Privacy Policy

1. Introduction

RevivaTech ("we," "our," or "us") operates the computer and device repair services at revivatech.co.uk. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our services, or interact with us.

We are committed to protecting your privacy and ensuring that your personal information is handled in a safe and responsible manner. This policy complies with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Information We Collect

2.1 Personal Information

We may collect the following personal information:

• Contact Information: Name, email address, phone number, postal address
• Device Information: Device type, model, serial number, problem description
• Service Information: Repair history, service preferences, communication preferences
• Payment Information: Billing address, payment method details (processed securely by third-party providers)
• Account Information: Username, password (encrypted), profile preferences

2.2 Technical Information

We automatically collect certain technical information:

• IP Address: Used to determine your approximate geographic location (country and city level). We may anonymize or hash IP addresses for privacy protection.
• Geographic Location: Country, city, region, and timezone derived from your IP address via our Cloudflare proxy and MaxMind GeoLite2 database. This data is collected at city-level granularity and is not used to identify your precise location.
• Referrer Information: The website or search engine that referred you to our site, including any UTM campaign parameters for marketing attribution.
• Website Usage: Pages visited, time spent on each page, scroll depth, form interactions, and click patterns.
• Browser and Device Data: Browser type and version, operating system, device type (mobile/desktop/tablet), screen resolution.
• Device Fingerprint: A unique identifier generated from your browser characteristics to recognize returning visitors (with your consent).
• Cookies and Analytics: Session data, preferences, performance metrics.

Geographic data is provided by MaxMind GeoLite2 and Cloudflare. This information helps us understand our audience, improve our services, and provide relevant content. You can manage your tracking preferences in your privacy settings.

2.3 Device Content

During repair services, we may have access to content on your device. We implement strict policies to protect your privacy:

• We only access content necessary for diagnosis and repair
• All technicians sign confidentiality agreements
• We recommend backing up and removing sensitive data before service
• We do not copy, store, or share personal content from your device

3. How We Use Your Information

3.1 Service Provision

• Process and fulfill your repair requests
• Communicate about your device status and repairs
• Provide customer support and technical assistance
• Maintain service records and warranty information

3.2 Business Operations

• Process payments and manage billing
• Improve our services and customer experience
• Analyze usage patterns and service performance
• Conduct quality assurance and training

3.3 Legal Compliance

• Comply with legal obligations and regulations
• Protect our rights and prevent fraud
• Respond to legal requests and court orders
• Maintain records as required by law

4. Information Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share information in these limited circumstances:

4.1 Service Providers

• Payment Processors: Stripe, PayPal for secure payment processing
• Cloud Services: AWS, Google Cloud for secure data storage
• Communication Tools: Email and SMS service providers
• First-Party Analytics: We use our own cookieless analytics system to track website usage and geographic distribution of visitors. Data is stored on our servers in the UK.
• Geographic Services: MaxMind GeoLite2 for IP-based location lookup (country and city level only)
• CDN & Security: Cloudflare for content delivery, DDoS protection, and geo-location headers

4.2 Legal Requirements

• To comply with legal obligations or court orders
• To protect our rights, property, or safety
• To investigate suspected fraud or illegal activity
• In connection with a business transfer or merger

5. Data Security

We implement comprehensive security measures to protect your information:

5.1 Technical Safeguards

• Encryption: SSL/TLS encryption for data transmission
• Secure Storage: Encrypted databases and secure servers
• Access Controls: Multi-factor authentication and role-based access
• Regular Audits: Security assessments and vulnerability testing

5.2 Physical Security

• Secure facilities with controlled access
• Surveillance systems and alarm monitoring
• Locked storage for devices under repair
• Secure disposal of electronic media

5.3 Staff Training

• Regular privacy and security training for all staff
• Signed confidentiality agreements
• Background checks for all technicians
• Clear data handling procedures and policies

6. Your Rights Under UK GDPR

You have the following rights regarding your personal data:

To exercise any of these rights, please contact us at privacy@revivatech.co.uk. We will respond within 30 days of receiving your request.

7. Cookies and Tracking

We use cookies and similar technologies to enhance your experience:

7.1 Types of Cookies

• Essential Cookies: Required for website functionality and security
• Performance Cookies: Help us understand how visitors use our website
• Functional Cookies: Remember your preferences and settings
• Targeting Cookies: Used for relevant advertising (with your consent)

You can manage your cookie preferences through your browser settings or our cookie consent manager. Please note that disabling certain cookies may affect website functionality.

8. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this policy:

• Service Records: 7 years for warranty and legal compliance
• Financial Records: 6 years as required by UK tax law
• Marketing Data: Until you withdraw consent or unsubscribe
• First-Party Analytics: 90 days for detailed event data, aggregated statistics retained indefinitely
• Geographic Data: 30 days for attribution, then anonymized for trend analysis
• Session Data: 24 hours for real-time analytics, then aggregated
• CCTV Footage: 30 days unless required for investigation

9. Children's Privacy

Our services are not directed to children under 16 years of age. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

10. International Data Transfers

Some of our service providers may be located outside the UK. When we transfer your data internationally, we ensure appropriate safeguards are in place:

• Adequacy decisions by the UK Information Commissioner's Office
• Standard Contractual Clauses approved by UK authorities
• Certification schemes and codes of conduct
• Binding corporate rules for multinational companies

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by:

• Posting the updated policy on our website
• Sending an email notification to registered users
• Displaying a prominent notice on our website
• Requesting renewed consent where required

12. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you believe we have not handled your personal data appropriately: