R
ReVend
Get Early Access

Legal

Privacy Policy

Last updated: 9 March 2026

You spend your days making sure other people's data gets properly erased. The least we can do is be transparent about what happens with yours.

Who we are

ReVend is operated by Simplinity BV, registered in Brussels, Belgium. We build software for people who process used IT equipment for a living. When this document says “we” it means Simplinity BV, not a vague corporate entity hiding behind a PO box in Delaware. We're in Brussels. You can visit. We have good coffee.

What we collect

Account details: Name, email, company, role. The basics. We need to know who you are so we can create your account and not accidentally give your warehouse data to your competitor down the road.

Your operational data: Assets, orders, grades, erasure records, settlements, invoices — everything you put into the platform. This is literally the product. Without your data, we're just a very expensive empty dashboard.

Usage patterns: Which pages you visit, which features you use, how long you spend on the testing queue page wondering why there are still 47 items pending. We use this to make the product better. We don't sell it, share it, or use it to build a profile of your browsing habits.

Support conversations: When you email us saying “the settlement calculation looks wrong,” we keep that conversation so the next person who helps you doesn't start from zero. Novel concept.

Where it lives

Frankfurt, Germany. AWS eu-central-1. Your data stays in the European Union. It doesn't take a holiday to Virginia. It doesn't get “temporarily processed” in Singapore. It doesn't get backed up to a server farm in Utah because someone forgot to check a box. EU in, EU stays. You handle data-bearing devices all day — you know how important this is.

What we do with it

Run the platform. Your assets need tracking. Your settlements need calculating. Your auditor needs documentation. That's what we use your data for.

Make it better. If nobody uses the pallet transfer feature, we know to redesign it. If everyone rage-clicks the grading form, we know something's broken. Usage analytics help us fix things you didn't know you could complain about.

Talk to you. Security alerts, product updates, the occasional newsletter. You can unsubscribe from the newsletter anytime. The security alerts, less so. Those are non-negotiable, for obvious reasons.

What we never do

Sell your data. Not to advertisers. Not to data brokers. Not to your competitor who would love to know your pricing models. Your data is yours. Full stop.

Train AI on your business. Your client list, your deal terms, your grading results — none of it feeds any model. Not ours, not anyone else's. Your tenant is your tenant.

Let other customers peek. Row-level security means tenant A cannot see tenant B's data. Not through the API. Not through a bug. Not through creative URL editing by someone who watched one YouTube video about hacking. The database itself enforces the walls.

Your rights

You can access, correct, export, and delete your data. All of it. Anytime. We provide exports in CSV and JSON within 30 days of your request. Usually much faster, because it's automated. If you want everything deleted, we comply within 30 days. Gone. Like that pallet that vanished from Zone B last summer — except this time we can actually prove it's gone.

If you think we're mishandling your data, you can complain to your local data protection authority. In Belgium, that's the Gegevensbeschermingsautoriteit — a word that's longer than most privacy violations.

Cookies

Essential cookies keep you logged in. Analytics cookies (PostHog, self-hosted in the EU, because we practice what we preach) help us understand usage patterns. Advertising cookies? Zero. Tracking pixels? Zero. That creepy retargeting thing where you look at one product page and it follows you across the internet for six weeks? We don't do that. We don't even know how to do that. We spent the budget on warehouse features instead.

Who else touches your data

As few companies as possible. Supabase hosts the database (EU). Vercel serves the website (EU edge). PostHog tracks analytics (self-hosted, EU). Resend delivers transactional emails. Each has a signed DPA. We review this list regularly and resist the urge to add fourteen SaaS tools just because they have nice landing pages.

How long we keep it

As long as your account is active. If you cancel, we keep your data for 90 days in case you realise that going back to the spreadsheet was a terrible idea. After that, it's deleted. Backups stick around for 30 more days, then those are gone too. Belgian tax law requires us to keep certain financial records for 7 years, which is both legally mandatory and genuinely inconvenient.

Security

Encryption at rest. Encryption in transit. Row-level tenant isolation. The full story is on our Security & Compliance page, which is also the page your compliance officer will want to bookmark.

When this changes

We email you 30 days before significant changes take effect. Typo fixes and formatting adjustments happen without notice, because emailing 500 people about a semicolon seems excessive.

Questions?

privacy@revend.io. A human reads it. Usually the same human who wrote this page. Response time: under 5 business days. Often under 5 business hours. Depends on the question and whether it's a Monday.