Privacy Policy

Last updated: 01. Nov, 2024

Introduction

We get that legal documents can be overwhelming and boring, so we’ve tried our best to keep it as simple and possible while providing the information needed. It is important however to remember that these terms are legally binding between yourself and us if you choose to use Revolt, so please read them carefully before proceeding - We will continue to improve and tackle some sections.

Your Privacy

Your privacy is very important to us, and we will ensure protecting your privacy when using our services.

Revolt is an open-source project (source code is available on our GitHub), and we respect our user’s privacy while remaining transparent with our users. We only collect limited data from our users that is absolutely necessary.

• Account Information: We collect data from our users when they register for an account on Revolt, such as: the registered e-mail address, hashed password, and chosen username.
• Servers and Groups: If you create or join a group/server on Revolt, we collect and store the names of the group/server to provide the service.
• Your Content: To provide the service, we must store your messages and any content such as attachments and reactions.
• Legal Responsibility: To ensure that users satisfy the legal age requirement to use the platform and to provide additional safety for minors, we must collect user’s date of birth.
• Abuse Prevention: To prevent our service from being attacked and protect your account, we collect your IP address and a short device description for each session, and also temporarily store some device information after initial registration.
• Self-hosted instances: Since self-hosted instances aren’t operated by us, we cannot enforce our own Privacy Policy, Acceptable Usage Policy or Terms of Service there. Please visit self-hosted instances at your own discretion.

Who is this information shared with?

We will NEVER sell your data to any third-parties, although we use certain service providers to process your data, such as:

• Hetzner, provides us with cloud services to run Revolt.
• Backblaze, provides us with cloud services to store media at scale.
• hCaptcha, provides us with the tools necessary to stop abuse of our platform. See footnote.
• Cloudflare, provides us with DDoS mitigation and content delivery acceleration.

Law & Order: We may disclose your information to third parties only if such disclosure is absolutely necessary to comply with a valid legal process, protect any person from death or serious injury, prevent fraud or abuse, or protect our rights, property, safety and interest.

Where is my information stored?

Since this is an open-source project, we have team members across Europe and North America. Your information is currently stored on first-party servers in Germany and your media is stored on first-party servers in Lithuania.

If you wish to request deletion of any information stored on our servers, including any requests under GDPR or DMCA, please use the account deletion / reporting in-app if applicable or otherwise contact us at [email protected].

Exceptions to third-parties service providers which is used to process your data as mentioned above.

Our commitment to children’s privacy

We abide by the children’s consent guidelines as laid out by the GDPR and The Children’s Online Privacy Protection Act (“COPPA”), which requires online service providers to obtain parental consent before they knowingly collect personally identifiable information online from children who are under 16 and 13 years of age respectively, and in the case of the GDPR, may vary depending on the EU member state.

We do not knowingly collect or solicit personally identifiable information from children under the minimum legal age to use the service. If we learn we have collected personal information from a child under the minimum legal age to use the service, we will immediately delete that information from our servers. If you are a parent or guardian of a child under the age and believe that they have disclosed personal information to us, please contact us at [email protected]. As a concerned user of the platform, you may also report underage users by using the in-app report feature.

Your rights under the GDPR

The data controller of your personal data is Pawel Makles, an individual who operates Revolt as a sole proprietorship. You can contact him at [email protected]. The data controller is responsible for deciding how and why we process your personal data.

The legal basis for processing your personal data is based on your consent, which you give us when you sign up for Revolt and agree to our Terms of Service and Privacy Policy. You can withdraw your consent at any time by deleting your account or contacting us. We may also process your personal data to comply with our legal obligations, to protect our legitimate interests or the interests of others.

As a user of our service, you have the right to lodge a complaint under the UK General Data Protection Regulation (UK GDPR) if you think that we have mishandled your personal data or violated your data protection rights. You can do this by contacting us directly and explaining your concerns. If you are not satisfied with our response, you can also escalate your complaint to the Information Commissioner’s Office (ICO), which is the supervisory authority for UK GDPR. You can find more information about how to make a data protection complaint on their website.

Currently, you may request a copy of all of your data by contacting us at [email protected].

Changes to our Privacy Policy

As we keep improving our services, we may update our Privacy Policy in the future if needed. We will notify you of any changes made to our Privacy Policy.

You are advised to review our Privacy Policy periodically for any changes. Such changes to our Privacy Policy are effective when they are posted on this page.

Contact Us

Feel free to contact us if you have any questions regarding this Privacy Policy or any of the above statements. You may contact us by emailing [email protected].

hCaptcha

This section has been adapted from hCaptcha’s documentation.

We use the hCaptcha anti-bot service (hereinafter “hCaptcha”) on our website. This service is provided by Intuition Machines, Inc., a Delaware US Corporation (“IMI”). hCaptcha is used to check whether the data entered on our website (such as on a login page or contact form) has been entered by a human or by an automated program. To do this, hCaptcha analyzes the behavior of the website or mobile app visitor based on various characteristics. This analysis starts automatically as soon as the website or mobile app visitor enters a part of the website or app with hCaptcha enabled.

When using the Revolt App, hCaptcha will only begin analysis when you:

• Submit a login request.
• Submit a registration request.
• Submit a password reset / email resend request.

For the analysis, hCaptcha evaluates various information (e.g. IP address, how long the visitor has been on the website or app, or mouse movements made by the user). The data collected during the analysis will be forwarded to IMI.

Data processing is based on Art. 6(1)(f) of the GDPR (DSGVO): the website or mobile app operator has a legitimate interest in protecting its site from abusive automated crawling and spam. IMI acts as a “data processor” acting on behalf of its customers as defined under the GDPR, and a “service provider” for the purposes of the California Consumer Privacy Act (CCPA). For more information about hCaptcha and IMI’s privacy policy and terms of use, please visit the following links: https://hcaptcha.com/privacy/ and https://hcaptcha.com/terms.