Effective Date: July 30, 2025

1.1 Who We Are

REVNGN, LLC (“we,” “our,” “us”) provides marketing automation, CRM configuration, and bulk communications services to business clients.

1.2 Scope

This notice explains how we collect, use, share, and protect personal data when we act as a data controller for our own marketing and as a data processor on behalf of clients. It satisfies the California Consumer Privacy Act as amended by CPRA, GDPR, and the eight new state privacy laws taking effect in 2025 (Delaware, Iowa, Maryland, Minnesota, Nebraska, New Hampshire, New Jersey, Tennessee). fisherphillips.com

1.3 Data We Collect

We do not knowingly collect data from children under 13.

1.4 How We Use Data

• Provide and improve services

• Authenticate users

• Prevent abuse, spam, and fraud

• Comply with carrier 10DLC requirements and law enforcement requests springbig.com

1.5 Sharing with Third Parties

We share data only with vetted subprocessors that enable our platform, currently:
Twilio, Mailgun, Google Cloud (hosting), GoHighLevel (SaaS), and Atlassian (support). Each subprocessor is bound by a DPA and industry-standard security controls.

1.6 Consumer Rights

Where applicable, individuals may access, delete, correct, or export their data and object to certain processing. Submit requests at privacy@revngn.com. We verify identity before acting.

1.7 International Transfers

We rely on the EU-US Data Privacy Framework or Standard Contractual Clauses as appropriate.

1.8 Retention

Contact and billing records: 7 years. Messaging logs: 24 months. Opt-in proof: minimum 6 years to satisfy TCPA look-back.

1.9 Security

We follow NIST SP 800-53 controls, encrypt data in transit (TLS 1.3) and at rest (AES-256).

1.10 Changes

We may update this notice; the footer date reflects the latest revision. Material changes are announced by email 30 days in advance.