virev.ai ← Home

Legal

Privacy Policy

Effective date: 2026-05-13

1. Overview

Virev AI ("Virev", "we", "us", or "our") provides software, data, email, messaging, and API services that help brands and marketing teams discover public creators, analyze profiles and content, find business contact details, contact creators, and manage creator outreach campaigns.

This Privacy Policy explains how we collect, use, disclose, retain, and protect personal information, public creator data, Gmail data, and other information processed through virev.ai, api.virev.ai, and our related applications and services (the "Service").

Where customers use the Service to manage their own contacts, campaigns, messages, and creator relationships, the customer may be the controller of that data and Virev may act as a processor or service provider under the customer's instructions.

2. Information We Collect

2.1 Account and Workspace Information

  • Name, email address, profile photo, authentication identifiers, and session metadata
  • Company name, team members, roles, permissions, preferences, and billing contacts
  • Support requests, sales inquiries, contact-form submissions, and related communications

2.2 Campaign Data You Provide

  • Campaign briefs, folders, lists, tags, notes, rankings, and internal evaluations
  • Recipients, contact lists, email or DM drafts, schedules, attachments, and message templates
  • Custom domains, SMTP settings, Gmail OAuth connections, and Instagram messaging connections

2.3 Public Creator and Social Data

To provide discovery, search, email-finder, campaign analysis, and API features, we process publicly available creator and content information, including:

  • Public profiles, such as usernames, names, bios, categories, locations, languages, and audience counts
  • Public content, such as captions, hashtags, mentions, thumbnails, media URLs, and engagement metrics
  • Public contact details, such as emails or links listed in bios or on linked public websites
  • Derived insights, such as engagement rates, inferred categories, similar creators, and campaign fit scores

We do not intentionally access private social accounts, private messages, or third-party platform data that requires unauthorized login sessions.

2.4 Gmail, Email, and Messaging Integration Data

If you explicitly connect an integration, we may process:

  • Your Gmail account email address, display name, OAuth access tokens, and OAuth refresh tokens
  • Recipients, subjects, bodies, HTML, attachments, and delivery status for emails you send through Gmail
  • If Gmail inbox sync is enabled, recent inbox messages, headers, message bodies, snippets, and thread identifiers used to display replies in Virev
  • SMTP/IMAP credentials, Resend webhook data, and Instagram Graph API message data if you connect them

2.5 Billing, Usage, and Technical Data

  • Stripe customer, subscription, invoice, payment, tax, and credit-balance identifiers
  • Search queries, filters, tool invocations, API requests, credit usage, and rate-limit events
  • IP address, device and browser details, session events, error logs, performance logs, and security logs

3. How We Use Information

  • Provide the Service - authenticate users, power creator search, find emails, and run campaigns
  • Provide communication features - send email or DMs from accounts you connect and show replies
  • Analyze and improve the Service - improve search, recommendations, categorization, reliability, and security
  • Provide AI features - understand search intent, classify public content, and draft text you request
  • Process billing - manage subscriptions, credits, invoices, taxes, refunds, and fraud checks
  • Secure the Service - detect abuse, spam, fraud, unusual usage, and unauthorized access
  • Communicate with you - respond to support requests and send service, security, and account notices
  • Comply with law - enforce our terms, respond to valid legal process, and protect rights

4. Google API and Gmail Limited Use

Virev's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

  • We use Gmail send access only to send emails that you compose, schedule, trigger, or test in Virev.
  • We use Gmail read access only when you enable inbox sync, so Virev can show recent replies in your Inbox and campaign timelines.
  • We do not use Google user data for advertising, retargeting, selling data, data-broker services, or credit-worthiness decisions.
  • We do not use Google user data to train, improve, or fine-tune generalized, foundation, or frontier AI models.
  • Humans do not read Gmail message content except with your affirmative request, for security or abuse investigation, to comply with law, or to provide support you request.
  • When you disconnect Gmail or delete your account, we delete or invalidate stored Gmail tokens and retain only records we are legally required or permitted to keep.

5. How We Share Information

We may share information with the following categories of service providers and recipients:

  • Authentication and infrastructure providers, including Clerk, Convex, Vercel, Railway, and Backblaze B2
  • Payment providers, including Stripe
  • Email and messaging providers, including Resend, Google Gmail API, Meta Instagram Graph API, and SMTP providers you connect
  • AI, search, and data infrastructure providers, including OpenAI, Google Gemini, and search/vector systems
  • Analytics, security, and monitoring providers, including PostHog, Sentry, and logging tools
  • Legal, safety, and corporate transaction recipients when necessary to comply with law, protect rights, or complete a merger, acquisition, financing, or asset transfer

We do not sell personal information. We do not share Google user data or customer campaign data with ad networks or data brokers.

6. Retention and Deletion

  • Account data - retained while your account is active and for a limited period after deletion as needed for legal, security, and business records.
  • Campaign and message data - retained until you delete the relevant campaign, message, workspace, or account, subject to backups and legal obligations.
  • Gmail tokens - deleted or invalidated when you disconnect Gmail, revoke access, or delete your account.
  • Public social data cache - refreshed periodically and retained as needed to provide historical trends, reliability, and abuse prevention.
  • Logs - retained for limited periods for security, debugging, reliability, and abuse prevention.
  • Billing records - retained as required by tax, accounting, chargeback, and audit obligations.

You can request deletion by contacting privacy@virev.ai. Some data may remain in backups for a limited time or be retained where required by law, dispute resolution, security, or abuse-prevention needs.

7. Security

We use administrative, technical, and organizational safeguards appropriate to the nature of the data and the risks involved, including:

  • HTTPS/TLS encryption for data in transit
  • Server-side encryption for OAuth and SMTP credentials
  • User and workspace-level authorization checks
  • Operational logging, error monitoring, and abuse-prevention processes

No method of transmission or electronic storage is completely secure. We cannot guarantee absolute security.

8. Cookies and Analytics

We use essential cookies for login, sessions, security, and account features. We also use analytics events and cookies to understand feature usage, performance, and errors. We do not use third-party advertising cookies or sell personal information to advertisers.

9. International Transfers

The Service and our providers may process information in the United States and other countries. If you are outside the United States, your information may be transferred to a country with different data protection laws. Where required, we use appropriate safeguards such as contractual protections, data processing terms, and security controls.

10. Your Rights and Choices

Depending on your location, you may have rights to:

  • Access, correct, or delete personal information
  • Object to or restrict certain processing
  • Receive a portable copy of information you provided
  • Withdraw consent where processing is based on consent
  • Opt out of marketing communications
  • Complain to a privacy or data protection authority

To exercise rights, contact privacy@virev.ai. We may need to verify your identity before fulfilling a request.

11. Children's Privacy

The Service is not directed to children under 18. We do not knowingly collect personal information from children. If you believe a minor has provided information to us, contact us and we will take reasonable steps to delete it.

12. Changes

We may update this Privacy Policy to reflect changes in the Service, law, or our security and privacy practices. We will update the effective date above and provide additional notice when required.

13. Contact

For privacy questions, Google data deletion requests, or account deletion requests, contact privacy@virev.ai.