REV·WIRE
Products
Industries Departments
Our Philosophy Certification
About
Book a demo

Legal & Trust

Security &
Trust Center

Our comprehensive approach to data protection, platform security, and responsible AI.

Last Updated: May 2026

At Revalytics Corporation, doing business as Revalytics.AI ("Revalytics," "we," "us," or "our"), security, privacy, reliability, and responsible artificial intelligence practices are foundational to how we design, operate, and improve our platform.

This Security & Trust Center provides an overview of our approach to: data protection; platform security; privacy; AI governance; operational safeguards; infrastructure resilience; and customer trust.

OUR SECURITY APPROACH

Revalytics implements commercially reasonable administrative, technical, organizational, and physical safeguards designed to protect customer information and maintain platform integrity. Our security program is designed to support:

  • confidentiality;
  • integrity;
  • availability;
  • operational resilience;
  • responsible data handling practices;
  • and controlled access to systems and customer information.

Security controls and practices are periodically reviewed and updated based on: operational needs; evolving threats; infrastructure changes; customer requirements; and applicable legal or regulatory obligations.

CERTIFICATIONS & COMPLIANCE

Revalytics is currently establishing the formal compliance framework expected of mature B2B SaaS providers. Certification efforts are planned and prioritized as part of our compliance roadmap. Certification status will be updated in this Trust Center as milestones are achieved.

In the interim, Revalytics provides security and privacy assurance through:

  • this Security & Trust Center documentation;
  • the Data Processing Addendum (DPA);
  • our published Subprocessor List;
  • and security questionnaire responses provided to customers upon reasonable request.

INFRASTRUCTURE & CLOUD SECURITY

Revalytics's platform is hosted on Amazon Web Services ("AWS") within the United States, primarily in the us-east-1 and us-west-2 regions. AWS maintains independent security programs and certifications, including SOC 2 Type II and ISO 27001, as well as physical security controls for its infrastructure.

Within Revalytics's AWS environment, security measures include:

  • infrastructure monitoring;
  • network segmentation;
  • logging and alerting;
  • backup and recovery procedures;
  • redundancy and failover protections;
  • vulnerability management;
  • endpoint protections;
  • and access control systems.

ACCESS CONTROLS

Access to systems and customer information is restricted to authorized personnel with legitimate business needs. Security practices may include:

  • role-based access controls;
  • authentication measures;
  • least-privilege access principles;
  • credential management;
  • session management;
  • internal access review procedures;
  • and operational monitoring controls.

Revalytics seeks to minimize unnecessary access to customer information and operational systems.

ENCRYPTION & DATA PROTECTION

Revalytics encrypts customer data in transit using TLS 1.2 or higher and encrypts customer data at rest within our cloud infrastructure using AES-256 or equivalent industry-standard encryption. Encryption keys are managed through Revalytics's cloud infrastructure provider's key management systems with appropriate access controls.

Data protection measures may vary depending on: system architecture; infrastructure provider capabilities; operational requirements; customer configurations; and evolving security practices. No method of transmission or storage can be guaranteed completely secure.

DATA RESIDENCY

Customer data processed through the Services is hosted within the United States. All primary processing, storage, and AI inference operations occur within Revalytics's AWS infrastructure in the us-east-1 and us-west-2 regions.

Revalytics does not transfer customer data outside the United States in the course of normal Service operations.

AI GOVERNANCE & RESPONSIBLE AI

Revalytics develops and deploys artificial intelligence technologies designed to support: revenue analytics; operational intelligence; forecasting; reporting; workflow optimization; workforce analytics; marketing analytics; and business insights.

Our Responsible AI practices include: human oversight expectations; prohibited use restrictions; security and access controls; privacy-aware data handling; operational safeguards; and monitoring procedures designed to reduce misuse and unauthorized access.

MARION is built on a foundation model fine-tuned with Revalytics.AI's proprietary training data and hosted within Revalytics.AI's controlled cloud infrastructure. Customer data is not transmitted to foundation model providers in the course of normal Service operations.

AI-generated outputs: may contain inaccuracies; may produce incomplete results; and should not be relied upon as the sole basis for important decisions. Customers remain responsible for independent review and oversight. Please review our Responsible AI & Acceptable Use Policy for additional information.

DATA PROCESSING & PRIVACY

Revalytics processes customer data in accordance with: applicable agreements; customer instructions; applicable privacy laws; and our published privacy documentation.

Our privacy and data governance framework includes: Privacy Policy; CCPA Privacy Notice; Cookie Policy; Responsible AI & Acceptable Use Policy; and Data Processing Addendum (DPA).

Customers remain responsible for obtaining legally required notices and consents related to: recordings; monitoring; analytics; workforce-related processing; and submitted data.

AI MODEL TRAINING

Revalytics may use customer-provided data, communications, recordings, transcripts, analytics inputs, operational information, and related platform data to: develop; improve; train; support; maintain; and enhance its artificial intelligence, machine learning, analytics, and operational systems.

Revalytics applies administrative, technical, and organizational measures designed to reduce unnecessary exposure of customer information during model development and platform improvement activities, including: aggregation; de-identification; anonymization; minimization; and related privacy and security safeguards.

Revalytics does not sell customer data and does not share customer data with unrelated third-party commercial AI providers for independent model training purposes.

SECURITY INCIDENT RESPONSE

Revalytics maintains internal procedures to: identify; investigate; respond to; contain; remediate; and recover from security incidents and operational disruptions.

In the event of a confirmed security incident involving unauthorized access to customer data, Revalytics will notify affected customers without undue delay and, where reasonably feasible, within seventy-two (72) hours of confirmation, where notification is required by law or contractual obligations. Notifications will include: available details regarding the incident; affected systems or data categories; remediation measures taken; and ongoing cooperation information.

SUBPROCESSORS & THIRD-PARTY SERVICES

Revalytics may utilize third-party infrastructure providers, analytics vendors, communication providers, security providers, hosting providers, and operational tools in connection with providing the Services.

A note on AI infrastructure: Revalytics uses Meta's Llama foundation model under the Llama Community License Agreement. Llama weights are hosted within Revalytics's own cloud infrastructure, and customer data is not transmitted to Meta. As such, Meta is not listed as a subprocessor.

Revalytics seeks to maintain commercially reasonable safeguards and contractual protections with service providers where appropriate. A current list of subprocessors is available through Revalytics.AI's published Subprocessor List.

BUSINESS CONTINUITY & RELIABILITY

Revalytics seeks to maintain operational continuity through: infrastructure redundancy; monitoring systems; backup procedures; recovery planning; operational resilience measures; and platform monitoring controls.

However, no online platform can guarantee uninterrupted or error-free operation. Temporary interruptions may occur due to: maintenance; infrastructure failures; cybersecurity events; internet disruptions; third-party outages; cloud provider disruptions; or events outside our reasonable control.

CUSTOMER RESPONSIBILITIES

Customers are responsible for: safeguarding account credentials; managing authorized user access; maintaining endpoint security; obtaining required notices and consents; and complying with applicable laws related to: recordings; monitoring; privacy; employment; workforce analytics; and data protection.

Customers operating call recording or workforce monitoring features are specifically responsible for:

  • providing legally required disclosures to callers in two-party consent jurisdictions (e.g., CA, IL, FL, MA, PA, WA);
  • obtaining required consents for recording employee or customer calls;
  • complying with state-specific biometric privacy laws, including Illinois BIPA;
  • and maintaining lawful basis for data submitted to the Services.

Customers should independently evaluate AI-generated outputs before relying on them for operational, legal, financial, employment, compliance, or business decisions.

COMPLIANCE & GOVERNANCE

Revalytics continuously evaluates its operational, privacy, security, and AI governance practices as the platform evolves and as compliance obligations emerge based on: applicable laws and regulatory developments; customer requirements; industry standards and best practices; infrastructure changes; and evolving security risks.

We are committed to maturing our compliance posture in alignment with the expectations of mid-market and enterprise B2B SaaS customers.

CONTACT US

For security, privacy, or compliance inquiries, please contact: privacy@revalytics.ai

For legal notices or contract-related communications, contact: legal@revalytics.ai

Revalytics Corporation
500 W 2nd St Suite 1900
Austin, TX 78701