Rev Platform

Legal

Data Processing Agreement

How Rev Platform processes personal data on behalf of customers under GDPR and other data protection laws.

Data Processing Agreement

Last updated: May 13, 2026

1. Introduction

This Data Processing Agreement ("DPA") forms part of the Terms of Service between ROHQ, Inc. d/b/a RevOps HQ ("Processor," "Rev Platform," "we," "us") and the customer ("Controller," "you") and governs the processing of personal data by Rev Platform on behalf of the customer in connection with the following services:

  • Rev Platform — Unified authentication, billing, and platform shell
  • RevOps Connect — Integration infrastructure and data synchronization
  • RevCPQ — Configure, price, quote, contract, and billing
  • Field Pro — Field service management, scheduling, and dispatch
  • Schedule Pro — Calendar scheduling and meeting management
  • RevOps Cortex — AI-powered analytics and intelligence
  • RevERP — Enterprise resource planning modules
  • RevPortal — External portals for customers, partners, and vendors
  • MiniMap — Geospatial CRM visualization and territory management
  • RevGTM — GTM strategy platform for people inventory, tech inventory, and desired reporting
  • RevAudit — Automated HubSpot health checks, data quality scans, and compliance audits

Collectively, the "Services."

2. Definitions

  • "Personal Data" means any information relating to an identified or identifiable natural person.
  • "Processing" means any operation performed on Personal Data, including collection, storage, use, and deletion.
  • "Sub-processor" means any third party engaged by Rev Platform to process Personal Data.

3. Scope of Processing

Rev Platform will process Personal Data only on documented instructions from the Controller, including with regard to transfers of Personal Data to a third country, unless required to do so by applicable law.

4. Security Measures

Rev Platform implements appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

  • Encryption of Personal Data in transit and at rest
  • Regular testing and evaluation of security measures
  • Access controls and authentication mechanisms
  • Incident response and breach notification procedures
  • Employee training on data protection

5. Sub-processors

Rev Platform may engage Sub-processors to assist in providing the Services. A current list of Sub-processors is available upon request. Rev Platform will notify the Controller of any intended changes to Sub-processors, giving the Controller an opportunity to object.

6. Data Subject Rights

Rev Platform will assist the Controller in responding to requests from data subjects exercising their rights under applicable data protection laws, including rights of access, rectification, erasure, restriction, portability, and objection.

7. Data Breach Notification

Rev Platform will notify the Controller without undue delay upon becoming aware of a Personal Data breach. The notification will include the nature of the breach, categories and approximate number of data subjects affected, and measures taken to address the breach.

8. Data Deletion

Upon termination of the Services or upon Controller's request, Rev Platform will delete or return all Personal Data to the Controller and delete existing copies, unless applicable law requires retention.

9. Audits

Rev Platform will make available to the Controller all information necessary to demonstrate compliance with this DPA and allow for audits, including inspections, conducted by the Controller or an auditor mandated by the Controller.

10. International Transfers

Rev Platform will ensure that any transfer of Personal Data to a third country is subject to appropriate safeguards as required by applicable data protection laws, including Standard Contractual Clauses where applicable.

11. Contact

For questions about this DPA or to request a signed copy, please contact us at legal@revplatform.io.