ReviewGo
ReviewGo

PRIVACY POLICY

ReviewGo
Last Updated: 2026

This Privacy Policy explains how ReviewGo (“ReviewGo”, “we”, “our”, or the “Platform”) processes, stores, transfers, and protects personal data within the scope of the services it provides.

This Policy applies to all individuals (“Users”) who access, use, or create an account on ReviewGo’s website, application, or services.

1. Purpose and Scope

ReviewGo is a software tool designed to help businesses manage, analyze, and respond to customer reviews on their Google Business Profiles.

This Privacy Policy applies to Users who:

  • Visit the ReviewGo website,
  • Create an account,
  • Connect a Google account,
  • Use AI-powered features.

ReviewGo processes personal data only to the extent necessary to provide its services.

2. Data Controller

Data Controller: ReviewGo
Contact: Via the Contact page

For users located in Türkiye, ReviewGo acts as the Data Controller under Law No. 6698 on the Protection of Personal Data (KVKK).

3. Personal Data Processed

Depending on the services used, ReviewGo may process the following categories of personal data:

3.1 Identity and Contact Information

  • Email address
  • First and last name (if provided by the User)

3.2 Account and Usage Information

  • User account details
  • Authentication and session data
  • User preferences
  • Subscription and plan information

3.3 Business and Google Business Data

  • Business name, address, and location
  • Public Google Business Profile information
  • Customer reviews and ratings
  • Reviewer names and publicly available profile information
A significant portion of this data consists of information already publicly available on Google Business Profiles.

3.4 Technical Data

  • IP address
  • Browser, device, and operating system information
  • System, error, and security logs

ReviewGo does not intentionally process special categories of personal data (e.g., health or biometric data).

4. Purposes of Processing Personal Data

Personal data may be processed for the following purposes:

  • Providing and operating the services
  • Creating and managing user accounts
  • Enabling Google Business integrations
  • Generating AI-assisted analysis and replies
  • Ensuring platform security and preventing abuse
  • Monitoring and improving system performance
  • Fulfilling legal obligations

5. Legal Bases for Processing

Personal data is processed based on:

  • Necessity for the performance of a contract
  • ReviewGo’s legitimate interests
  • Compliance with legal obligations
  • Explicit consent, where required

6. Artificial Intelligence (AI) Usage

ReviewGo uses artificial intelligence technologies in certain features.

These may include:

  • Analyzing customer reviews
  • Generating draft or automatic responses

Important Disclosures:

  • AI-generated content is created on behalf of the User.
  • The User bears full legal and commercial responsibility for all published content.
  • ReviewGo does not guarantee the accuracy, completeness, or appropriateness of AI outputs.
  • Customer content is not used to train AI models.

7. International Data Transfers (General)

Due to the nature of its infrastructure and AI services, ReviewGo may transfer personal data to service providers located outside Türkiye.

This may include:

  • AI service providers
  • Cloud infrastructure and hosting providers

By enabling and using AI-powered features, Users explicitly consent to the transfer of personal data to third-party sub-processors located abroad, including in the United States.

8. Data Retention Periods

Personal data is retained:

  • For as long as necessary to provide the services
  • While the User account remains active
  • After account termination, for a reasonable period required for legal compliance and dispute resolution

System, security, and AI processing logs may be retained for a limited period for audit, defense, and security purposes.

9. Account Deletion and Data Erasure

Users may request deletion of their account.

Deletion requests:

  • Must be submitted via the Contact page
  • Will be processed within 30 days, unless a longer retention period is required by law

Except for data required to be retained by legal obligations, personal data will be deleted, destroyed, or anonymized.

10. Cookies

ReviewGo may use strictly necessary cookies to ensure proper functionality and security.

For more information, please review the Cookie Policy.

11. Data Security

ReviewGo implements reasonable technical and organizational measures to protect personal data.

However:

  • No data transmission over the internet can be guaranteed to be completely secure
  • No system can be guaranteed to be entirely free from vulnerabilities

12. Policy Updates

This Privacy Policy may be updated to reflect legal or technical changes. Updates will be published on this page with a revised “Last Updated” date.

13. Contact

For all privacy-related questions and requests, Users may contact ReviewGo via the Contact page.

🇪🇺 GDPR PRIVACY NOTICE

For Users Located in the European Union and European Economic Area (EEA)

This section applies exclusively to users located in the European Union (EU) and European Economic Area (EEA) and is provided in accordance with Regulation (EU) 2016/679 (“General Data Protection Regulation” or “GDPR”).

1. Roles of the Parties

For the purposes of GDPR:

  • The business user who connects and manages a Google Business Profile is the Data Controller.
  • ReviewGo acts as a Data Processor, processing personal data solely on behalf of and in accordance with the documented instructions of the Data Controller.
  • ReviewGo does not determine the purposes for which customer review data is created and does not use such data for its own independent purposes.

2. Categories of Personal Data Processed

Depending on the use of the Service, ReviewGo may process the following categories of personal data:

a) Account and Contact Data

  • Name and surname
  • Email address
  • Optional phone number (if provided by the user)

b) Business and Platform Data

  • Google Business Profile identifiers
  • Business name, address, and location data
  • Public business information retrieved via Google APIs

c) Customer Review Data

  • Review text
  • Star rating
  • Reviewer display name and publicly available profile information

ReviewGo processes only review data that is already publicly available on third-party platforms.

d) Technical and Usage Data

  • IP address
  • Device type, browser type, and operating system
  • Access logs, security logs, and error logs

ReviewGo does not intentionally process special categories of personal data as defined under Article 9 GDPR.

3. Purposes of Processing

Personal data is processed solely for the following purposes:

  • Providing and operating the ReviewGo platform
  • Creating and managing user accounts
  • Authenticating users and enforcing access control
  • Generating AI-assisted draft or automated replies to customer reviews
  • Publishing replies on behalf of the Data Controller where explicitly authorized
  • Ensuring system security and preventing fraud or misuse
  • Monitoring service performance and reliability
  • Complying with legal obligations
  • Establishing, exercising, or defending legal claims

4. Legal Bases for Processing (Article 6 GDPR)

Processing activities are based on one or more of the following legal grounds:

  • Article 6(1)(b): Processing is necessary for the performance of a contract between the user and ReviewGo
  • Article 6(1)(f): Processing is necessary for ReviewGo’s legitimate interests, including service security, abuse prevention, and platform stability
  • Article 6(1)(c): Processing is necessary to comply with applicable legal obligations
  • Article 6(1)(a): Explicit consent, where required (e.g. enabling certain AI-powered features)

5. Automated Processing and AI Usage

ReviewGo uses automated systems, including artificial intelligence models, to assist users in generating responses to customer reviews.

Important clarifications:

  • AI-generated content is produced on behalf of the Data Controller
  • ReviewGo does not use customer data to train or improve AI models
  • Automated processing does not produce legal or similarly significant effects within the meaning of Article 22 GDPR
  • Final responsibility for published content remains with the Data Controller

6. International Data Transfers

Due to the global nature of ReviewGo’s infrastructure and the use of third-party service providers, personal data may be transferred to and processed in countries outside the EU/EEA, including the United States.

Such transfers are conducted in accordance with GDPR Chapter V and are protected by appropriate safeguards, which may include:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Other legally recognized transfer mechanisms

By enabling AI-powered features, the user acknowledges and accepts that such international transfers may occur as part of the service.

7. Data Retention

Personal data is retained only for as long as necessary to fulfill the purposes outlined in this Privacy Notice. Retention periods may include:

  • The duration of the active service relationship
  • A limited period thereafter for security, audit, and legal defense purposes

After the applicable retention period expires, data is deleted, anonymized, or securely archived in accordance with applicable laws.

8. Data Subject Rights

Under GDPR, data subjects have the following rights:

  • The right to access personal data
  • The right to rectification of inaccurate or incomplete data
  • The right to erasure (“right to be forgotten”), subject to legal limitations
  • The right to restriction of processing
  • The right to object to processing based on legitimate interests
  • The right to data portability
  • The right to withdraw consent at any time, where processing is based on consent
  • The right to lodge a complaint with a competent supervisory authority

9. Exercise of Rights

Requests relating to data subject rights may be submitted via the Contact page.

Requests will be handled in accordance with GDPR timelines and requirements. ReviewGo may request additional information to verify the identity of the requester where necessary.

10. Liability and Responsibility Clarification

ReviewGo acts strictly as a technical service provider. The Data Controller remains fully responsible for:

  • The lawfulness of review content
  • The decision to publish AI-generated replies
  • Compliance with platform-specific policies (e.g. Google Business Profile rules)

ReviewGo disclaims liability for content published on behalf of the Data Controller, except where required by applicable law.

11. Updates to This Notice

This GDPR Privacy Notice may be updated from time to time to reflect legal, technical, or operational changes. The “Last updated” date will be revised accordingly.

12. Contact

For GDPR-related inquiries or requests, users may contact ReviewGo through the Contact page.

🇹🇷 PERSONAL DATA PROTECTION NOTICE (KVKK)

(For Users Located in Türkiye – Law No. 6698)

This section constitutes an information notice regarding the personal data processing activities carried out by ReviewGo in accordance with the Turkish Personal Data Protection Law No. 6698 (“KVKK”).

1. Data Controller

Pursuant to KVKK, your personal data is processed by ReviewGo, acting in the capacity of Data Controller.

2. Categories of Personal Data Processed

Depending on the nature of the services provided and the manner in which they are used, ReviewGo may process the following categories of personal data:

a) Identification and Contact Information

  • First name and last name
  • Email address
  • Phone number, if voluntarily provided by the user

b) Account and Usage Information

  • User account details
  • Session and authorization data
  • User preferences and settings
  • Service usage history

c) Business and Content Data

  • Business information associated with Google Business profiles
  • Business location, address, and contact details
  • Customer reviews, ratings, reviewer names, and publicly available profile information

The reviews and business information processed within this scope consist of data that is already publicly available on the relevant platforms.

d) Technical Data

  • IP address
  • Browser and device information
  • System, error, security, and access logs

ReviewGo does not aim to process special categories of personal data such as health data, biometric data, religious beliefs, or similar sensitive data.

3. Purposes of Processing Personal Data

Your personal data is processed for the following purposes:

  • Providing and ensuring the continuity of the services
  • Creating and managing user accounts
  • Performing identity verification and authorization processes
  • Processing business and review data through Google services
  • Enabling and managing AI-powered response generation features
  • Ensuring system security and preventing misuse
  • Fulfilling legal obligations
  • Exercising the right to evidence and defense in potential disputes

4. Legal Grounds for Processing

Your personal data is processed based on the legal grounds set forth in Article 5 of KVKK, including:

  • Article 5/2(c): Processing is necessary for the establishment or performance of a contract
  • Article 5/2(f): Processing is necessary for the legitimate interests of the data controller
  • Article 5/2(ç): Processing is necessary to comply with legal obligations

In cases such as cross-border data transfers or the use of artificial intelligence features, explicit consent may be obtained where deemed necessary.

5. Transfer of Personal Data

Your personal data may be transferred, solely for the purpose of providing the services and in a limited manner, to:

  • Infrastructure providers offering hosting, authentication, artificial intelligence, payment, and email services
  • Google services, within the scope of the user’s explicit authorization

6. Transfer of Personal Data Abroad

Due to the technical requirements of ReviewGo’s artificial intelligence and infrastructure services, personal data may be transferred to, or processed on, servers located outside of Türkiye.

By using ReviewGo’s AI-powered features, the user acknowledges and expressly consents to the transfer of their personal data abroad.

7. Data Retention Periods

Personal data is retained:

  • For the duration of the service relationship, and
  • Following the termination of the service, for the period required to comply with legal obligations and to address potential disputes

At the end of the applicable retention period, personal data is deleted, destroyed, or anonymized in accordance with applicable legislation.

8. Your Rights Under Article 11 of KVKK

Pursuant to Article 11 of KVKK, as a data subject, you have the right to:

  • Learn whether your personal data is being processed
  • Request information if your personal data has been processed
  • Learn the purpose of processing and whether data is used in accordance with that purpose
  • Know the third parties to whom personal data is transferred domestically or abroad
  • Request correction of incomplete or inaccurate personal data
  • Request deletion or destruction of personal data under the conditions stipulated in KVKK
  • Request notification of correction, deletion, or destruction to third parties to whom data has been transferred
  • Object to results that are detrimental to you arising from analysis exclusively through automated systems
  • Claim compensation for damages arising from unlawful processing of personal data

9. Application Method

Requests regarding your rights under KVKK may be submitted to ReviewGo via the Contact page.

Such requests will be evaluated and concluded within the timeframes prescribed by the applicable legislation.