Privacy Policy

This Privacy Policy applies to personal information we process when:

You create or use a Reviewcook account; visit our website; subscribe to our services; communicate with us; receive support; sign up for newsletters, demos, or webinars; receive a review invitation, survey, reminder, or message sent through Reviewcook; leave a review, testimonial, comment, or feedback through Reviewcook; interact with our ads, emails, cookies, or integrations; or work with us as a customer, vendor, partner, contractor, or business contact.

Where Reviewcook processes personal information on behalf of a business customer, we may act as a processor, service provider, or data intermediary, depending on the applicable law. In that case, the business customer is usually responsible for deciding why and how the personal information is processed, and Reviewcook processes it according to the customer's instructions, our contract, and applicable law.

Depending on how you interact with us, we may collect the following categories of personal information.

Account and contact information

This may include your name, business name, job title, email address, phone number, postal address, username, password or authentication credentials, profile information, and communication preferences.

Business and billing information

This may include company details, tax or billing information, subscription plan, invoices, payment status, transaction records, and payment method details. We generally use third-party payment processors and do not intentionally store full payment card numbers unless expressly stated.

Review, feedback, and message information

This may include review content, ratings, survey responses, testimonials, feedback, message history, customer identifiers, and customer contact details.

Customer data submitted by Reviewers

In the event that Customer data is submitted by Reviewers, Business customers are responsible for ensuring they have appropriate rights, notices, consents, permissions, and lawful bases to provide this information to Reviewcook and to use Reviewcook to contact individuals.

Usage, device, and technical information

This may include IP address, device identifiers, browser type, operating system, referring URLs, pages viewed, features used, dates and times of activity, log data, cookie identifiers, approximate location derived from IP address, and diagnostic information.

Communications and support information

This may include messages you send us, chat transcripts, call recordings or notes where permitted, support tickets, feedback, survey responses, attachments, and information needed to respond to your request.

Marketing and preference information

This may include your marketing preferences, event registrations, newsletter subscriptions, ad interactions, cookie choices, and opt-out records.

Integration and platform information

If you connect Reviewcook to third-party platforms, such as review sites, customer relationship management tools, booking systems, e-commerce platforms, messaging providers, analytics tools, or social media accounts, we may process information from those integrations according to your settings and our agreements with those providers.

Sensitive personal information

We do not intentionally request or require sensitive personal information, such as government identification numbers, precise geolocation, racial or ethnic origin, religious beliefs, health information, biometric data, or financial account credentials, unless specifically disclosed and necessary for a particular service. Please do not submit sensitive personal information through Reviewcook unless we expressly request it and you have the right to provide it.

We may collect personal information from:

You directly; your employer or organization; our business customers; individuals who submit reviews or feedback; third-party integrations you enable; service providers; payment processors; analytics and advertising partners; publicly available sources, such as public review pages or business directories; and other sources you authorize or that are permitted by law.

We use personal information for the purposes described below.

1. Create accounts, deliver subscriptions, manage dashboards, send review requests, process reviews, provide analytics, and maintain integrations.
2. Respond to inquiries, troubleshoot issues, and provide onboarding and support.
3. Send service messages, account notices, security alerts, invoices, and administrative updates.
4. Collect, display, manage, analyze, or route reviews, ratings, testimonials, surveys, and customer feedback.
5. Debug, analyze usage, test features, improve performance, conduct research, train staff, and enhance user experience.
6. Detect abuse, protect accounts, investigate suspicious activity, enforce terms, and prevent unauthorized access.
7. Process payments, maintain accounting records, manage subscriptions, and enforce contracts.
8. Send newsletters, product updates, offers, events, or advertising, subject to opt-out and consent requirements.
9. Comply with laws, respond to lawful requests, enforce agreements, and establish or defend claims.
10. Generate suggested review responses, summarize feedback, classify sentiment, detect trends, or automate workflows.

We will not use personal information for purposes that are incompatible with the purposes for which it was collected unless we provide additional notice and, where required, obtain consent.

If you are a business customer using Reviewcook to connect integrations, or get/manage reviews, you are responsible for ensuring that:

You have provided appropriate privacy notices to individuals; you have a valid legal basis or consent where required; your use of Reviewcook complies with GDPR, CCPA/CPRA, Singapore PDPA, anti-spam laws, platform policies, and other applicable laws; you do not upload sensitive personal information unless allowed under your agreement with us; and you honor opt-outs, unsubscribe requests, withdrawal of consent, and deletion requests.

We and our service providers may use cookies, pixels, SDKs, local storage, and similar technologies to operate our website, remember preferences, authenticate users, improve services, measure performance, analyze traffic, prevent fraud, and, where enabled, deliver or measure advertising.

Cookies may include:

• Strictly necessary cookies, which are required for site functionality and security.
• Analytics and performance cookies, which help us understand how our website and services are used.
• Functional cookies, which remember settings and preferences.
• Advertising or targeting cookies, which may be used to deliver or measure ads or understand interactions across sites.

We will ask for your consent before using non-essential cookies. You can manage cookies through our cookie banner and browser settings.

We do not sell personal information or share personal information for cross-context behavioral advertising as those terms are defined under the CCPA.

We may disclose personal information to the following categories of recipients.

1. Service providers, processors, contractors, and data intermediaries. These include hosting providers, cloud infrastructure providers, email and messaging providers, payment processors, analytics providers, customer support tools, security vendors, CRM tools, and other vendors that process information for us.
2. Business customers. If you interact with Reviewcook because a business customer invited you to submit a review, feedback, or survey response, we may disclose your response and related information to that business customer.
3. Integration partners. If a customer connects Reviewcook to third-party services, we may disclose information to those services as instructed by the customer or user.
4. Professional advisers. We may disclose information to lawyers, auditors, insurers, bankers, accountants, and other professional advisers.
5. Authorities and legal parties. We may disclose information to regulators, law enforcement, courts, government authorities, or other parties where we believe disclosure is required or appropriate to comply with law, protect rights, prevent harm, enforce agreements, or respond to lawful requests.
6. Affiliates and corporate transactions. We may disclose information to affiliates or in connection with a merger, acquisition, financing, reorganization, sale of assets, bankruptcy, or similar transaction.

We may disclose information when you consent to or direct the disclosure. We require service providers and processors to handle personal information according to appropriate contractual, confidentiality, and security obligations.

We retain personal information only for as long as reasonably necessary for the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.

Retention periods depend on the type of information, the purpose of processing, contractual requirements, legal obligations, limitation periods, security needs, backup cycles, dispute resolution, and customer instructions. For your guidance, here are the information we retain:

1. Account information is generally retained while the account is active and for a reasonable period afterward.
2. Billing and transaction records may be retained as required for tax, accounting, and legal purposes.
3. Customer data processed on behalf of a business customer is retained according to the customer's settings, contract, deletion instructions, and our backup retention practices.
4. Marketing information is retained until you opt out or we determine it is no longer needed.
5. Security logs may be retained for a limited period to protect our services and investigate abuse.

When personal information is no longer needed, we will delete, anonymize, or securely dispose of it, unless retention is required or permitted by law.

We use reasonable administrative, technical, and organizational measures designed to protect personal information from unauthorized access, collection, use, disclosure, copying, modification, disposal, loss, misuse, or similar risks.

These measures may include access controls, encryption, logging, monitoring, staff training, vendor review, incident response procedures, and secure development practices. No system is completely secure, and we cannot guarantee absolute security.

You are responsible for maintaining the confidentiality of your login credentials and for using strong passwords and appropriate access controls within your organization.

If we become aware of a data breach involving personal information, we will assess the incident and take appropriate steps to contain, investigate, remediate, and notify affected parties where required by applicable law.

Where Singapore PDPA applies and a breach is notifiable, we will notify the PDPC and affected individuals as required. Where GDPR, CCPA/CPRA, or other laws apply, we will provide required notices to regulators, customers, or individuals within applicable timelines.

If Reviewcook processes personal information on behalf of a business customer, we will notify the customer in accordance with our agreement so the customer can meet its own legal obligations.

Depending on where you live and how we process your personal information, you may have rights to:

• Request access to personal information we hold about you.
• Request correction of inaccurate or incomplete personal information.
• Request deletion of personal information.
• Object to or restrict certain processing.
• Withdraw consent where processing is based on consent.
• Request portability of personal information.
• Opt out of marketing communications.
• Opt out of certain sales, sharing, or targeted advertising where applicable.
• Limit certain uses or disclosures of sensitive personal information where applicable.
• Lodge a complaint with a privacy regulator.

We may need to verify your identity before responding to your requests. We will respond within the time required by applicable law. Some rights are subject to exceptions, such as legal obligations, security requirements, confidential information, trade secrets, or rights of others.

If we process your personal information on behalf of a business customer, we may refer your request to that customer or ask you to contact the customer directly.

If GDPR applies, Reviewcook may act as a controller for account, website, billing, marketing, support, security, and business operations data. Reviewcook may act as a processor for personal information processed on behalf of business customers.

You may have the right to access, rectify, erase, restrict, object to processing, request portability, withdraw consent, and lodge a complaint with your local data protection authority.

Where we rely on legitimate interests, those interests may include operating and improving our services, securing our platform, supporting customers, preventing fraud, communicating with business contacts, and conducting ordinary business analytics and marketing, provided those interests are not overridden by your rights and freedoms.

Where we rely on consent, you may withdraw consent at any time without affecting processing that occurred before withdrawal.

We do not make decisions based solely on automated processing that produce legal or similarly significant effects concerning you unless we provide notice and comply with applicable legal requirements.

This section applies to California residents and supplements the rest of this Privacy Policy.

Categories of personal information collected

We may have collected the following CCPA categories of personal information mentioned above. We collect these categories from the sources and for the purposes described in this Privacy Policy.

California rights

California residents may have the right to request that we:

• Disclose the categories and specific pieces of personal information we collected about you.
• Disclose the categories of sources, purposes, and third parties involved in our processing.
• Delete personal information, subject to exceptions.
• Correct inaccurate personal information.
• Opt out of the sale or sharing of personal information.
• Limit the use and disclosure of sensitive personal information where applicable.
• Not discriminate against you for exercising your privacy rights.

Do Not Sell or Share My Personal Information

We do not sell personal information for money and do not share personal information for cross-context behavioral advertising as those terms are defined by the CCPA.

Limit the Use of My Sensitive Personal Information

We do not use or disclose sensitive personal information for purposes that require a right to limit under the CCPA.

Children under 16

We do not knowingly sell or share personal information of consumers under 16 years of age.

This section applies where Singapore's PDPA applies.

We collect, use, and disclose personal data for the purposes described in this Privacy Policy and for any other purposes notified to you at or before collection, or otherwise permitted by law.

Where consent is required, we will obtain consent before collecting, using, or disclosing personal data. You may withdraw consent by contacting us. We will inform you of the likely consequences of withdrawal and process the withdrawal within a reasonable time. Withdrawal may affect our ability to provide certain services.

You may request access to personal data we hold about you or request correction of inaccurate personal data by contacting our DPO. We may charge a reasonable fee for access requests where permitted and will inform you of any fee before processing the request.

We will make reasonable security arrangements to protect personal data in our possession or under our control, cease retention or anonymize personal data when it is no longer needed for legal or business purposes, and take steps to ensure comparable protection when transferring personal data outside Singapore.

If you have a concern about how we handle personal data, please contact our DPO first so we can try to resolve it.

You may opt out of marketing emails by using the unsubscribe link in the email or contacting us at it@qrtiger.com.

Even if you opt out of marketing, we may still send non-marketing messages, such as service, security, legal, billing, or account notices.

Reviewcook may contain links to third-party websites, review platforms, social media services, integrations, or applications. We are not responsible for the privacy practices of third parties. Your use of third-party services is governed by their own privacy policies and terms.

Reviewcook is not intended for children under eighteen (18) years old and we do not knowingly collect personal information from children. If you believe a child has provided personal information to us, contact us immediately and we will take appropriate steps to delete it.

We may update this Privacy Policy from time to time. The updated version will be posted on our website with a new "Last updated" date. If we make material changes, we will provide additional notice where required by law.