Privacy policy
Effective May 28, 2026 · Last updated May 28, 2026
This policy explains what data ReviewJalpi collects, how we use it, where it lives, who can see it, and how to control it. We've tried to write it in plain English. If anything is unclear, email info@jalpi.com.
1. Who runs ReviewJalpi
ReviewJalpi is a product of Konceptwise Digital Media Pvt. Ltd. (India) and Konceptwise Inc. (USA). Either entity may act as the data controller depending on where the customer signed up. Office addresses are listed on our contact page.
2. What data we collect
2.1 Account data (you give us)
- Account profile — email address, full name, workspace name, phone number (optional), timezone.
- Billing address — street, city, state, country (used to issue invoices).
- Team membership — invitations you send, roles you assign to teammates.
2.2 Connected-source data (you authorize us to pull)
When you connect a review source (e.g. Google Business Profile, Facebook Pages, Trustpilot), you authorize ReviewJalpi to read review data on your behalf via that platform's OAuth flow. Specifically we pull:
- The reviews themselves — reviewer name (as the platform exposes it), star rating, review text, timestamp.
- The review platform's location / page / account identifier so we can match reviews to your locations.
- Your authorization tokens (encrypted at rest using AES-256) so we can poll for new reviews without asking you to re-authenticate every time.
We only access the scopes you explicitly grant on the OAuth consent screen, and only for the connections you create. We do not pull reviews from accounts you have not connected.
2.3 Usage data (we collect automatically)
- App activity — pages you visit, actions you take (login, send invite, change role, etc.). Used for audit logs visible to your workspace admins and for our security monitoring.
- Technical data — IP address, browser type, timestamps. Used for fraud detection and debugging. We do not sell, share or use this for advertising.
- Widget impressions — when a review widget renders on your customer's site we count it (anonymous counter only, no visitor identification) so we can bill you accurately.
3. How we use your data
- To deliver the service — sync reviews, send notifications, calculate your monthly bill.
- To bill you — usage data flows to our parent platform AccountJalpi (account.jalpi.com) which issues your invoice. We share only the line-item totals and your billing address, never the review contents themselves.
- To communicate — we email you for transactional purposes (invoice ready, payment overdue, password reset, new review notification if you opted in). We don't send marketing emails without opt-in.
- To improve the product — aggregate, anonymized usage trends. We never look at individual review contents to do this.
4. Who we share data with
We share data only with the following, and only as much as is needed to deliver the service:
- AccountJalpi (Konceptwise) — billing + invoicing.
- Authyo (Konceptwise) — login OTP / passkey / SSO.
- Email delivery providers (e.g. SMTP host you configure, or our platform SMTP) — for sending transactional emails.
- The review platforms you connect — when you reply to a review, your reply is sent back to that platform (Google, Facebook, etc.) on your behalf using your authorized OAuth token.
We do not sell, rent, or trade your data. We do not run third-party advertising trackers in the product. We do not share your data with law enforcement except in response to a legally binding request — and where the law allows, we will notify you first.
5. Where your data is stored
ReviewJalpi runs on infrastructure located in India. Backups are encrypted and retained for 30 days. If you delete your workspace, your data is removed from active systems within 14 days; backups age out within the normal 30-day window.
6. How long we keep your data
- While your workspace is active — for as long as you keep the workspace open.
- After you delete the workspace — operational data is removed within 14 days; encrypted backups expire within 30 days.
- Billing records — kept for 7 years to meet Indian and US tax/accounting requirements.
- Audit logs — kept for 24 months for security and dispute resolution.
7. Your rights
You can at any time:
- Access your data — most of it is visible inside the app; for anything else email us.
- Export your data — reviews can be exported to CSV/Excel/PDF from the Reports page.
- Correct your data — edit your profile, workspace details, billing address from Settings.
- Delete your account — email info@jalpi.com from the address on file. We confirm within 7 days.
- Withdraw consent for any connected source — disconnect from the Review Platforms page; the OAuth token is destroyed immediately and we stop pulling reviews from that source.
EU / UK residents have additional rights under GDPR (right to portability, right to object to processing, right to lodge a complaint with a supervisory authority). California residents have similar rights under CCPA. Email info@jalpi.com to exercise any of them.
8. Children
ReviewJalpi is a B2B product not intended for use by anyone under 16. We do not knowingly collect data from minors. If you believe a minor has signed up, email us and we will delete the account.
9. Security
We encrypt OAuth tokens, passwords (hashed with bcrypt), and SMTP credentials at rest. All traffic between you and ReviewJalpi is encrypted in transit (HTTPS / TLS 1.2+). Access to production systems is restricted to a small number of authorized engineers and logged. We run third-party security scans on the codebase. Despite our best efforts, no system is 100% secure; if you discover a vulnerability please report it to info@jalpi.com — we'll respond within 48 hours.
10. Changes to this policy
We may update this policy as the product evolves. Material changes will be announced in-app and by email to every workspace admin at least 14 days before they take effect. Continued use after the effective date constitutes acceptance.
11. Contact
Questions, requests, complaints — email info@jalpi.com. We reply within one business day.