Privacy Policy

Reveelo B.V.

Last updated: 9 July 2026

1. Who we are

Reveelo B.V. (“Reveelo”, “we”, “us”, or “our”) is a company based in the Netherlands. We are developing and operating a business-to-business analytics tool that helps companies analyse their organic search performance and understand where to focus their search optimisation efforts.

Our service uses multiple analysis methods to explain organic search results and performance patterns. Where a customer authorizes access to Google Ads, we may also analyse historical Google Ads account data, such as keyword, campaign, landing page, cost, and conversion performance, to create private insights and suggestions for that customer. We use this data only for the purposes described in this Privacy Policy and in accordance with applicable law.

For the personal data described in this Privacy Policy, Reveelo B.V. may act as a data controller for our own website, account, commercial, and administrative activities. When we process customer-authorized organic search, website, Google Ads, or related platform data on behalf of a business customer, we generally act as a data processor or service provider.

2. Scope of this Privacy Policy

This Privacy Policy explains how we collect, use, store, share, and protect personal data when you:

  • visit our website;
  • contact us, request information, or sign up for updates;
  • create or use a Reveelo account;
  • connect Google Ads, organic search data, website analytics, or another supported platform to Reveelo;
  • communicate with us for support, billing, security, or commercial purposes.

This Privacy Policy does not replace any privacy notice provided by our business customers to their own employees, users, advertisers, website visitors, or end customers. Where a customer connects data sources to Reveelo, that customer remains responsible for having a valid legal basis and providing any required notices for the data it chooses to connect, upload, or make available to Reveelo.

3. Personal data and data we collect

We may collect the following categories of data, depending on how you interact with Reveelo.

3.1 Information you provide directly

This may include your name, work email address, company name, job title, phone number, login details, billing details, form submissions, support requests, and other information you choose to send to us.

3.2 Account and service data

This may include account settings, user roles, subscription information, workspace or organization details, product usage records, and records of your interactions with the service.

3.3 Organic search, website, and SEO-related data

When a customer uses Reveelo to analyse organic search performance, we may process data such as website URLs, pages, page titles, meta information, search queries, landing pages, impressions, clicks, rankings, average position, technical search signals, content signals, and other performance or diagnostic data made available by the customer or connected sources.

This data is usually business and website performance data, but it may contain personal data if, for example, URLs, page content, search queries, file names, form data, account names, or labels include information relating to an identifiable person.

3.4 Google Ads and connected platform data

If you or your organization authorizes Reveelo to connect to Google Ads or another supported platform, we may access and process the data made available through that connection. Depending on the permissions granted and the product features used, this may include:

  • Google Ads customer IDs, account identifiers, and account settings;
  • campaign, ad group, ad, keyword, search term, asset, audience, budget, bidding, and conversion information;
  • historical performance and reporting metrics, such as impressions, clicks, costs, conversions, conversion values, and related reporting dimensions;
  • landing page, keyword, recommendation, and configuration data needed to provide organic search analysis, reporting, and suggestion features.

We use Google Ads data to support customer-facing analysis and suggestion-making, for example to help identify keyword opportunities, paid versus organic gaps, landing page priorities, demand patterns, and potential areas for organic search optimisation. We do not ask for or store your Google account password.

3.5 Technical and usage data

We may collect technical information such as IP address, device information, browser type, operating system, timestamps, log files, authentication records, error reports, and information about how users interact with our website or application.

3.6 Cookies and similar technologies

Our website may use cookies or similar technologies. Some cookies are necessary for the website to function. Optional analytics or marketing cookies will only be used where permitted by law and, where required, after consent.

4. How we collect data

We collect data in the following ways:

  • directly from you when you complete forms, create an account, contact us, or use the service;
  • automatically when you visit our website or use the application;
  • from Google Ads or other connected platforms after an authorized user grants the required permissions;
  • from customer-provided files, URLs, website data, or connected search and analytics sources;
  • from service providers that help us operate, secure, or improve the service.

5. How we use data

We use data for the following purposes:

  • to provide, operate, maintain, and secure our website and services;
  • to create and manage user accounts and customer workspaces;
  • to enable authorized integrations with Google Ads and other supported platforms;
  • to analyse organic search performance and explain what may be driving changes or gaps;
  • to compare organic search data with historical Google Ads performance where the customer has authorized that connection;
  • to generate dashboards, reports, insights, recommendations, and suggested focus areas for organic search optimisation;
  • to troubleshoot integrations, errors, and service issues;
  • to respond to inquiries and provide customer support;
  • to manage billing, subscriptions, contracts, and administrative records;
  • to detect, prevent, and investigate fraud, misuse, security incidents, and technical problems;
  • to comply with legal obligations and enforce our agreements.

We do not use customer Google Ads data to run advertising campaigns, create advertising audiences, retarget users, or sell data to advertisers, data brokers, or other third parties.

6. Google API data and Limited Use

Reveelo only accesses Google Ads data after an authorized user grants permission through Google or another approved authorization flow. You can revoke access through your Google account settings or, where available, through Reveelo product settings.

We request only the permissions that are reasonably necessary to provide the relevant customer-facing features. We use Google Ads data only to provide or improve user-facing features requested by the customer or authorized user, such as organic search analysis, historical performance review, dashboards, reports, recommendations, and troubleshooting related to the connected account.

Reveelo does not sell Google Ads data. We do not transfer, sell, or use Google Ads data for serving ads, retargeting, personalized advertising, or interest-based advertising. We do not use Google Ads data to train general AI or machine-learning models. We do not transfer Google Ads data to third parties except as necessary to provide or secure the service, comply with law, or as otherwise instructed or authorized by the customer.

Human access to Google Ads data is limited to authorized personnel and service providers where needed to provide support, investigate security or technical issues, comply with law, or maintain the service. Reveelo’s use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

7. Legal bases for processing

Where the General Data Protection Regulation (GDPR) applies, we rely on one or more of the following legal bases:

  • Performance of a contract: to provide the service, manage accounts, process subscriptions, and support customers.
  • Legitimate interests: to secure, maintain, improve, and administer our services, prevent misuse, and communicate with business contacts, provided those interests are not overridden by individual rights and freedoms.
  • Consent: where we ask for consent, such as for optional cookies, certain marketing activities, or specific authorization flows.
  • Legal obligation: where we need to process or retain information to comply with applicable laws, accounting rules, tax rules, or lawful requests.

When Reveelo processes customer-authorized search, website, Google Ads, or related platform data as a processor, the customer is responsible for determining the appropriate legal basis for the data it makes available to Reveelo.

8. How we share data

We do not sell personal data. We may share personal data only where necessary and appropriate, including with:

  • hosting, infrastructure, database, security, monitoring, analytics, and support providers that help us operate the service;
  • payment, billing, accounting, legal, and professional service providers;
  • Google and other connected platforms when required to enable or maintain an integration requested by the customer;
  • competent authorities, regulators, courts, or law enforcement where required by law or necessary to protect rights, safety, or legal claims;
  • a successor or potential successor in connection with a merger, acquisition, financing, restructuring, or sale of assets, subject to appropriate safeguards.

Where service providers process personal data on our behalf, we seek to use appropriate contractual, technical, and organizational safeguards. A subprocessor list may be made available upon request or through our website once the service is publicly launched.

9. International data transfers

Reveelo is based in the Netherlands. Some of our service providers may process or store personal data outside the European Economic Area. Where this happens, we will use a lawful transfer mechanism and appropriate safeguards, such as an adequacy decision, standard contractual clauses, or another valid mechanism under applicable data protection law.

10. Data retention

We retain personal data only for as long as reasonably necessary for the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.

In general:

  • account and customer administration data is retained while the account or customer relationship is active and for a reasonable period afterwards for legal, accounting, support, and dispute-resolution purposes;
  • organic search, website, Google Ads, and connected platform data is retained while the integration or customer workspace is active or as needed to provide the service, unless a customer requests deletion or the relevant agreement requires a different retention period;
  • access tokens and connection credentials are deleted or disabled when an integration is disconnected, unless retention is required for security, audit, or legal reasons;
  • technical logs are retained for a limited period needed for security, troubleshooting, and service reliability.

When personal data is no longer needed, we will delete it, anonymize it, or otherwise handle it in accordance with applicable law and our contractual obligations.

11. Security

We use technical and organizational measures designed to protect personal data against unauthorized access, loss, misuse, alteration, and disclosure. These measures may include access controls, least-privilege permissions, encryption in transit where supported, secure credential handling, monitoring, backups, and internal security practices.

No method of transmission or storage is completely secure. We cannot guarantee absolute security, but we work to protect personal data in a way that is appropriate to the nature of the data and the risks involved.

12. Your rights

Subject to applicable law, individuals may have the right to:

  • request access to personal data we hold about them;
  • request correction of inaccurate or incomplete personal data;
  • request deletion of personal data;
  • request restriction of processing;
  • object to certain processing based on legitimate interests;
  • request data portability where applicable;
  • withdraw consent where processing is based on consent.

To exercise these rights, contact us using the details in the Contact section. We may need to verify your identity before responding. If we process your data on behalf of one of our business customers, we may direct your request to that customer or assist the customer in responding.

You also have the right to lodge a complaint with a competent data protection authority. In the Netherlands, this is the Autoriteit Persoonsgegevens.

13. Cookies

Our website may use necessary cookies to make the site work properly. We may also use optional analytics, preference, or marketing cookies to understand website usage and improve our communications. Where consent is required, we will ask for it before placing those cookies. You can manage cookies through our cookie banner, where available, or through your browser settings.

14. Third-party services and websites

Our website or service may contain links to third-party websites or integrations with third-party services, including Google Ads. Those third parties may process personal data under their own privacy policies and terms. We are not responsible for the independent privacy practices of third parties.

15. Children

Reveelo is a business-to-business service and is not intended for children. We do not knowingly collect personal data from children under 16. If you believe a child has provided personal data to us, please contact us so we can take appropriate action.

16. Automated decision-making

Reveelo may generate analytics, reports, recommendations, or insights based on connected organic search, website, Google Ads, or related platform data. These outputs are intended to support business decision-making by the customer. We do not use personal data to make decisions based solely on automated processing that produce legal or similarly significant effects on individuals.

17. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our services, technology, legal obligations, or business practices. When we make changes, we will update the “Last updated” date above. If changes are material, we will take additional steps where required by law or applicable platform policy.

18. Contact

If you have questions about this Privacy Policy or how Reveelo handles personal data, please contact:

Reveelo B.V.
Email: marketing@reveelo.com