dental practices (our customers)

  • Account information: name, email address, practice name, billing details
  • Practice configuration: business hours, services, insurance plans, custom AI instructions
  • Assigned Twilio phone number

From patients (on behalf of practices)

  • Phone numbers and names collected during calls or texts
  • Appointment details: date, time, service type, provider name
  • Call transcripts and SMS conversation logs
  • Sentiment responses to post-appointment review requests

Automatically collected

  • Usage data, browser type, and IP address when accessing the dashboard
  • Call metadata: duration, timestamps, outcome
  • Error logs and performance diagnostics

3. How We Use Information

  • Operate and improve the Revv AI platform
  • Answer inbound calls and texts on behalf of practices
  • Send appointment reminders and review requests to patients
  • Generate analytics in the practice dashboard
  • Process payments and manage subscriptions
  • Provide customer support
  • Comply with legal obligations
We do not sell patient data to third parties. We do not use patient PHI to train AI models without explicit written consent.

4. HIPAA Compliance

Revv AI acts as a Business Associate under HIPAA for covered dental practices. We implement appropriate administrative, physical, and technical safeguards for PHI; limit uses and disclosures to those permitted under HIPAA; and report breaches as required by the HIPAA Breach Notification Rule. Enterprise plan customers may request a Business Associate Agreement (BAA) at privacy@revvai.com.

5. Data Sharing

We share information only with: (a) service providers including Twilio, Anthropic, Deepgram, ElevenLabs, Supabase, and Stripe — each bound by data processing agreements; (b) law enforcement when required by law; (c) a successor entity in the event of a merger or acquisition; and (d) anyone else only with your explicit consent.

6. Data Retention

  • Call transcripts and SMS logs: 12 months, then deleted
  • Account data: duration of subscription plus 90 days after cancellation
  • Billing records: 7 years as required by law
You may request deletion of your data at any time by emailing privacy@revvai.com.

7. Security

We use encryption in transit (TLS 1.2+) and at rest (AES-256), role-based access controls, audit logging, and regular security assessments. No transmission over the internet is 100% secure — we cannot guarantee absolute security but will promptly notify you of any breach affecting your data.

8. Cookies

We use strictly necessary cookies to maintain your login session. We do not use advertising trackers or third-party analytics cookies. Disabling cookies in your browser may prevent you from logging in.

9. Your Rights

Depending on your location, you may have the right to access, correct, delete, or port your personal data, and to object to or restrict certain processing. To exercise any of these rights, email privacy@revvai.com. We will respond within 30 days.

10. Changes to This Policy

We may update this policy from time to time. We will notify customers of material changes via email or a dashboard notice at least 14 days before they take effect. Continued use after the effective date constitutes acceptance.

11. Contact

For privacy questions or data requests, email privacy@revvai.com.